118 lines
4.0 KiB
YAML
118 lines
4.0 KiB
YAML
lessonKey: "phishing-email-basics"
|
|
title: "Phishing Email Detection Basics"
|
|
description: "Learn to identify common phishing tactics in emails and protect yourself from email-based attacks"
|
|
difficultyLevel: "beginner"
|
|
estimatedDuration: 15
|
|
module: "phishing-email-basics"
|
|
|
|
steps:
|
|
- id: "intro"
|
|
type: "content"
|
|
title: "What is Phishing?"
|
|
content: |
|
|
Phishing is a type of cyber attack where attackers impersonate legitimate organizations
|
|
to steal sensitive information like passwords, credit card numbers, or personal data.
|
|
|
|
Phishing emails often:
|
|
- Create a sense of urgency
|
|
- Contain suspicious links or attachments
|
|
- Have spelling and grammar errors
|
|
- Use generic greetings like "Dear Customer"
|
|
- Request sensitive information
|
|
|
|
- id: "example-1"
|
|
type: "content"
|
|
title: "Example Phishing Email"
|
|
content: |
|
|
**From:** security@paypa1-verify.com
|
|
**Subject:** Urgent: Verify Your Account Now!
|
|
|
|
Dear Valued Customer,
|
|
|
|
Your PayPal account has been temporarily suspended due to unusual activity.
|
|
To restore your account, please verify your information immediately by clicking
|
|
the link below:
|
|
|
|
[Verify Account Now]
|
|
|
|
Failure to verify within 24 hours will result in permanent account suspension.
|
|
|
|
Thank you,
|
|
PayPal Security Team
|
|
|
|
- id: "question-1"
|
|
type: "question"
|
|
questionType: "multiple_choice"
|
|
question: "What are the suspicious elements in this email? (Select all that apply)"
|
|
options:
|
|
- id: "misspelled-domain"
|
|
text: "The sender's domain is misspelled (paypa1 instead of paypal)"
|
|
isCorrect: true
|
|
points: 15
|
|
- id: "urgent-language"
|
|
text: "Uses urgent/threatening language to create pressure"
|
|
isCorrect: true
|
|
points: 15
|
|
- id: "generic-greeting"
|
|
text: "Uses generic greeting 'Dear Valued Customer'"
|
|
isCorrect: true
|
|
points: 10
|
|
- id: "requests-action"
|
|
text: "Requests immediate action via a link"
|
|
isCorrect: true
|
|
points: 10
|
|
- id: "legitimate"
|
|
text: "This appears to be a legitimate email"
|
|
isCorrect: false
|
|
points: 0
|
|
maxPoints: 50
|
|
feedback:
|
|
correct: "Excellent! You identified all the key phishing indicators."
|
|
partial: "Good job! You spotted some red flags, but review the email again carefully."
|
|
incorrect: "Not quite. Let's review the common signs of phishing emails."
|
|
|
|
- id: "question-2"
|
|
type: "question"
|
|
questionType: "single_choice"
|
|
question: "What should you do if you receive a suspicious email like this?"
|
|
options:
|
|
- id: "click-link"
|
|
text: "Click the link to verify my account"
|
|
isCorrect: false
|
|
points: 0
|
|
- id: "reply-email"
|
|
text: "Reply to the email asking if it's legitimate"
|
|
isCorrect: false
|
|
points: 0
|
|
- id: "delete-report"
|
|
text: "Delete the email and report it as phishing"
|
|
isCorrect: true
|
|
points: 25
|
|
- id: "forward-friends"
|
|
text: "Forward it to friends to warn them"
|
|
isCorrect: false
|
|
points: 0
|
|
maxPoints: 25
|
|
feedback:
|
|
correct: "Perfect! Deleting and reporting phishing emails is the right approach."
|
|
incorrect: "That's not safe. Never click links or reply to suspicious emails. Delete and report them."
|
|
|
|
- id: "question-3"
|
|
type: "question"
|
|
questionType: "free_text"
|
|
question: "Describe at least three things you should check before clicking a link in an email."
|
|
validationRules:
|
|
- type: "contains_keywords"
|
|
keywords: ["sender", "domain", "url", "link", "https", "hover", "address", "spelling", "grammar"]
|
|
minMatches: 3
|
|
- type: "min_length"
|
|
value: 50
|
|
maxPoints: 25
|
|
feedback:
|
|
correct: "Great answer! You understand the importance of verifying emails before taking action."
|
|
incorrect: "Consider checking the sender's email address, hovering over links to see the real URL, and looking for HTTPS."
|
|
|
|
scoring:
|
|
passingScore: 70
|
|
maxTotalPoints: 100
|