Competency: Online Safety
Phishing
Core Concepts
Phishing: Occurs with electronic communication such as email, websites, or text messaging. It is when someone pretends to be someone or something they are not to acquire your
passwords, credit card or bank account information, or other personal information.
Spam: Irrelevant or inappropriate messages sent on the Internet to a large number of
recipients.
Identity theft: When a person acquires and then uses your name (and address, Social
Insurance Number) in order to apply for a credit card in your name, purchase products in your
name, etc.
Lesson:
Learning intentions:
● You can analyze a fraudulent email or message.
● You will understand the common type of email, social media, and SMS fraud known as “phishing” by reading and discussing the article, “Hacker Lexicon: What Are Phishing and Spear Phishing?”
Success Criteria:
● I can discuss the indicators of phishing scams
● I can create a message and storyboard for a public service announcement
directed at teens that demonstrates my understanding of phishing.
Resources
○ Classroom blackboard
○ Copies of “Hacker Lexicon: What Are Phishing and Spear Phishing?”
http://www.wired.com/2015/04/hackerlexiconspearphishing/ (one per
student)
○ Poster board or large pieces of paper for storyboarding
○ Markers and coloured pencils (enough for groups to share)
○ Copies of Ebay scam:
http://www.snopes.com/inboxer/scams/phishing/ebay.asp
Hook: Hand out copies of the Ebay scam email.
○ Ask students the following, “If you received this message in your email, what would you do with it? Would you be more inclined to act if you are a regular
user of eBay? What does the URL (link address) tell you about the origin of this
message? Do you think it’s real? Why or why not?”
○ After discussion, inform the students that the email is indeed a scam despite
the eBay email address. The link connects with a counterfeit eBay “Security
Update” form which asks for various personal information.
Play the video, “The Internet’s Most Wanted: The Phisherman.” (1 minute)
https://www.youtube.com/watch?v=U_fsC61OXd4&spfreload=10
Have students read, “Hacker Lexicon: What Are Phishing and Spear Phishing?” by Kim Zetter
Divide students into groups of four. Explain to the groups that they will be responsible for creating a public service announcement to help prevent this type of fraud. The PSA should tips for avoiding becoming a victim.
Each group will create a storyboard of their PSA. The PSA should address the
following.
For this target audience, what is the important “take home” message you have
to tell about avoiding this type of fraud? State this “message concept” in one
sentence.
Design a setting, and populate it with characters and a scenario (drawn from an example of this type of fraud) that dramatizes your “take home” message.
Reconvene students to discuss their PSAs. They should explain why they chose that particular “take home” message and how it is dramatized in their PSA.
Extension Activity:
Watch the following TED talk about phishing
TED talk: The sophistication of phishing (18 minutes)
https://embed.ted.com/talks/james_lyne_everyday_cybercrime_and_what_you_can_do_about_it
Have students discuss the importance of protecting yourself from phishing.
Sources:
http://learning.blogs.nytimes.com/2004/03/25/phishingtales/: Clayton DeKorne, The New York Times Learning Network; Yasmin Chin Eisenhauer, The Bank Street College of Education in New York City http://www.tdbank.com/wowzone/lessons/Gr912Lesson10.pdf:
TD Bank
http://www.nytimes.com/2011/06/03/technology/03hack.html
http://www.wired.com/2015/04/hackerlexiconspearphishing/