lessonKey: "phishing-email-basics" title: "Phishing Email Detection Basics" description: "Learn to identify common phishing tactics in emails and protect yourself from email-based attacks" difficultyLevel: "beginner" estimatedDuration: 15 module: "phishing-email-basics" steps: - id: "intro" type: "content" title: "What is Phishing?" content: | Phishing is a type of cyber attack where attackers impersonate legitimate organizations to steal sensitive information like passwords, credit card numbers, or personal data. Phishing emails often: - Create a sense of urgency - Contain suspicious links or attachments - Have spelling and grammar errors - Use generic greetings like "Dear Customer" - Request sensitive information - id: "example-1" type: "content" title: "Example Phishing Email" content: | **From:** security@paypa1-verify.com **Subject:** Urgent: Verify Your Account Now! Dear Valued Customer, Your PayPal account has been temporarily suspended due to unusual activity. To restore your account, please verify your information immediately by clicking the link below: [Verify Account Now] Failure to verify within 24 hours will result in permanent account suspension. Thank you, PayPal Security Team - id: "question-1" type: "question" questionType: "multiple_choice" question: "What are the suspicious elements in this email? (Select all that apply)" options: - id: "misspelled-domain" text: "The sender's domain is misspelled (paypa1 instead of paypal)" isCorrect: true points: 15 - id: "urgent-language" text: "Uses urgent/threatening language to create pressure" isCorrect: true points: 15 - id: "generic-greeting" text: "Uses generic greeting 'Dear Valued Customer'" isCorrect: true points: 10 - id: "requests-action" text: "Requests immediate action via a link" isCorrect: true points: 10 - id: "legitimate" text: "This appears to be a legitimate email" isCorrect: false points: 0 maxPoints: 50 feedback: correct: "Excellent! You identified all the key phishing indicators." partial: "Good job! You spotted some red flags, but review the email again carefully." incorrect: "Not quite. Let's review the common signs of phishing emails." - id: "question-2" type: "question" questionType: "single_choice" question: "What should you do if you receive a suspicious email like this?" options: - id: "click-link" text: "Click the link to verify my account" isCorrect: false points: 0 - id: "reply-email" text: "Reply to the email asking if it's legitimate" isCorrect: false points: 0 - id: "delete-report" text: "Delete the email and report it as phishing" isCorrect: true points: 25 - id: "forward-friends" text: "Forward it to friends to warn them" isCorrect: false points: 0 maxPoints: 25 feedback: correct: "Perfect! Deleting and reporting phishing emails is the right approach." incorrect: "That's not safe. Never click links or reply to suspicious emails. Delete and report them." - id: "question-3" type: "question" questionType: "free_text" question: "Describe at least three things you should check before clicking a link in an email." validationRules: - type: "contains_keywords" keywords: ["sender", "domain", "url", "link", "https", "hover", "address", "spelling", "grammar"] minMatches: 3 - type: "min_length" value: 50 maxPoints: 25 feedback: correct: "Great answer! You understand the importance of verifying emails before taking action." incorrect: "Consider checking the sender's email address, hovering over links to see the real URL, and looking for HTTPS." scoring: passingScore: 70 maxTotalPoints: 100