📍 Where you are in the curriculum: Week 4 of 12

Welcome to Unit 2: Recognizing Threats! You've built your foundation — you understand your digital footprint, can evaluate online info critically, and have strong passwords. Now let's learn what attackers actually do to try to break through those defenses.

---

Phishing: More Than Just Bad Emails 🎣

You probably think phishing is just those obviously fake "Nigerian prince" emails, right? Think again. Modern phishing is sophisticated, targeted, and everywhere — including the apps you use daily.

The Real Threat

According to the FBI ↗, phishing was responsible for over 80% of reported cyberattacks in 2024. And it's not just targeting big companies — teens are prime targets because you:

• Have valuable gaming accounts (Steam, Roblox, Fortnite)
• Use social media with tons of personal info
• Might not have the same suspicion as adults
• Often share devices with family (access to parents' accounts)

How Modern Phishing Works

Phishing has evolved way beyond sketchy emails. Here's what it looks like now:

Attack Type	Platform	Example
Spear phishing	Email/DM	A message crafted specifically for YOU using info from your profiles
Smishing	SMS/Text	"Your package couldn't be delivered" texts
Vishing	Phone calls	Fake tech support calls
Social media phishing	Instagram/TikTok	Fake "verified" accounts offering brand deals
QR phishing (Quishing)	Physical/Digital	Malicious QR codes replacing real ones

CISA identifies ↗ a common thread across all these: social engineering — manipulating your emotions (excitement, fear, curiosity) to make you act without thinking.