Cyber Science Lesson Plan: How to Identify a Phish

Lesson Overview

Grade Level/Audience: This lesson plan is intended for young adults and adult learners, but is applicable to anyone who uses the internet.

Subject: This lesson plan focuses on what Phishing is and how to lower the risk of falling for a Phishing scheme.

Time Frame: This lesson should take no longer than one hour and fifteen minutes.

Content Standards: N/A

Technology Standards:

• ISTE 2: Digital Citizen – Students recognize the rights, responsibilities and opportunities of living, learning and working in an interconnected digital world, and they act and model in ways that are safe, legal and ethical.
• ISTE 5: Students develop and employ strategies for understanding and solving problems in ways that leverage the power of technological methods to develop and test solutions.
• ISTE 7: Global Collaborator – Students use digital tools to broaden their perspectives and enrich their learning by collaborating with others and working effectively in teams locally and globally.

Objectives:

1. Given the first video and the Definition Activity, the learner will be able to define Phishing.
2. By examining the data provided on the Norse Cyber Attack Map and the information displayed in the Phishing Detective App, the learner will understand where Phishing is most likely to occur and who is most likely to be affected.
3. After completing the research activity, the learner will be able to demonstrate steps that can be taken to reduce risks of Phishing.
4. Given all of the activities in the course, the learner will be able to pass a quiz with a score of 100% where they must correctly identify Phishing attempts.

Description of Technologies Used:

• Static Technologies: (Free)
  • YouTube Videos and Web Articles about Phishing and Phishing Prevention
    • These videos and articles will be used to give background and detailed information about what Phishing is and how to prevent attacks.
  • Norse Cyber Attacks Map http://map.norsecorp.com/#/
    • This cyber map is an active web application that displays current cyber attacks being placed all over the world. Viewing this map will give learners ideas about how frequent attacks are made and where attacks are usually concentrated.
• Online Collaboration Tool: (Free)
  • PollEverywhere https://www.polleverywhere.com/
    • This free, interactive polling toll can be set up quickly. The instructor can display poll questions and students can submit responses and the class can immediately view results. Students submit responses by texting their answers in via cell phone.
• Mobile App: (Free)
  • Phishing Detective App https://play.google.com/store/apps/details?id=com.rsoftr.android.phishingdetectiveads&hl=en_US
    • This mobile application displays current reports of Phishing attacks and which websites or applications were affected. The premium version (paid subscription) also gives examples and details about what the phishing attempt looked like. The premium version is not required for this course.

Support Materials and Resources:

• Laptop with internet access (ability to access a web browser)
• Smart phone or tablet with internet access and texting capability
• Flip chart/white board/ poster board or paper and marker
• Classroom projector

Lesson Description

This lesson can be done individually or as a class, however, this lesson plan is written in the format that the lesson would be completed in a classroom environment whether it is online or in person. If this lesson is being completed online have class discussions be completed in discussion boards and all group activities be posted in a separate discussion board by one group member.

Instructor Pre-work: 30 mins

• Before starting the lesson, create an account on Poll Everywhere. The basic accounts are free. https://www.polleverywhere.com/
• Create a poll with an accompanying presentation using the examples on this website. https://www.edts.com/edts-blog/15-examples-of-phishing-emails-from-2016-2017
• Use five of the examples to create your presentation.
• Do not indicate whether the example is a phish or not. This will be used for the quiz later.

Warm Up Activity: (Objective 1) 10 mins

Video – Project the video by the UK Parliment’s Cyber Security Awareness Campaign

(Fun Fact: November is Cybersecurity Awareness Month)

Next, ask the class to discuss the video. Have them answer the following questions:

Class Discussion 1:

1. What do you think is happening in this video?
2. What kind of cyber attack is being represented in the video?
3. What about the attacker’s strategy enabled him to be successful in obtaining the password to the castle?

The castle represents a place with information that someone wants. This could be your email account, computer, an account on an app on your mobile phone, or your mobile phone itself. The type of attack demonstrated in this video where the attacker obtains access to the information given by the unknowing victim, is called Phishing.

Definition Activity: 10 mins

In groups of two, for 5 minutes, have the students decide on a definition, in their own words, for Phishing.

For the remaining 5 minutes have each group present their definition in an open discussion.

Display the following website and read the published definition of Phishing: http://www.phishing.org/what-is-phishing

Understand the Importance: (Objective 2) 20 mins

Ask students to go to the following link: http://map.norsecorp.com/#/

This map shows live cyber attacks, of which, many are phishing. Spend 2 minutes viewing the map.

Class Discussion 2: In an open discussion ask the class the following questions (3 mins per question)

1. Have you ever been a victim of a cyber attack like a Phish?
2. Is there anything you notice about where cyber attacks are concentrated on the map? Why do you think that is? (Notice that many cyber attacks are targeting financial centers, large metropolitan areas, and other areas that have high technology usage.)

Have the class download Phishing Detective App (for Apple or Andriod – the Google Play link is provided below)

https://play.google.com/store/apps/details?id=com.rsoftr.android.phishingdetectiveads&hl=en_US

10 mins – Have students in groups of 4 scroll through the displayed in the app and ask them to discuss in groups why they think certain websites have more or less phishing attempts.

Research: (Objective 3) 10 mins

In groups of 2-4 have students research ways they can stay cyber safe by increasing their Cyber Hygiene practices. Ask them to discover ways to reduce the risk of Phishing attacks. Have them write at least 5 ways to do this on a flip chart, white board, or poster board.

Students should come up with ideas similar to the tips found on this page: http://www.phishing.org/10-ways-to-avoid-phishing-scams

Present: (Objective 3) 10 mins

In the same groups of 2-4 have students present their findings from the Research Activity above to the class.

Quiz: (Objective 4) 10 mins

Have everyone sign into your Poll Everywhere poll. Set up the accompanying presentation and have students respond True or False to whether or not each example is a Phish. All students should get 100% of the answers correct to pass the course. The quiz should consist of 5 questions.

Review: 5 mins

Finish the lesson by displaying the video below which is a good overview of what Phishing is and how to combat against it. Remind students about the supplementary resources available to them. Open the floor to questions if time allows.

 

Supplementary Resources:

1. Good Cyber Hygiene – Norton
   1. https://us.norton.com/internetsecurity-how-to-good-cyber-hygiene.html
2. Phishing: What is Phishing – Phishing.org
   1. http://www.phishing.org/what-is-phishing
3. Cyber Hygiene: The Basics (For Businesses) – Forbes
   1. https://www.forbes.com/sites/forbestechcouncil/2018/08/31/cyber-%E2%80%8B%E2%80%8Bhygiene-the-basic-ingredients-for-a-cyber-protection-program/#3e39b7787c4b
4. Phishing Simulators (For Businesses) – Information Security Institute
   1. https://resources.infosecinstitute.com/top-9-free-phishing-simulators/#gref