Real-World Application

30 minutes

Welcome to Module 4

You’ve learned to recognize emotional manipulation (PUSHED) and systematically verify suspicious messages (VERIFY). Now it’s time to apply these skills to real-world scenarios.

What You’ll Practice

In this module, you’ll work through:

  1. Email Scenarios — Business email compromise, account alerts, shipping scams, and more
  2. Text and Phone Scenarios — Smishing, vishing, and the unique challenges of voice/video attacks
  3. What To Do If You Clicked — Because everyone makes mistakes, and quick action matters

Why Scenario Practice Matters

Learning a framework is one thing. Applying it under realistic conditions is another.

In these lessons, you’ll:

  • See actual examples of sophisticated phishing attempts
  • Practice identifying PUSHED tactics
  • Apply VERIFY steps to make decisions
  • Learn what correct responses look like

Goal: By the end of this module, PUSHED+VERIFY should feel natural. You'll start recognizing manipulation tactics automatically and know exactly what to do.

The Recovery Lesson

Lesson 4.3 covers something most security training ignores: what to do if you clicked, downloaded, or responded.

Everyone makes mistakes. What matters is acting quickly:

  • What to do if you clicked a link
  • What to do if you entered credentials
  • What to do if you sent money
  • What to do if you gave personal information

Knowing the recovery steps in advance means you won’t freeze if something goes wrong.

Time Investment

This module takes about 30 minutes to complete:

  • Lesson 4.1: Email Scenarios (10 min)
  • Lesson 4.2: Text and Phone Scenarios (10 min)
  • Lesson 4.3: What To Do If You Clicked (8 min)
  • Module 4 Quiz (5 min)