AP Cybersecurity Unit 1 Lesson 1 Exercise 1
Spot the Red Flags
Can you identify every suspicious element before someone clicks a malicious link?
This exercise trains you to identify social engineering red flags in a real phishing email — one of the most frequently tested skills on the AP Cybersecurity exam. Hover over any part of the email you find suspicious and click to reveal what makes it a threat. Master the vocabulary below before you begin, then see how many of the 7 red flags you can find. For a deeper review of the concepts behind this exercise, see the Unit 1 Study Guide.
One of your students has requested access to make a copy of a document. Click this link to authorize your student to copy your document.
If you don’t click the link, your student won’t be able to copy the document and complete their assignment.
Research shows that the faster teachers respond to students’ document-sharing requests, the more likely students are to submit assignments on-time.
— The Google Drive Team
AP Exam Strategy — Social Engineering
On the AP Cybersecurity exam, social engineering questions typically show you a message and ask you to identify which psychological tactic is being used. The two most commonly tested tactics are Urgency (act now or something bad happens) and Impersonation (pretending to be a trusted organization or person). Always check: (1) Is the sender’s domain real? (2) Is there artificial time pressure? (3) Are consequences threatened for inaction? (4) Does the claimed identity match the actual sender? These four questions catch the majority of phishing attacks on the AP exam.
Write Your Own Phishing Email
You have just analyzed a phishing attack from the defender’s perspective. Now switch sides. Write a phishing email that targets a high school student using at least 4 of the 7 tactics from this exercise. Your email should be convincing enough to fool someone who is not paying close attention.
When finished, identify each tactic in brackets — for example: Your Netflix account has been suspended [Urgency] — The Netflix Team [Impersonation].
Your scenario: You are an attacker targeting a student who uses an online gradebook called SchoolLoop. Craft an email that tricks them into clicking a link that harvests their login credentials.
Write your phishing email below, then annotate each red flag you intentionally included.
Get in Touch
Whether you're a student, parent, or teacher — I'd love to hear from you.
Just want free AP CS resources?
Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.
Message Sent!
Thanks for reaching out. I'll get back to you within 24 hours.
Prefer email? Reach me directly at [email protected]