Can you spot a phish? Play Carnegie Mellon's game and see

Scientists at Carnegie Mellon University have developed an online game designed to teach Internet users about the dangers of phishing.

Featuring a cartoon fish named Phil, the game, called Anti-Phishing Phil, has been tested in CMU’s Privacy and Security Laboratory. Officials with the lab say users who spent 15 minutes playing the interactive, online game were better able to discern fraudulent Web sites than those who simply read tutorials about the threat.

The game focuses on teaching Internet users how to tell the URL of a fraudulent site from a legitimate one, officials say. It offers tips such as examining URLs for misspellings of popular sites, dissecting a Web address to understand where it’s pointing to, and using Google to validate a URL against search results. (This reporter played the game, scoring 8 out of 8 in the first round, 6 out of 8 in the second round, and not enough correct answers in the third round to move up.)

The lab has now decided to open up the game for broader testing. Visitors to the site who click on “play the game” are given a short quiz, play the game, and then take another quiz, officials say. Visitors who submit their e-mail addresses and take a follow-up quiz the next week are entered in a raffle to win a $100 Amazon.com gift card.