Computing · Year 6

Active learning ideas

Cybersecurity Basics: Phishing and Scams

Active learning works well for cybersecurity basics because students need to practice recognizing real-world threats rather than just hearing about them. Handling sample emails, role-playing calls, and building checklists let students apply their knowledge immediately, which strengthens memory and confidence.

National Curriculum Attainment TargetsKS2: Computing - Online Safety
20–40 minPairs → Whole Class4 activities

Activity 01

Document Mystery35 min · Small Groups

Group Sort: Phishing Email Detective

Print 10 sample emails, half real and half phishing. Small groups sort them into 'safe' or 'threat' piles and note evidence for each choice. Groups share one example with the class for whole-group discussion.

Analyze the characteristics of a phishing email or online scam.

Facilitation TipDuring the Group Sort activity, circulate with a checklist to note which pairs struggle with domain differences like 'support@bankk.com' versus 'support@bank.com'.

What to look forProvide students with three sample email subject lines. Ask them to write 'Safe' or 'Suspicious' next to each and briefly explain their reasoning for at least one 'Suspicious' choice.

AnalyzeEvaluateSelf-ManagementDecision-Making
Generate Complete Lesson

Activity 02

Document Mystery25 min · Pairs

Pairs Role-Play: Scam Call Challenge

Pairs take turns as 'scammer' and 'victim' using scripted phone or chat scenarios. The victim practices safe responses like hanging up or blocking. Switch roles and debrief on effective strategies.

Differentiate between legitimate and suspicious online communications.

Facilitation TipIn the Pairs Role-Play, step in to model how to ask clarifying questions when a 'friend' sends a suspicious link.

What to look forPresent a mock phishing email on the board. Ask students to identify at least three red flags within the email and explain why each is a warning sign.

AnalyzeEvaluateSelf-ManagementDecision-Making
Generate Complete Lesson

Activity 03

Document Mystery40 min · Whole Class

Whole Class: Checklist Builder

Brainstorm phishing red flags on the board. Vote on top five for a class checklist. Students copy it and test against new examples projected on screen.

Construct a checklist for identifying potential online threats.

Facilitation TipFor the Checklist Builder, provide sentence stems such as 'I know a message is fake when...' to scaffold language for students who need it.

What to look forAsk students: 'Imagine a friend received a message saying they won a prize but need to pay a small fee to claim it. What advice would you give them based on what we've learned about scams?'

AnalyzeEvaluateSelf-ManagementDecision-Making
Generate Complete Lesson

Activity 04

Document Mystery20 min · Individual

Individual: Threat Spotter Quiz

Provide screenshots of websites and messages. Students mark suspicious elements with sticky notes and justify choices in writing. Collect for feedback.

Analyze the characteristics of a phishing email or online scam.

What to look forProvide students with three sample email subject lines. Ask them to write 'Safe' or 'Suspicious' next to each and briefly explain their reasoning for at least one 'Suspicious' choice.

AnalyzeEvaluateSelf-ManagementDecision-Making
Generate Complete Lesson

A few notes on teaching this unit

Teachers should focus on concrete examples that mimic real student experiences, such as fake game rewards or social media links from hacked accounts. Avoid lengthy lectures; instead, use guided discovery where students uncover patterns themselves. Research shows that hands-on practice and immediate feedback correct misconceptions faster than warnings alone.

Successful learning shows when students confidently identify phishing traits, explain red flags in their own words, and use checklists independently. They should also demonstrate caution by pausing before clicking or sharing information, explaining their reasoning clearly to peers.

Watch Out for These Misconceptions

  • During Group Sort: Phishing Email Detective, watch for students who assume emails from familiar company names are always safe.

    Use the activity’s sorting cards with subtle domain differences, such as 'service@amazon-delivery.com' versus 'service@amazon.com'. After sorting, have groups justify their choices aloud to highlight the importance of checking sender details.

  • During Pairs Role-Play: Scam Call Challenge, watch for students who assume links from friends on social media are trustworthy.

    Provide role-play scripts where the 'friend' account is hacked and spreading a fake link. During debrief, ask pairs to explain how they verified the message and what questions they asked.

  • During Whole Class: Checklist Builder, watch for students who believe only adults face online scams.

    Include child-targeted examples in the checklist, like fake game rewards or reward-point scams. After building the checklist, discuss why these tactics work on children and how vigilance applies to everyone.

Methods used in this brief

More in The Global Web and Network Infrastructure

Introduction to Networks: Local Connections

Students explore how devices connect in a local area network (LAN) and the basic components involved.

2 methodologies

Data Packets: Breaking Down Information

Students learn how large pieces of data are broken into smaller packets for efficient transmission across networks.

2 methodologies

The Internet: A Global Infrastructure

Students distinguish between the physical infrastructure of the internet (cables, servers) and the World Wide Web.

2 methodologies

The World Wide Web: Clients and Servers

Students explore how web browsers (clients) request information from web servers to display websites.

2 methodologies

URLs and IP Addresses

Students learn about Uniform Resource Locators (URLs) and Internet Protocol (IP) addresses and their roles in locating web resources.

2 methodologies