Cyber threats: Email, Network, Malware (Lecturer Note)
In this session, students should install a cybersecurity lab environment and perform some simple security tests (e.g., phishing simulation and penetration test). It is essential that they do a phishing simulation and learn how they, as users, can detect a phishing email. This will help them develop a machine-learning model in the next session to detect email threats, such as phishing and spam.
You should ask them to do the following activities.
- Install and setup the security lab environment. An instruction is here.
- Perform a vulnerability scan (e.g., by NMAP).
- Simple penetration tests (teach them how to do a pen test using Kali and ask students to perform a few pen tests. This will prepare the students for the next sessions in which they must do more advanced pen tests). Examples.
- Students use a phishing simulation tool (e.g., SocialPhish, PyPhisher, or GoPhish) to create a phishing email and webpage (using their templates) and send a phishing email to understand how it works. They should learn phishing signs (see here).