Phishing & Scam Recognition 101 — GhostNet Fundamentals Course 06
Attackers don't break in. They trick you into opening the door.
Phishing is the number-one way people actually get hacked — not clever code, but a convincing message. It works by hijacking normal human reactions: trust in a familiar name, fear of a problem, and the urge to act fast. The good news is that once you know the handful of signals every scam shares, the same tricks become almost impossible to miss.
Phishing & Scam Recognition 101 is the course that opens Track B: Threats & How to Spot Them. Where Track A built your defensive foundation — accounts, logins, devices, browsing, identity — this course teaches the human side: recognising the tricks attackers use to get you to hand over access willingly.
What's inside
The Anatomy of a Scam — A real phishing email broken down flag by flag, showing the five tells almost every scam message shares: lookalike sender, manufactured urgency, generic greeting, artificial deadline, and a disguised link.
The Decision Matrix — Judge any message in seconds. The four CORE checks that catch the overwhelming majority of phishing attempts, with a simple rule: if two or more fire, treat it as a scam.
Clarity Scripts — Exact words for every scam scenario: a 3-question gut check, verifying a message independently, inspecting a link before clicking, refusing a request for a code, and reporting what you find.
6 Self-Tests — Prove you can spot a fake, tested against your own real inbox. Including the skill that protects you most: seeing exactly where a link truly leads before you ever click it.
What you'll know by the last page
You'll have a reliable internal radar for phishing and scams, a habit of checking links before you click, and a calm, scripted response when something looks off — instead of the panic a scam is designed to provoke. A solid baseline on threat recognition, built using your own real inbox as the training ground.
The numbers that matter
90% of breaches begin with a phishing message
Phishing is the #1 most common cybercrime reported worldwide
5 red flags catch the vast majority of scams — and this course teaches you all five
What the guide covers
The three buttons every scam pushes — urgency, authority, and fear or reward, the psychological levers behind nearly every attack
Link inspection — how to preview where a link actually goes before you ever click it, on both computer and phone
The scam spectrum — phishing isn't just email; the same playbook arrives by text (smishing), phone call (vishing), and social DMs
The golden rule — "don't click, navigate" — the single habit that defeats most phishing outright
What to do if you've already clicked — calm, ordered recovery steps rather than panic
This course is right for you if:
You've ever hesitated over a message wondering if it was real
You've received a text or call claiming to be from your bank or a delivery company
You're not sure how to check where a link actually goes before clicking it
You want to train your eye using real examples, not abstract theory
You want a calm, practical system rather than vague "be careful online" advice
Course details
Format: Downloadable PDF guide
Length: 13 pages
Time to complete: 50–65 minutes
Series: Course 06 of 20 — Cyber Fundamentals by GhostNet Solutions Encryption
Track: Track B — Threats & How to Spot Them (Course 1 of 5)
Prerequisite: None — works standalone, though Track A makes you a harder target
Works on: Any device, any operating system
Skill level: Complete beginner — no tech background required
Part of the GhostNet Fundamentals series
This is Course 06 in a 20-part series, and the opening course of Track B — Threats & How to Spot Them. Track A built your privacy foundation across five courses; Track B teaches you to recognise the attacks aimed at it, starting with the most common one of all.
Recommended next step: Course 12 — Securing Your Email & Messaging, or continue sequentially with Course 07 — Malware, Viruses & Ransomware, Explained.