Lesson Plan
Mini-Detective Mission
Students will assume the role of data detectives to analyze pretend breach scenarios, identify risky online behaviors, and collaboratively propose data-protection strategies.
Building digital literacy and cybersecurity awareness equips students to recognize common online risks and develop habits—like cautious clicking and strong passwords—that safeguard their personal information.
Audience
7th Grade Group
Time
25 minutes
Approach
Collaborative scenario analysis with guided discussion
Prep
Prepare Materials
10 minutes
- Print one copy of Breach Scenario Analysis Worksheet for each group.
- Load Clue-By-Clue Cyber Slides on the projector or students’ devices.
- Review the Investigation Answers Key to familiarize yourself with correct risk identifications and discussion prompts.
Step 1
Introduction to Data Detectives
3 minutes
- Welcome students and explain their mission: they are now mini data detectives protecting personal information.
- Display the first slide of Clue-By-Clue Cyber Slides.
- Prompt: “What personal data might be at risk in this scenario?” and collect quick responses.
Step 2
Guided Cyber Clues
5 minutes
- Advance through 2–3 additional slides in Clue-By-Clue Cyber Slides.
- After each slide, have students discuss in pairs to spot the risky behavior.
- Solicit one or two groups to share their observations and teacher models correct terminology.
Step 3
Group Breach Investigation
12 minutes
- Divide class into small groups and distribute the Breach Scenario Analysis Worksheet.
- Instruct groups to read each scenario, identify the risky action, and write one prevention strategy.
- Circulate, offer prompts, and refer to the Investigation Answers Key for guidance.
Step 4
Debrief and Wrap-Up
5 minutes
- Reconvene whole class; invite one group to present a scenario, the risk they identified, and their prevention tip.
- Highlight three key takeaways: use strong passwords, verify senders before clicking, and adjust privacy settings.
- Encourage students to apply these practices online and at home.
use Lenny to create lessons.
No credit card needed
Slide Deck
Data Detective Mission
Gear up for a 25-minute digital investigation! Your mission: uncover privacy risks and recommend safeguards.
Introduce the session: students are now data detectives on a mission to spot risky online behaviors and protect personal information. Encourage curiosity and teamwork.
Welcome, Data Detectives!
Put on your detective hats! Today you’ll investigate pretend data breaches and learn how to protect personal information.
Welcome students and explain they’ll review pretend breach scenarios. Emphasize learning vocabulary like “phishing,” “screenshot leak,” and “weak password.”
Clue 1: The Sneaky Screenshot
Your friend screenshots a private group chat and shares it online. What personal data might be exposed? Discuss with a partner.
Walk through Clue 1: A friend shares a screenshot of private messages without permission. Ask students: What personal details are at risk?
Clue 2: The Phishy Link
You receive an email from “IT Support” with a link to reset your school password. It looks odd. What makes it suspicious, and how could clicking it compromise your data?
Introduce Clue 2: A phishing email scenario. Point out suspicious signs (sender address, unexpected link). Ask: Which red flags do you spot?
Clue 3: The Weak Password
Your account password is “password123.” Why is this risky? What could someone do if they guess it? Propose a stronger, safer password.
Explain why weak passwords are risky—easy to guess or brute-force. Share guidelines: length, variety of characters, avoid personal info. Invite sample strong passwords.
Key Takeaways
• Use strong, unique passwords
• Verify senders before clicking links
• Adjust privacy settings to limit data sharing
Highlight the three best practices. Encourage students to share one thing they’ll do differently online after today’s mission.
Worksheet
Breach Scenario Analysis
Instructions
- In your group, analyze each scenario below.
- Identify the risky behavior, describe one potential impact, and propose a prevention strategy.
- Record your answers in the table provided.
Analysis Table
| Scenario | Risky Behavior Identified | Potential Impact | Prevention Strategy |
|---|---|---|---|
| The Sneaky Screenshot | |||
| The Phishy Link | |||
| The Weak Password |
Group Discussion Notes
Use this space to record any additional observations, questions, or tips your group discusses:
Use this worksheet alongside the slide deck Clue-By-Clue Cyber Slides and refer to the Investigation Answers Key as needed.
Answer Key
Investigation Answers Key
Use this key to guide group discussions and to check student responses on the Breach Scenario Analysis Worksheet.
1. The Sneaky Screenshot
Step-by-Step Thought Process
- Recognize the action: a private group chat was captured and shared without permission.
- Identify what data is exposed: names, personal opinions, photos, location details, conversation context.
- Think through misuse: other students or strangers could screenshot for gossip, bullying, or to piece together personal information for scams.
- Formulate prevention: establish digital consent practices, adjust privacy settings, and remind friends not to share private content.
Risky Behavior Identified
Sharing a screenshot of a private conversation without consent.
Potential Impact
Exposed personal messages can lead to embarrassment, bullying, or misuse of sensitive details by third parties.
Prevention Strategy
• Always ask for permission before sharing someone else’s messages.
• Use app settings to limit who can screenshot or save content.
• Educate peers on digital consent and respect for privacy.
2. The Phishy Link
Step-by-Step Thought Process
- Spot red flags: unexpected email from “IT Support,” urgent tone, generic greeting, and suspicious URL.
- Consider consequences: clicking may install malware, capture keystrokes, or redirect to a fake login page to steal credentials.
- Determine safe actions: hover over the link to inspect the URL, verify the sender’s address, and consult a trusted adult or IT administrator.
Risky Behavior Identified
Clicking on an unverified link in a phishing email.
Potential Impact
Malware infection, stolen login credentials, unauthorized access to school accounts.
Prevention Strategy
• Never click links from unknown or suspicious senders.
• Hover to check URLs and look for misspellings or extra characters.
• Contact IT support directly using a known email or phone number to confirm requests.
3. The Weak Password
Step-by-Step Thought Process
- Analyze the password “password123”: it’s too common and follows a predictable pattern.
- Understand how attackers guess it: dictionary attacks and brute-force tools can crack simple passwords in seconds.
- Create guidelines for strong passwords: length (at least 12 characters), mix of uppercase/lowercase letters, numbers, and symbols, avoid personal information.
Risky Behavior Identified
Using a weak, easily guessable password.
Potential Impact
Account takeover, unauthorized data access, potential wider breach if the same password is reused elsewhere.
Prevention Strategy
• Choose a passphrase or random combination of characters (e.g., “Sky7&River!Piano”).
• Use a password manager to generate and store unique passwords.
• Enable two-factor authentication for extra security.
Teacher Discussion Prompts
- Ask students: Which step in your process helped you most?
- Invite examples of strong passwords (without revealing real ones).
- Discuss how these practices apply to social media and personal devices.
Use this key to validate group answers and prompt deeper thinking about each scenario’s digital risks and safeguards.