Firstly, I would provide students with a scam email, and ask them to identify ways in which it is scam using the infographic above. For example, there is several spelling mistakes. I would then go through a legitimate email sent by Apple for example, outlining the email address, attachments, contact details and formality of the email, making it legitimate. Once I have discussed with students the difference between scam and legitimate emails, I would ask them to complete a venn diagram showing similarities and differences between the two. For example a difference is an offer to good to be true, and a similarity would be an offer, but legitimised, for example “due to purchasing the Apple bundle pack in store, you have received 20% off air pods.” A further discussion would take place making students aware if they are suspicious of an email that is sent to them, always check with an adult.
Once students have a deeper understanding around types of scam scenarios and features, I would initiate an activity where I provide them each with a paddle pop stick at random that states either; scam or legitimate. I would then provide them each with a checklist on how to spot a phishing email. Students will complete the activity taking into consideration features that display signs of scam, and features that do not. Once the students have had time to complete the activity, I would collect their work, and then hand it out to students at random to analyse and evaluate using the checklist provided as assistance. A classroom discussion would take place, viewing the students work and how it was identified as either; scam or legitimate. I would make students aware often phishing comes in the form of an email, however, phishing can also occur through text message, voicemail, pop up in web sites, advertisements and in other forms of communication (Computer Science Education Research Group, 2020). I would tell my students it is important to be cyber aware, and if unsure about a form of communication sent to them, check with an adult.
Below I have created my own ‘fake scam’ email: