Computing · Year 7

Active learning ideas

Cybersecurity Threats: Phishing & Malware

Active learning works well for cybersecurity because students must develop instinctive recognition of subtle cues in emails and messages. Role-plays and simulations mirror real-world urgency, building habits that static lessons cannot. When students handle mock threats directly, they internalize safe practices instead of just memorizing definitions.

National Curriculum Attainment TargetsKS3: Computing - Online SafetyKS3: Computing - Cybersecurity
30–45 minPairs → Whole Class4 activities

Activity 01

Stations Rotation45 min · Small Groups

Stations Rotation: Threat Identification Stations

Prepare four stations with sample phishing emails, malware descriptions, hacker motivation articles, and defence checklists. Students rotate every 10 minutes, annotating examples and discussing traits in their groups. End with a class share-out of key findings.

Explain why hackers target individuals rather than just large corporations.

Facilitation TipDuring Threat Identification Stations, circulate with a checklist of common phishing signs so students practice using the same criteria experts rely on.

What to look forProvide students with three short scenarios describing online interactions. Ask them to identify which scenario represents a phishing attempt, explain why, and suggest one action they would take to stay safe.

RememberUnderstandApplyAnalyzeSelf-ManagementRelationship Skills
Generate Complete Lesson

Activity 02

Escape Room30 min · Pairs

Pairs: Phishing Email Dissection

Provide pairs with three emails: one real phishing, one safe, one borderline. Pairs highlight red flags like poor grammar or urgent demands, then justify classifications. Pairs present one email to the class for peer vote.

Analyze the common characteristics of a phishing attempt.

Facilitation TipWhile students dissect phishing emails in pairs, listen for them to justify their choices using evidence from the message headers or links.

What to look forPose the question: 'Why might a hacker be more interested in stealing your social media password than a large bank's entire customer database?' Facilitate a class discussion, guiding students to consider the value of individual data and the ease of targeting less protected users.

RememberApplyAnalyzeRelationship SkillsSelf-Management
Generate Complete Lesson

Activity 03

Escape Room40 min · Whole Class

Whole Class: Malware Simulation Game

Use a digital tool or board game where malware spreads across a network of student 'devices.' Students vote on actions like updating software to contain it. Debrief on real-world impacts and prevention.

Differentiate between various types of malware and their impact.

Facilitation TipIn the Malware Simulation Game, step back after the first round to let groups self-correct rather than correcting them immediately.

What to look forPresent students with a mock email that contains common phishing indicators (e.g., urgent tone, generic greeting, suspicious link). Ask them to highlight at least two red flags and explain what makes them suspicious.

RememberApplyAnalyzeRelationship SkillsSelf-Management
Generate Complete Lesson

Activity 04

Escape Room35 min · Individual

Individual: Defence Strategy Posters

Students research one defence method, such as recognising phishing or using antivirus. They create posters with steps and examples, then gallery walk to peer-review and add feedback.

Explain why hackers target individuals rather than just large corporations.

Facilitation TipDuring the Defence Strategy Poster task, remind students to include both technical fixes and personal habits in their designs.

What to look forProvide students with three short scenarios describing online interactions. Ask them to identify which scenario represents a phishing attempt, explain why, and suggest one action they would take to stay safe.

RememberApplyAnalyzeRelationship SkillsSelf-Management
Generate Complete Lesson

A few notes on teaching this unit

Teachers should avoid presenting cybersecurity as a set of rules to memorize. Instead, treat it as a skill to rehearse under pressure, much like fire drills. Research shows that students retain more when they experience near-miss scenarios and reflect on their close calls. Always connect lessons back to real consequences so the topic feels urgent rather than abstract.

Successful learning shows when students confidently identify phishing red flags in unfamiliar messages and explain why layered defences beat single tools. They should articulate hacker motives and adjust their own online behaviour without prompting. Posters, discussions, and exit tickets reveal this understanding clearly.

Watch Out for These Misconceptions

  • During Station Rotation: Threat Identification Stations, watch for students assuming phishing emails always come from unknown senders.

    Use the station’s mixed set of mock emails, some from familiar names like teachers or banks, to show how hackers exploit trust. Have students rank messages by believability before revealing which are fake.

  • During Malware Simulation Game, watch for students believing antivirus software will catch every threat.

    After the simulation, display mock scan results that miss new malware variants. Ask groups to explain why their layered habits—like checking file types—matters when tools fail.

  • During Pairs: Phishing Email Dissection, watch for students assuming hackers only target big organisations.

    Share real case studies of individual victims during the discussion. Ask pairs to map motives to impacts, showing how stolen social media details fuel broader fraud.

Methods used in this brief

More in Impacts and Digital Literacy

Introduction to Digital Citizenship

Students will explore what it means to be a responsible digital citizen and the importance of online etiquette.

2 methodologies

Online Etiquette and Netiquette

Students will learn about appropriate communication and behaviour in various online environments, including social media and forums.

2 methodologies

The Digital Footprint: Data Collection

Exploring how personal data is collected and the long term consequences of an online presence.

3 methodologies

Privacy Settings and Online Identity

Students will learn to manage privacy settings on various platforms and understand how their online identity is constructed.

2 methodologies

Cyberbullying and Online Harassment

Understanding the forms of cyberbullying, its impact, and strategies for prevention and response.

3 methodologies