Cybersecurity Basics: Phishing and ScamsActivities & Teaching Strategies
Active learning works well for cybersecurity basics because students need to practice recognizing real-world threats rather than just hearing about them. Handling sample emails, role-playing calls, and building checklists let students apply their knowledge immediately, which strengthens memory and confidence.
Learning Objectives
- 1Analyze the common features of phishing emails and online scams, such as urgent language, suspicious links, and unexpected attachments.
- 2Differentiate between legitimate online communications and fraudulent attempts to obtain personal information.
- 3Create a personal checklist of at least five criteria to evaluate the safety of an online message or request.
- 4Explain the potential consequences of falling victim to online scams, including identity theft and financial loss.
Want a complete lesson plan with these objectives? Generate a Mission →
Group Sort: Phishing Email Detective
Print 10 sample emails, half real and half phishing. Small groups sort them into 'safe' or 'threat' piles and note evidence for each choice. Groups share one example with the class for whole-group discussion.
Prepare & details
Analyze the characteristics of a phishing email or online scam.
Facilitation Tip: During the Group Sort activity, circulate with a checklist to note which pairs struggle with domain differences like 'support@bankk.com' versus 'support@bank.com'.
Setup: Groups at tables with document sets
Materials: Document packet (5-8 sources), Analysis worksheet, Theory-building template
Pairs Role-Play: Scam Call Challenge
Pairs take turns as 'scammer' and 'victim' using scripted phone or chat scenarios. The victim practices safe responses like hanging up or blocking. Switch roles and debrief on effective strategies.
Prepare & details
Differentiate between legitimate and suspicious online communications.
Facilitation Tip: In the Pairs Role-Play, step in to model how to ask clarifying questions when a 'friend' sends a suspicious link.
Setup: Groups at tables with document sets
Materials: Document packet (5-8 sources), Analysis worksheet, Theory-building template
Whole Class: Checklist Builder
Brainstorm phishing red flags on the board. Vote on top five for a class checklist. Students copy it and test against new examples projected on screen.
Prepare & details
Construct a checklist for identifying potential online threats.
Facilitation Tip: For the Checklist Builder, provide sentence stems such as 'I know a message is fake when...' to scaffold language for students who need it.
Setup: Groups at tables with document sets
Materials: Document packet (5-8 sources), Analysis worksheet, Theory-building template
Individual: Threat Spotter Quiz
Provide screenshots of websites and messages. Students mark suspicious elements with sticky notes and justify choices in writing. Collect for feedback.
Prepare & details
Analyze the characteristics of a phishing email or online scam.
Setup: Groups at tables with document sets
Materials: Document packet (5-8 sources), Analysis worksheet, Theory-building template
Teaching This Topic
Teachers should focus on concrete examples that mimic real student experiences, such as fake game rewards or social media links from hacked accounts. Avoid lengthy lectures; instead, use guided discovery where students uncover patterns themselves. Research shows that hands-on practice and immediate feedback correct misconceptions faster than warnings alone.
What to Expect
Successful learning shows when students confidently identify phishing traits, explain red flags in their own words, and use checklists independently. They should also demonstrate caution by pausing before clicking or sharing information, explaining their reasoning clearly to peers.
These activities are a starting point. A full mission is the experience.
- Complete facilitation script with teacher dialogue
- Printable student materials, ready for class
- Differentiation strategies for every learner
Watch Out for These Misconceptions
Common MisconceptionDuring Group Sort: Phishing Email Detective, watch for students who assume emails from familiar company names are always safe.
What to Teach Instead
Use the activity’s sorting cards with subtle domain differences, such as 'service@amazon-delivery.com' versus 'service@amazon.com'. After sorting, have groups justify their choices aloud to highlight the importance of checking sender details.
Common MisconceptionDuring Pairs Role-Play: Scam Call Challenge, watch for students who assume links from friends on social media are trustworthy.
What to Teach Instead
Provide role-play scripts where the 'friend' account is hacked and spreading a fake link. During debrief, ask pairs to explain how they verified the message and what questions they asked.
Common MisconceptionDuring Whole Class: Checklist Builder, watch for students who believe only adults face online scams.
What to Teach Instead
Include child-targeted examples in the checklist, like fake game rewards or reward-point scams. After building the checklist, discuss why these tactics work on children and how vigilance applies to everyone.
Assessment Ideas
After Group Sort: Phishing Email Detective, provide three sample email subject lines. Ask students to mark each as 'Safe' or 'Suspicious' and explain their reasoning for at least one suspicious choice.
During Whole Class: Checklist Builder, present a mock phishing email on the board. Ask students to identify at least three red flags and explain why each is a warning sign.
After Pairs Role-Play: Scam Call Challenge, ask students: 'Imagine a friend received a message saying they won a prize but need to pay a small fee to claim it. What advice would you give them based on our checklist?'
Extensions & Scaffolding
- Challenge: Ask students to design a phishing email that looks real but contains subtle red flags for peers to spot.
- Scaffolding: Provide a partially completed checklist with missing steps for students to fill in during the Checklist Builder activity.
- Deeper: Compare phishing tactics across different platforms like email, social media, and gaming chats to identify universal warning signs.
Key Vocabulary
| Phishing | A type of online scam where criminals impersonate legitimate organizations or individuals to trick people into revealing sensitive information, like passwords or credit card numbers. |
| Scam | A dishonest scheme, often online, designed to trick people out of money or personal data. Phishing is a specific type of scam. |
| Suspicious Link | A web address in an email or message that looks unusual, may be misspelled, or leads to a website different from what is expected, often designed to steal information. |
| Personal Information | Details about yourself that should be kept private, such as your full name, address, date of birth, passwords, and bank account details. |
| Two-Factor Authentication | An extra layer of security for online accounts that requires two different pieces of evidence to verify your identity, like a password and a code sent to your phone. |
Suggested Methodologies
More in The Global Web and Network Infrastructure
Introduction to Networks: Local Connections
Students explore how devices connect in a local area network (LAN) and the basic components involved.
2 methodologies
Data Packets: Breaking Down Information
Students learn how large pieces of data are broken into smaller packets for efficient transmission across networks.
2 methodologies
The Internet: A Global Infrastructure
Students distinguish between the physical infrastructure of the internet (cables, servers) and the World Wide Web.
2 methodologies
The World Wide Web: Clients and Servers
Students explore how web browsers (clients) request information from web servers to display websites.
2 methodologies
URLs and IP Addresses
Students learn about Uniform Resource Locators (URLs) and Internet Protocol (IP) addresses and their roles in locating web resources.
2 methodologies
Ready to teach Cybersecurity Basics: Phishing and Scams?
Generate a full mission with everything you need
Generate a Mission