This article informs readers of the increased level of sophistication of online scams today. It also teaches readers how to detect these scams, and protect themselves from becoming the next victims of online scammers.
Appropriate Subject Area(s):
Key Questions to Explore:
- What is the best response to a suspicious email or text?
- How can a suspicious email or text be detected?
- What is the end goal of a phishing email?
- What steps should an individual take if he/she becomes a victim of electronic fraud?
- Phishing: Phishing is an attempt to obtain sensitive information such as usernames, passwords and credit card details (and, indirectly, money) by posing as a trustworthy entity in an electronic communication.
- Malicious Software (Malware): This is software that is specifically designed to gain access to or damage a computer without the knowledge of the owner.
A copy of the article
Introduction to lesson and task:
As students continue to conduct more of their daily activities online, it is vital that they become aware of the inherent costs of unauthorized access to their personal information by online scammers or fraudsters. As a result, students are advised to take precautionary steps to protect their personal information (i.e. username, email, passwords, etc.)
This article points to the methods scammers utilize today: emails, text, phone calls, etc. Often the best response to suspected fraudulent activity is to end the interaction either by deleting a suspicious email (or text) and blocking the domain (or phone number) of the sender, or by ending a phone call with a suspect stranger seeking personal information.
Making a mistake can be costly, but it is important to let your students know that there are some remedies if they do fall victim to online scams.
Suggested courses of action if the following occur:
- Clicking on a link with malevolent software which locks up your computer. If this occurs, it is important to turn off your infected computer and disconnect from your network in order to prevent the malware from spreading. The next course of action should be to seek professional tech help and/or alert law enforcement.
- Unwittingly logging into a fake website (thereby providing your username and password in the process). If this occurs, it is important to immediately update your username and password on the “real” website.
- Unwittingly providing your credit card information to an online scammer. It is important to let your credit card provider know about this as soon as it occurs, as they might be able to place a hold on the credit card, which will prevent unauthorized transactions from being processed. If you have a balance protection provision on your credit card, lost funds may also be refunded, depending on your terms and conditions of your contract.
- Discovering you have lost money in your online banking account due to unauthorized access. Most Canadian banks have an online banking security guarantee, which promises to reimburse 100% of losses resulting from unauthorized transactions if the following conditions are met:
- Individuals must sign out and close their Internet browsers at the end of each online banking session
- Password and personal verification questions (and answers) must be kept confidential
- Individuals must contact their bank immediately if they know or suspect that their password has become known to someone else, or if there has been activity in their account that they did not authorize.
Note: A recurring theme in all the responses listed above is that victims of online scams must act quickly in order to mitigate their losses. Protecting your personal information and assets online is always the best course of action; however, let your students know that if they find themselves on the wrong end of an online scam, they should act quickly.
Action (lesson plan and task):
- Ask students to indicate by way of a show of hands if they have recently received a phishing email.
- Ask a student to describe the content and presentation of the email to the rest of the class.
- Ask your students to explain their reaction to the email.
- Inform your students of the increased sophistication of these emails and the inherent risks mishandling such hazardous materials.
- Ask your students to state the best response to a suspicious email.
- Ask your students to state some controls they can implement to protect their online account (highly suggested: two-factor authentication)
- Ask your students to state the best practices for keeping their online banking accounts safe. (See above: the first two requirements to qualify for the online banking guarantee)
- Ask your students to state what they will do if they are doubtful of the authenticity of an email or text. (Hint: call customer service of the organization in question before actively engaging with the email or text)
- Ask students to say what their response would be if they become a victim of email fraud which creates a loss of personal information.
- Let your students know that while it is important to keep their personal accounts safe, they must also be vigilant against phishing emails sent to their work emails, in order to keep their respective organizations safe.
Consolidation of Learning:
- Ask your students to research what malware is.
- Ask your students to explain how malware can be prevented and removed.
- By the end of this lesson plan, students should have a better understanding of how to protect their personal accounts on the internet. Students will also have a better understanding of the steps to take if they become victims of online scams.
- Ask your students to explain what a two-factor authentication is and why it increases the security of their personal online accounts.