Puzzle 4: Of Puns and Phishing Methods - Headlesser/PasswordsPleasev2 GitHub Wiki
This is the third security question puzzle.
Planned Progression
- Player has logged into the computer and finds themselves faced with a password storage account that is locked behind three security questions.
- This puzzle is focused mainly on providing players with some definitions and topics to think about, presented in a comedic way. Various aspects of phishing and common techniques used by phishers are explored here and identified to the player.
Puzzle 4
- Question 3: What is your favorite novel?
- Player explores the room. There are a multitude of posters, brochures, and other images showing different kinds of activities around the office.
- Each poster depicts a different pun interpretation of a type of phishing attack.
- Upon clicking them, Wolfrid monologues about the specific kind of attack the poster reminds him of.
- There are 5 different posters, each showing a visual of a different kind of phishing ('vishing', 'smishing', email/clone phishing, whaling, and spear phishing).
- The player must click on the poster with a whale on it and be explained what 'whaling' is.
- This poster contains half of the clue to the user's 'favorite novel'.
- The poster depicts a whale breaching, but it has been torn in half, with half of the text missing (a play on 'Moby Dick').
- The player must click on the poster with a man in a boat holding a harpoon. It is torn along the edge.
- This poster contains half of the clue for the user's 'favorite novel'.
- Combining the text of both posters yields the title of the novel
- The answer to question 3 is 'Goby Mick'.
- Player enters the phrase Goby Mick into the computer, security question 3 is completed.
Required Art Assets
- Whale Poster
- Spearfishing Poster
- Email Poster
- Vishing Poster
- Smishing Poster