AP Cybersecurity Unit 1 Lesson 1 Exercise 1

AP Cybersecurity — Unit 1 • Topic 1.1

Spot the Red Flags

Can you identify every suspicious element before someone clicks a malicious link?

Exercise 1 of 2 Skill 1.A — Analyze Risk ~10 minutes

This exercise trains you to identify social engineering red flags in a real phishing email — one of the most frequently tested skills on the AP Cybersecurity exam. Hover over any part of the email you find suspicious and click to reveal what makes it a threat. Master the vocabulary below before you begin, then see how many of the 7 red flags you can find. For a deeper review of the concepts behind this exercise, see the Unit 1 Study Guide.

Key Terms — Topic 1.1
Phishing A mass deceptive email designed to trick recipients into revealing credentials or clicking malicious links.
Domain Spoofing Registering or faking a domain that closely resembles a legitimate one (e.g., g00gle.com vs google.com).
Typosquatting A form of domain spoofing that substitutes visually similar characters (0 for o, 1 for l) to deceive at a glance.
Social Engineering Manipulating people psychologically to take a security-compromising action, rather than exploiting technology directly.
Urgency Tactic Creating artificial time pressure to prevent the target from thinking critically before acting.
Intimidation Tactic Threatening negative consequences (job loss, failed assignment, legal action) if the target does not comply immediately.
Credential Harvesting Stealing login credentials by directing users to a fake login page that captures what they type.
Impersonation Pretending to be a trusted person or organization (Google, the IRS, a manager) to gain trust and compliance.
Red Flags Found
0 / 7
Hover over suspicious elements and click to investigate
Read the email carefully. Hover over any part you find suspicious and click to investigate. Find all 7 red flags.
0
out of 7 red flags found

Extension Challenge — For Early Finishers

Write Your Own Phishing Email

You have just analyzed a phishing attack from the defender’s perspective. Now switch sides. Write a phishing email that targets a high school student using at least 4 of the 7 tactics from this exercise. Your email should be convincing enough to fool someone who is not paying close attention.

When finished, identify each tactic in brackets — for example: Your Netflix account has been suspended [Urgency] — The Netflix Team [Impersonation].

Your scenario: You are an attacker targeting a student who uses an online gradebook called SchoolLoop. Craft an email that tricks them into clicking a link that harvests their login credentials.

Write your phishing email below, then annotate each red flag you intentionally included.

AP Cybersecurity · Unit 1 · Lesson 1.1 · Exercise 1
LessonExercise 1LabQuiz

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]