The Challenge

This one is a bit different. No exploits, no reverse engineering. I had to identify phishing emails from real ones. The rules were simple: 30 seconds per email to decide if it’s a scam or not, 3 lives, and 10 email scenarios to get through. Let’s go.

Email 1 - Phishing

First one and already phishing. I looked closely at the link and it was a dead giveaway.

Email 2 - Legit

This one checked out. Nothing suspicious.

Email 3 - Legit

Legit again. Moving on.

Email 4 - Phishing

This one was calling for immediate action and was trying to collect credentials. That combination is almost always a red flag.

Email 5 - Phishing

Same thing here. Immediate action required. Phishing emails love to create urgency to pressure you into clicking without thinking.

Email 6 - Phishing

This one claimed I won a random $2000 refund and was asking for personal info. Classic scam. If something sounds too good to be true, it’s probably scam.

Email 7 - Phishing

This was the sneaky one. Someone was trying to impersonate a real person. Easy to miss if you’re not paying attention. I had to look carefully at the sender details to catch it.

Email 8 - Legit

Legit. No issues here.

Email 9 - Phishing

The link in this one was trying to mimic a real URL. At a quick glance it looked fine but looking closely the domain was slightly off. That’s a classic phishing trick.

Email 10 - Legit

Last one and it’s legit. 10 out of 10, no lives lost.

That was actually a fun one. A good reminder that phishing is not always technical. Sometimes all it takes is a fake link or a sense of urgency to trick someone.