How do I recognise online scams and malware, and what should I do to protect my devices and data?
Recognise common online scams such as phishing, identify and prevent malware, and take protective steps such as updates, antivirus and backups
A practical answer to the N-Level Computer Applications outcome on scams and malware: spotting phishing, the main types of malware, and protecting devices with updates, antivirus, caution and backups.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
This outcome is about spotting online scams and malware and protecting your devices. You should be able to recognise phishing and other scams, know the main types of malware and how they spread, and describe protective steps such as updates, antivirus software, careful clicking and backups. In the written paper you list scam warning signs, name malware types, and describe protections.
The answer
Online scams and phishing
A scam tries to trick you into giving money, passwords or personal information. The most common is phishing: a message that pretends to be from a real organisation (a bank, a school, a delivery company) to fool you into clicking a link and entering your details. Warning signs of phishing include:
- Urgency and pressure, such as "act within 24 hours or your account is locked", to rush you.
- A request for your password or personal details, which real organisations do not ask for by email.
- A suspicious sender address that is strange or slightly wrong.
- Spelling, grammar or design mistakes that a genuine organisation would not make.
- A link that does not match the real website when you look carefully.
If you suspect phishing, do not click. Go to the real website directly by typing its address or using the official app, and report or delete the message.
What malware is
Malware is malicious software designed to harm a device or steal data. Common types include:
- Virus. Spreads from file to file and can damage data.
- Worm. Spreads by itself across networks.
- Trojan. Pretends to be useful software but hides something harmful.
- Ransomware. Locks your files and demands payment to unlock them.
- Spyware. Secretly watches what you do, such as recording what you type.
How malware spreads
Malware often arrives through risky attachments, links and downloads: opening an attachment from an unknown sender, clicking a bad link, or downloading software from an untrustworthy site. Being careful about what you open and download is a key defence.
Protecting your devices
- Keep software updated. Updates fix weaknesses that malware exploits.
- Use antivirus software. It detects and removes many threats.
- Be careful clicking and downloading. Do not open attachments or links from unknown sources, and download only from trusted places.
- Back up important files. A backup means you can recover your files if you are attacked, for example by ransomware.
Examples in context
Example 1. A fake delivery text. A student gets a text saying a parcel is held and to pay a small fee through a link. Spotting the pressure and the odd link, they do not click, check the real courier's app instead (which shows no parcel), and report the text. The scam fails because they went direct.
Example 2. Ransomware stopped by a backup. A family computer is hit by ransomware that locks the photos. Because the photos were backed up to a separate drive and the cloud, they restore them without paying, and then update the software and run antivirus to clean the machine.
Try this
Cue. List three warning signs that an email is a phishing scam. (Urgency or pressure to act fast, a request for your password or personal details, and a suspicious sender address or spelling and design mistakes.)
Cue. Name two types of malware and say what each does. (For example a virus, which spreads and damages files, and ransomware, which locks your files and demands payment.)
Cue. Describe two ways to protect a device from malware. (Keep software updated and run antivirus, and be careful what you open or download while backing up important files.)
Exam-style practice questions
Practice questions written in the style of SEAB exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
Original5 marksAn email says 'Your account is locked. Click here within 24 hours and enter your password to unlock it.' Explain why this is likely a phishing scam by listing three warning signs, and state what the reader should do.Show worked answer →
Three warning signs of phishing, for example:
- It creates urgency and pressure ("within 24 hours"), to rush you into acting without thinking.
- It asks you to click a link and enter your password, which a real organisation would not ask you to do by email.
- It may come from a strange or slightly wrong sender address, and may have spelling or design mistakes.
What the reader should do: do not click the link or enter any details. Instead, go to the real website directly by typing its address or using the official app, and report or delete the email.
What markers reward: three genuine phishing signs such as urgency, a request for the password, a suspicious sender or errors, and the safe action of not clicking but going to the real site directly and reporting it.
Original4 marksExplain what malware is, name two types, and describe two things a person can do to protect their device from malware.Show worked answer →
Malware is malicious software designed to harm a device or steal data. Two types, for example: a virus (which spreads and damages files) and ransomware (which locks your files and demands payment). Other acceptable types include spyware and a worm or trojan.
Two protections, for example:
- Keep the operating system and apps updated, and run antivirus software, so known weaknesses are fixed and threats are caught.
- Be careful what you download and click; do not open attachments or links from unknown sources, and back up important files so you can recover them if attacked.
What markers reward: malware as harmful software, two correct types, and two genuine protections such as updates, antivirus, caution with downloads, and backups.
Related dot points
- Describe safe and responsible online behaviour, protect personal information and privacy, and respond appropriately to risks such as oversharing and cyberbullying
A practical answer to the N-Level Computer Applications outcome on staying safe online: protecting personal information and privacy, behaving responsibly, and responding to risks such as oversharing and cyberbullying.
- Create strong, unique passwords, keep them safe, and use extra protections such as two-factor authentication to secure accounts
A practical answer to the N-Level Computer Applications outcome on account security: what makes a password strong, why each account needs its own, keeping passwords safe, and using two-factor authentication.
- Explain copyright and plagiarism, use licensed or permitted content, credit sources correctly, and avoid copying work without permission
A practical answer to the N-Level Computer Applications outcome on copyright: what copyright and plagiarism are, using licensed or free content, crediting sources, and avoiding copying work without permission.
- Explain what a digital footprint is and why it is lasting, manage your online reputation, and apply good netiquette when communicating online
A practical answer to the N-Level Computer Applications outcome on digital footprint and netiquette: what a footprint is, why it lasts, managing your online reputation, and communicating respectfully online.
- Compose and send email with a clear subject and message, use To, Cc and Bcc and attachments correctly, and apply good email etiquette
A step-by-step answer to the N-Level Computer Applications outcome on email: writing a clear message, using To, Cc and Bcc and attachments correctly, and following good email etiquette.