0of15read0 XP
Cyber-aware behaviors: phishing, social engineering, scams
Name the four common scam types (phishing, smishing, vishing, business email compromise) by their delivery channel and recognize the traits that make modern phishing hard to spot even for careful people. [^2][^3]
- Time
- 20–25 min
- Type
- exercise
- Bloom
- Apply → Create
- XP
- 100
Architecture diagram for Cyber-aware behaviors: phishing, social engineering, scams. The 6-step NCSC Cyber Aware action plan as a vertical decision tree with branching paths. Each step should be a rectangular node with clear labels: (1) Use strong passwords, (2) Turn on two-factor authentication, (3) Update devices and software, (4) Backup data, (5) Recognize phishing attempts, (6) Report incidents. Connect nodes with directional arrows flowing downward. Include small warning icons (shield, lock, alert triangle) next to critical steps. Add a parallel column on the right showing common threat types (phishing email, SMS message, phone call, fake executive request) that each step helps mitigate. Use blue for protective actions, red for threats, and green for successful outcomes. Layout should be clean and hierarchical with sufficient white space between elements.
You'll be able to
- Name the four common scam types (phishing, smishing, vishing, business email compromise) by their delivery channel and recognize the traits that make modern phishing hard to spot even for careful people. [^2][^3]
- Check a suspicious email, text, or phone call for the documented warning signs: urgency, a sender address that does not match, mismatched or disguised links, and unexpected requests for credentials, payments, or personal data. [^1][^3]
- Apply a verify-before-you-act routine to real workplace scenarios, using out-of-band confirmation (a known phone number or a separately opened website) instead of the contact details in the suspicious message. [^2]
- Explain why a given message succeeded or nearly succeeded by identifying the emotional lever it pulled (fear, time pressure, authority, loss aversion) and the trust cue it borrowed. [^6]
- Build a simple personal and team response routine, drawing on CISA and NCSC guidance, that covers how to recognize, report, and contain phishing and scam attempts at work. [^1][^2]
Key concepts · tap to reveal
1/15·Watch·Beat 1 · Hook
0%
Hook
An urgent email lands in your inbox. In one click, everything changes.
# task Write a prompt that asks Claude to recommend the right AI setup for a real task you're facing — then weigh its answer against this lesson, "Cyber-aware behaviors: phishing, social engineering, scams."
▸ console ready. write a prompt below and press ↵ to run it with Claude.
Exercise · scenario
A hospital receptionist receives an email appearing to be from the IT department, stating that the electronic health record system will be locked in 2 hours unless she clicks a link to verify her credentials. The email uses the hospital's logo and references a recent system upgrade mentioned in staff meetings. The link domain is 'hospitalsystem-verify.net' rather than the hospital's actual domain. The receptionist is unsure whether to click the link or report it.
Deliverable
Produce a **Phishing Response Playbook** in Markdown for your team or a hypothetical one, documenting a layered defense against phishing, social engineering, and scams. The playbook must include three sections. First, a staff awareness checklist that turns the standard guidance into everyday actions: how to recognize phishing and business email compromise, how to make good choices online, and the basic terms everyone should know.
Reveal model answer
Phishing attempt exploiting urgency and authority
Practice · Scenarios
0 of 8 revealed
Scenario 1 of 8
A university research assistant receives a phone call from someone claiming to be from the campus IT security team, stating that suspicious activity has been detected on her account. The caller knows her department, office location, and supervisor's name. He requests her to read out a 6-digit code that will be texted to her phone 'to verify her identity and secure the account.' The caller sounds professional and uses technical terminology about authentication protocols.
Common misconceptions
“Phishing emails are easy to spot because they are full of spelling errors and broken grammar”
Modern phishing closely mimics legitimate messages and is hard for even careful, experienced people to detect. Attackers now lean on real-world events and emotional triggers to look more believable, so a clean, well-written message is not proof that it is safe.
Quiz · adaptive · 3 items
Mastery check
Match each term to its definition. Pass at 80% to earn the lesson's XP and unlock the next.
Sources
- [1]OpenAlex API·OpenAlex API > How Good Are We at Detecting a Phishing Attack? Investigating the Evolving Phishing Attack Email and Why It Continues to > Ab (2025) · Research
- [2]OpenAlex API·OpenAlex API > Effectiveness of social engineering awareness training in mitigating spear phishing risks in financial institutions from > Ab (2025) · Research
- [3]OpenAlex API·OpenAlex API > COVID-19 and Phishing: Effects of Human Emotions, Behavior, and Demographics on the Success of Phishing Attempts During > Ab (2025) · Research
- [4]OpenAlex API·OpenAlex API > The development of phishing during the COVID-19 pandemic: An analysis of over 1100 targeted domains > Abstract (2025) · Research
- [5]UK NCSC Cyber Aware Action Plan·UK NCSC Cyber Aware Action Plan (2025) · Vendor
- [6]CISA Cyber Essentials + Starter Kit·CISA Cyber Essentials + Starter Kit (2025) · Vendor
- [7]OpenAlex API·OpenAlex API > Avoiding the Hook: Influential Factors of Phishing Awareness Training on Click-Rates and a Data-Driven Approach to Predi > Ab (2025) · Research
Submit your work for review
Paste your capstone artifact below. You'll get back a 4-level rubric grade, per-criterion feedback, and three concrete edits to strengthen it.