Email & Identity Security

This quiz is designed to test and strengthen your understanding of the email and identity security risks you may encounter in your daily work. Each question presents a realistic scenario, including suspicious emails, unexpected authentication prompts, potential phishing attempts, account‑related warnings, and situations where your identity or login details could be targeted. You will be asked to choose the safest and most appropriate response in each case.

The goal of this exercise is to help you recognise modern email threats, protect your identity, and apply the best practices that keep both you and the organisation safe. By working through these examples, you will build stronger awareness of how attackers attempt to gain access and reinforce the habits that support a secure working environment.

Make your attempt count, there’s only one chance to pass this quiz.

By continuing, you agree that System Force can use your details to send you your quiz results by email.

What is "Consent Phishing"?

A malcious application which asks for the user to provide permissions

Acquiring sensitive information via phone call

A fake login page which steals passwords

Guessing passwords with an automated tool

Why are spoofed/compromised business email attacks effective?

Attackers send large quantities of emails

Emails are sent from random addresses

The emails contain obvious requests for login details

Emails appear to be from legitimate sources

What is the best method to keep your passwords secure?

Using passwords that follow a memorable pattern unique to you

Creating passwords that mix symbols and numbers with familiar phrases

Using a randomly generated password, stored in a password manager

Reusing a strong password across trustworthy accounts

What is the biggest benefit of Multi‑Factor Authentication (MFA)?

It prevents leaking of passwords

It removes the need for a password

Ensures credentials expire when they should

Adds a second layer of verification, which is harder to leak.

You realise you have clicked a suspicious link, what should you do?

Restart your device

Close the page immediately and report the incident to IT

Delete your browser history

Block the sender

You receive an email relating to your login. What could be a sign that it is fraudulent?

The link contains a domain similar but not identical to your organisation

It claims your session expired earlier than expected

The email contains a reference to recent changes made by your IT company

The email uses language that is concise and technical but may be difficult to understand

What is the most important detail to check when inspecting a potentially suspicious link?

Whether the domain ending is familiar to you

Whether the font size matches the rest of the email

If the URL matches what the email says it leads to

If the link uses HTTP rather than HTTPS

What could be an indication of credential stuffing?

Personalised emails from a fake account pretending to be your manager

A large volume of login attempts

A malicious link which redirects to a fraudulent page

A link to a fake password reset page

How might you tell that an email is a phishing attempt?

The subject of the email refers to a project you are working on

The company logo on the email is smaller than expected

The email has spelling or grammatical issues, despite saying it is from a company you are familiar with

The email asks you to update your preferences

You have received an email you believe is suspicious, how should it be handled?

Ignore it

Forward the email to your IT company

Open the email to confirm your suspicions

Report the email to your IT company, and then delete it

How could you tell that an email attachment may be malicious?

An unusual or unexpected file format

The attachement size is different to what you might expect

File name is longer than expected

The file icon looks unusual

Which of the following would be a good habit to keep your accounts secure?

Using the same sign in details for multiple accounts

Only updating your passwords when you have to

Sharing passwords with friends and family

Removing third party apps you havent used in a long time

Why should you avoid using your personal email for work related communications?

The file structure of your personal account is different

Personal accounts have a different colour theme

Your company's security policies and monitoring will not be applied

Personal mailboxes are less likely to receive promotional emails

How confident do you feel in your ability to identify and respond to cyber threats after attending this webinar?

Any additional feedback you would like to make us aware of?

Which part of the training did you find most valuable for improving your cyber resiliency skills, and why?

What additional topics would you like to see covered in future cyber resiliency sessions?

Exit