- Fulfills Step 5 of GSUSA Junior Cybersecurity Investigator badge requirements.
- Fulfills Step 2 of GSUSA Cadette Cybersecurity Investigator badge requirements.
Info Needed for badge requirements: Phishing is when cyber criminals try to trick you into sharing private information, like passwords, addresses, or credit card numbers. They create fake messages that look real, such as emails, texts, or posts on social media. These messages often try to get you to click on bad links, download harmful attachments, or share your personal details.
Phishing messages often:
- Create a sense of urgency (e.g., “act now”).
- Play with emotions to make you worried or excited.
- Use small clues, like bad grammar or fake links, that give away they are not real.
To protect yourself:
- Always think before you click.
- Never share private information like passwords or payment details through email.
- If you get a message from a company, don’t click on links in the email. Instead, open a browser and go directly to the company’s website to log in.
Items Needed
- None (just the group and their creativity!)
Instructions
- Divide the scouts into two groups:
- One group will act as “phishers” (pretend cyber criminals).
- The other group will be “targets” (people receiving fake messages).
- Phishers create short fake messages on the spot and deliver them verbally to targets. Examples could include:
- “Click here for free cookies for life!”
- “You need to share your password right now to fix your account!”
- Targets listen carefully and decide if the message is safe or fake by explaining their reasoning based on the phishing concept (e.g., “This sounds fake because free cookies are too good to be true”).
- After one round, switch roles so everyone has a chance to play both parts.
- Discuss the common tricks phishers use and the importance of thinking before sharing private information or clicking links.
The Badge Archive 