PHISHING

1 hour

Students will learn how to identify suspicious emails that may contain a phishing attempt.

Phishing emails exploit a frequent security vulnerability - human factor. The email usually claims to be from an important person in the organization or a familar person to the email user (and message's recipient) and invites the user to click on a link to perform some urgent action. Once the user clicks, this may lead to a fake login page, which will steal user's username and password, or it may lead to a page where automated code download starts, which will infect the user's machine with malware. Either way, phishing robs the user of either information or control over their assets, playing on human gullibility. In this exercise, students will learn about some red flags that can denote phishing and they will practice identifying phishing emails hidden in a batch of regular emails.