Professional Documents
Culture Documents
ages 9-11
The Phisherman
Teacher Guide
Duration: 1 hour
1
Overview
This Teacher Guide provides discussion points and additional activities to support the use of Barefoot’s
The Phisherman game within the classroom.
The Phisherman game consists of a number of mini-games, with each game focusing on a different
aspect of phishing. Following each game, a number of questions and topics are presented to facilitate
further discussion and enable children to share their own experiences.
Additional activities are also included from SWGfL’s Project Evolve toolkit. Project Evolve provides
resources for each of the 330 statements from the UK Council for Internet Safety’s (UKCIS) Education for
a Connected World (ECW) framework, including perspectives; research; activities; outcomes; supporting
resources and professional development materials. The toolkit, which is free to use for schools, can be
found at – https://projectevolve.co.uk An account to use the toolkit can be created at –
https://projectevolve.co.uk/register
The activities within The Phisherman game can be undertaken in any order, although a suggested route
through the game is outlined within this document.
Pupil objectives
■ I can define phishing and why it is used by cyber criminals
■ I can identify technologies typically used for phishing
■ I can identify common features and themes of phishing
■ I can identify how to prevent being a victim of phishing
Introduction
Explain to pupils they are going to play a game to develop their understanding of an important aspect
of cyber security. Share the learning objectives with pupils on slide 2 if this is your usual practice.
Using slide 3, demonstrate to pupils how to access the game using a web browser and explain how the
game provides a safe environment to learn about phishing. Ask pupils to begin the game, then, once
they reach the underwater village of Kelpy Deeps, play the Turtle mini-game until they get back to the
underwater village of Kelpy Deeps.
Using slide 5, explain to pupils that personal information can also be obtained about you by using the
Internet. This might mean cyber criminals can access your accounts by finding out information, such
as your date or birth, or pretend to know you when contacting you, such as by finding out your name,
phone number, names of your friends and your interests. Ask pupils:
■ Where on the Internet could personal information about you be found? (Social media platforms)
■ How can we ensure this personal information isn’t stolen and used within phishing scams? (Make our
profiles private and ensure any information on public profiles can’t allow us to be easily identified)
■ What might be changed on your profiles? (Sharing as little information as possible, profile picture not
of you, highest privacy settings)
Using slide 6, ask pupils to begin the Whale game next and to stop once they are back at the
underwater village of Kelpy Deeps.
Note: Depending on the age of your pupils, it may be appropriate to outline how bad grammar may be
used in an attempt to bypass spam email filters, which will often block correctly spelt words or phrases
found in phishing messages.
Ask children to come up with their own examples of each feature – e.g. a message putting the user
under pressure might be “you have won a brand new games console if you reply to this message in the
next 30 seconds”. Ask pupils to share their examples with the class.
Using slide 8, ask pupils to begin the Fish game next and to stop once they are back at the underwater
village of Kelpy Deeps.
Using slide 12, explain to pupils a password is a form of personal information and can be the focus of
phishing scams. Outline how insecure passwords can be used to access accounts and send out phishing
scams, which can mean your friends and family think they are receiving genuine messages.
Ask children:
■ What might happen if we didn’t have passwords for our accounts? (Anyone could access our online
accounts and use them to obtain our personal information, steal our money and pretend to be
someone else)
■ What makes a good password? (Hard to guess, unique to each service, long, easy to remember)
■ How can we keep our passwords safe? (Store it in your browser, create an encrypted file containing
your passwords, use a password manager)
Using slide 13, ask pupils to begin the PufferFish game next and to stop once they are back at the
underwater village of Kelpy Deeps.
Using slide 15, ask pupils to begin the final game, which is located in the centre of Kelpy Deeps.
■ W
hat one thing are you either going to start doing or stop doing based on what they have learnt
during the game?
■ What could you tell someone else you live with about a certain element of the game, which might
be of benefit to them?
■ What should you do if you believe you have fallen for a phishing scam?
enquiries@barefootcomputing.org | barefootcomputing.org