Hello everyone!

Welcome to the first edition of the Answers HQ Online Security Newsletter!

Following the positive feedback we received during the Answers HQ Cybersecurity Awareness Month survey, we've understood that you would appreciate more content on the topic of online security. Therefore, we're introducing newsletter-style posts. A new issue will be posted every last day of the month.

Similar to this Answers HQ Online Security Newsletter, we'll provide tips for your online safety, challenges, and more.

Anyone who participates in the discussion or takes on the challenge will receive a unique badge that aligns with the theme of the issue.

Now, without further ado, let's dive into this month's issue of the Answers HQ Online Security Newsletter! 

Security focus - Phishing

• What is phishing?

Phishing is a type of social engineering attack aimed at tricking a person into providing sensitive information. This can be done through various methods including text messages (Smishing), voice messages (Vishing), emails, and even through search engines.

• Common methods of phishing

A common strategy used in phishing is to create a sense of urgency, such as sending an email claiming that the recipient's account has been hacked. It's crucial to verify the legitimacy of such messages, for example by checking the links to ensure they redirect to official sites.

• Misleading links

False hyperlinks are another method used for phishing. Even if the text of a hyperlink includes a familiar brand or company name, it may not actually link to the official site. The best way to verify it is to hover over the link to confirm the URL before clicking.

• Imitating legitimacy

Phishers may also impersonate legitimate companies or individuals to appear more authentic. No legitimate organization will ask for passwords or sensitive account information through email or other communication channels.

• How to avoid phishing

To avoid phishing attacks, log in only to official sites, inspect hyperlinks in emails, watch out for redirection URLs, and remember that official representatives of companies will not ask for your account password.

Info Hub

• TryHackMe

(TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!)

• How to avoid phishing

Challenge

Maze challenge


(Challange works best of it is viewed from PC browser)

Bob needs your help! He has faced a challenge where he has to retrieve a code by answering the questions and noting down the number next to it. Check the challenge rules for more details.

Challenge rules:

• Your task is to retrieve 9 digit code
• You can get the code by answering the questions and writing down the number which is next to the correct statement
• The number you written down is also the number of the next question you need to proceed to. 
• Numbers cannot repeat
  if you have already 9 digits and next number is duplicated it means that you have all necessary digits 
  if you dont have 9 numbers and number is duplicated the code is incorrect, and you have to start over again
• Submit the answer by replying in this thread (use spoilers) 

Offers for free in-game content or cheats from third-party websites are usually legitimate and safe to accept. (9 True / False 3 )

1. Phishing is a type of social engineering attack where the attacker tricks the victim into providing sensitive information. (3 True / False 5 )
   
   

   ---

2. A common phishing tactic is creating a sense of urgency, such as claiming that the recipient's account has been hacked. (6 True / False 4)
   
   

   ---

3. Phishing attacks are only carried out via email. (8 True / False 7)
   
   

   ---

4. It is a good practice to verify the URL of a hyperlink before clicking on it to avoid phishing scams. (8 True / False 3)
   
   

   ---

5. Legitimate companies will ask for your password through email for verification purposes. (9 True / False 2)
   
   

   ---

6. Phishers may impersonate legitimate companies or individuals to gain trust and seem more credible. (9 True / False 7)
   
   

   ---

7. Hyperlinks in phishing emails always directly display the malicious site they link to. (2 True / False 4)
   
   

   ---

8. If an email claims to be from a legitimate company and asks for your account information, it is most likely a phishing attempt. (5 True / False 1)
   
   

   ---

9. Logging in to official sites, inspecting email hyperlinks, and not sharing passwords are some of the ways to protect from phishing attacks. (1 True / False 6)
   
   

   ---