Computing · Secondary 3

Active learning ideas

Verifying Online Identity and Trust

Active learning works because verifying online identity demands practical judgment, not just memorization. Students need to test their skills in realistic situations to build lasting caution and critical habits. Hands-on activities make abstract security concepts concrete and memorable for teenagers navigating digital spaces daily.

MOE Syllabus OutcomesMOE: Cybersecurity - S3
25–45 minPairs → Whole Class4 activities

Activity 01

Outdoor Investigation Session30 min · Pairs

Browser Hunt: Secure Site Check

Provide students with a list of 10 websites, some secure and some not. In pairs, they open each in browsers, note HTTPS status and padlock icons, then verify URLs. Pairs report findings and justify security ratings to the class.

Explain the significance of 'HTTPS' and the padlock icon in a web browser.

Facilitation TipDuring Browser Hunt: Secure Site Check, have students work in pairs to compare results and argue their findings before revealing the answer key to encourage discussion.

What to look forPresent students with screenshots of several website homepages, some secure and some not. Ask them to circle the security indicators (or lack thereof) and label each website as 'Secure' or 'Potentially Unsafe'.

RememberUnderstandAnalyzeSocial AwarenessSelf-AwarenessDecision-Making
Generate Complete Lesson

Activity 02

Outdoor Investigation Session45 min · Small Groups

Phishing Simulation Stations

Set up stations with printed fake emails and websites. Small groups rotate, identifying red flags like urgent language or odd URLs, then check for HTTPS using mock browsers. Groups create posters summarizing verification steps.

Describe how to check if a website is secure before entering personal information.

Facilitation TipFor Phishing Simulation Stations, assign roles so some students play scammers to heighten awareness of manipulative tactics.

What to look forPose the question: 'Imagine you receive an email asking you to click a link to update your bank account details. What steps would you take to verify the website's legitimacy before entering any information?' Facilitate a class discussion where students share their verification strategies.

RememberUnderstandAnalyzeSocial AwarenessSelf-AwarenessDecision-Making
Generate Complete Lesson

Activity 03

Outdoor Investigation Session40 min · Small Groups

Source Verification Debate

Divide class into teams with controversial online articles. Teams verify sources by checking HTTPS, author credentials, and cross-references. Hold a debate on trustworthiness, voting with evidence.

Analyze the risks of interacting with unverified or suspicious online sources.

Facilitation TipIn Source Verification Debate, limit each side to two strong arguments to keep focus on evidence rather than overwhelming debate.

What to look forOn a small slip of paper, ask students to write down two key differences between a secure website and an insecure one, and one risk associated with interacting with an unverified online source.

RememberUnderstandAnalyzeSocial AwarenessSelf-AwarenessDecision-Making
Generate Complete Lesson

Activity 04

Outdoor Investigation Session25 min · Individual

Personal Audit Challenge

Students individually audit their favorite sites for security features. They screenshot indicators and note risks, then share one improvement in a whole-class gallery walk.

Explain the significance of 'HTTPS' and the padlock icon in a web browser.

Facilitation TipDuring Personal Audit Challenge, ask students to explain one verification step aloud as they work to reinforce metacognition.

What to look forPresent students with screenshots of several website homepages, some secure and some not. Ask them to circle the security indicators (or lack thereof) and label each website as 'Secure' or 'Potentially Unsafe'.

RememberUnderstandAnalyzeSocial AwarenessSelf-AwarenessDecision-Making
Generate Complete Lesson

A few notes on teaching this unit

Teach verification as a process, not a single check. Research shows that students trust visual cues too quickly, so teachers should model skepticism even with familiar sites. Avoid presenting HTTPS and padlocks as guarantees; instead, frame them as necessary but insufficient proofs. Use real-world examples, like a bank’s actual URL versus a spoofed version, to anchor lessons in students’ lived experiences.

Successful learning shows when students confidently identify secure sites, question suspicious links, and explain verification steps to peers. They should transfer these skills to personal decisions, like noticing subtle URL tricks or insisting on source checks before sharing details online.

Watch Out for These Misconceptions

  • During Browser Hunt: Secure Site Check, watch for students assuming that every padlock icon means a website is trustworthy.

    Use the mixed-site audit list to have students compare URLs and domains side by side. Point out how scammers obtain certificates for fake sites, then ask groups to present one fake site they spotted and how they knew.

  • During Phishing Simulation Stations, watch for students believing that HTTPS alone prevents data theft.

    Include two 'secure' fake sites in the simulations. After the activity, facilitate a debrief where students explain why HTTPS did not protect them from phishing, linking it to the limits of encryption.

  • During Browser Hunt: Secure Site Check, watch for students trusting sites simply because the name looks familiar.

    Add typo-squatting examples to the audit list, like 'Amaz0n-delivery.com.' Have students type each URL manually to notice subtle misspellings before discussing how these tricks manipulate trust.

Methods used in this brief

More in Cybersecurity and Defense

Introduction to Cybersecurity

Students will understand the importance of cybersecurity and common terms like threats, vulnerabilities, and risks.

2 methodologies

Malware: Viruses, Worms, and Trojans

Students will learn about different types of malicious software, their characteristics, and how they spread.

2 methodologies

Phishing and Social Engineering

Students will investigate social engineering tactics, particularly phishing, and learn to identify and avoid them.

2 methodologies

Online Scams and Fraud

Students will learn about various online scams (e.g., fake giveaways, tech support scams) and strategies to protect themselves from financial and personal harm.

2 methodologies

Protecting Data with Encryption (Basic Concept)

Students will understand the basic idea of encryption as a way to scramble data to protect its privacy and security, without delving into specific methods.

2 methodologies