Cyber threats: Email, Network, Malware (Lecturer Note)

In this session, students should install a cybersecurity lab environment and perform some simple security tests (e.g., phishing simulation and penetration test). It is essential that they do a phishing simulation and learn how they, as users, can detect a phishing email. This will help them develop a machine-learning model in the next session to detect email threats, such as phishing and spam.

You should ask them to do the following activities.

1. Install and setup the security lab environment. An instruction is here.
2. Perform a vulnerability scan (e.g., by NMAP).
3. Simple penetration tests (teach them how to do a pen test using Kali and ask students to perform a few pen tests. This will prepare the students for the next sessions in which they must do more advanced pen tests). Examples.
4. Students use a phishing simulation tool (e.g., SocialPhish, PyPhisher, or GoPhish) to create a phishing email and webpage (using their templates) and send a phishing email to understand how it works. They should learn phishing signs (see here).