CS: Cybersecurity: Threats and Protections
Recognizing common cyber threats and choosing safer protections
CS: Cybersecurity: Threats and Protections
Recognizing common cyber threats and choosing safer protections
CS - Grade 6-8
- 1
A student receives an email that says their school account will be deleted unless they click a link and enter their password right away. What type of cyber threat is this, and what should the student do?
Look for clues like urgent language, requests for passwords, and suspicious links.
This is likely a phishing attack because it uses fear and urgency to trick the student into giving away a password. The student should not click the link, should not enter their password, and should report the email to a trusted adult or school technology staff. - 2
Choose the stronger password and explain why: soccer7 or R!verTurtle42$.
R!verTurtle42$ is the stronger password because it is longer and uses a mix of uppercase letters, lowercase letters, numbers, and symbols. The password soccer7 is shorter and easier to guess. - 3
A website asks you to turn on multi-factor authentication for your account. Explain what multi-factor authentication does and why it helps protect you.
Think about needing both a key and a secret code to enter a locked room.
Multi-factor authentication requires more than one way to prove your identity, such as a password and a code sent to your phone or app. It helps protect you because a stolen password alone may not be enough for someone to log in. - 4
A pop-up says your computer is infected and tells you to download a free cleaner from an unknown website. What risk does this create, and what is a safer action?
The pop-up may be trying to trick the user into downloading malware. A safer action is to close the pop-up, avoid downloading the unknown program, and use trusted security software or ask a trusted adult for help. - 5
Define malware in your own words, and give one example of what malware can do to a device or account.
The word malware comes from malicious software.
Malware is harmful software designed to damage, spy on, or take control of a device or account. For example, malware might steal passwords, delete files, or make a computer run very slowly. - 6
A classmate asks for your game account password so they can help you win a level. Explain why sharing the password is unsafe, even if the classmate seems trustworthy.
Sharing a password is unsafe because the other person could change the account, use it without permission, or accidentally expose it to someone else. Passwords should be kept private and only used by the account owner. - 7
A message from someone pretending to be a school club leader asks for students' full names, birthdays, home addresses, and phone numbers. What type of information is being requested, and why should students be careful?
Personal information can identify you or help someone find or contact you.
The message is asking for personal information. Students should be careful because personal information can be used for identity theft, scams, or unwanted contact, especially if the person asking is not verified. - 8
Explain the difference between updating an app and installing an app from an unknown link. Which is safer, and why?
Updating an app through an official app store or trusted settings is usually safer because updates can fix security problems. Installing an app from an unknown link is riskier because it may contain malware or be fake. - 9
A student uses the same password for email, games, and school accounts. Explain one danger of reusing passwords and one better habit.
Think about what would happen if one key opened every locker you own.
Reusing passwords is dangerous because if one account is hacked, attackers may try the same password on other accounts. A better habit is to use a different strong password for each important account. - 10
A stranger in an online chat says they are from tech support and need your login code to fix a problem. What cyber threat could this be, and how should you respond?
This could be social engineering because the stranger is trying to trick the user into sharing a login code. The user should not share the code, should stop the conversation, and should ask a trusted adult or official support channel for help. - 11
List three signs that a website might not be safe to use for entering a password or personal information.
Check the address bar, the spelling of the site name, and what the site is asking you to do.
Three signs of an unsafe website include a misspelled web address, no secure lock symbol or HTTPS, and unexpected requests for private information. Other warning signs include many pop-ups, strange downloads, or a page that looks different from the real site. - 12
Create a short cybersecurity safety plan for a middle school student. Include at least three protections they should use regularly.
A good cybersecurity safety plan includes using strong unique passwords, turning on multi-factor authentication when possible, keeping apps and devices updated, avoiding suspicious links, and reporting strange messages to a trusted adult. These protections reduce the chance of account theft, malware, and scams.