Protecting yourself — and using powerful tools with judgment and integrity
Digital technology has never been more capable — or more dangerous to the unprepared. The same internet that gives a ninth-grade student in Birmingham-Bessemer access to global financial markets, world-class research, and professional AI tools is also the channel through which scammers steal savings, attackers harvest identities, and misinformation reshapes decisions. Power and risk travel together.
Unit 2.4 addresses both sides of that equation. The first three topics cover defense: understanding and recognizing the threats most likely to affect AOBF students and their families. The last three cover judgment: understanding what AI tools can and cannot do, and how to use them in ways that strengthen your work rather than undermine your integrity.
This is not a unit about being afraid of technology. It is a unit about using technology deliberately — with your eyes open to both its power and its limitations.
Scams and social engineering attacks disproportionately target communities with lower average household wealth — including elderly residents, recent immigrants, and families that are underbanked or unfamiliar with digital financial systems. In Birmingham-Bessemer, financial fraud is not an abstract internet problem — it is a community wealth problem. An AOBF student who understands phishing, identity theft, and financial scams does not just protect themselves — they become a resource for the people around them. That knowledge compounds in a community the same way capital does.
Most digital security breaches are not caused by sophisticated technical exploits. They are caused by people being deceived into giving attackers what they need. Phishing, scams, and social engineering are all variations of the same strategy: convince the target to take an action — click a link, provide a password, transfer money, reveal personal information — that serves the attacker.
Understanding these attacks is the first and most effective layer of defense.
Anatomy of a phishing email — annotated:
Dear Valued Customer, (⚠ No name = mass-sent)
We have detected suspicious activity on your Regions Bank account. (⚠ Vague threat) Your account will be permanently suspended within 24 hours unless you (⚠ Artificial deadline) verify your identity immediately.
Click here to verify your account → (⚠ Link goes to fake site)
Regions Bank Security Team
The universal rule: no legitimate financial institution, government agency, or technology company will ever ask for your password, PIN, or full Social Security Number via email, text, or phone. If you receive such a request — regardless of how official it looks — do not respond. Call the institution directly using a phone number from their official website, not from the message.
The password is the front door to every account. A weak password is an unlocked front door. Password reuse is the same key in every lock. Most account compromises are not hacking — they are walking through unlocked doors.
Length: Minimum 12 characters. Length matters more than complexity — a 16-character passphrase is harder to crack than an 8-character "complex" password.
Unpredictability: No dictionary words, names, birthdays, or predictable substitutions (p@ssw0rd is not secure — attackers know this trick).
Uniqueness: A different password for every account. If one account is compromised, no other account is at risk.
Passphrase method: Four random words strung together — purple-lamp-banana-thunder — is both strong and memorable.
Password manager: Software that generates and stores strong unique passwords for every account. You remember one master password; the manager handles the rest. Professional standard for anyone with more than a few accounts.
The internet has made more information available to more people than at any point in human history. It has also made more misinformation available to more people than at any point in human history. The ability to tell the difference — quickly, reliably, and consistently — is one of the most valuable skills a professional can have in 2026 and beyond.
S — Stop. Before sharing, pause. Ask: do I actually know this is true?
I — Investigate the source. Who wrote this? What is their expertise and motivation? Search the author and publication.
F — Find better coverage. Is this claim reported by multiple credible, independent sources? A single source for a major claim is a red flag.
T — Trace claims back to originals. Find the actual study, document, or statement being referenced. Articles often misrepresent or oversimplify original sources.
SIFT takes 60–90 seconds. It is the professional standard for information verification.
Financial misinformation is particularly dangerous. Investment "tips," cryptocurrency "opportunities," and "guaranteed return" schemes circulate on social media and messaging apps constantly — and they target communities where people are building wealth for the first time. An AOBF student who can evaluate a financial claim using SIFT protects their own future and the people around them.
Every app you download, every website you visit, every search you run generates data about you. That data is stored, analyzed, sold, and used in ways most users never see. Understanding what data is collected, by whom, and for what purpose is not paranoia — it is basic digital literacy in an economy where personal data is a commodity.
Technology companies collect behavioral, financial, and location data from communities across Birmingham-Bessemer — and profit from it. That data describes community patterns, needs, and vulnerabilities, but the community sees none of that economic value. Data literacy is a form of community power: understanding what is being collected, how it is being used, and what rights exist to limit or access that data is part of the broader economic advocacy work the AOBF Academy prepares students for. The same analytical skills that help a student protect their personal data help a community advocate challenge extractive data practices.
Artificial intelligence tools — AI writing assistants, image generators, coding helpers, research tools — are now part of the standard professional toolkit. An AOBF student entering the workforce in 2028 or 2029 will be expected to use these tools competently. Understanding what they can do, what they cannot do, and where they fail silently is essential professional knowledge.
| AI tools are strong at | AI tools are weak at |
|---|---|
| Drafting, editing, and summarizing text | Verifying facts — always verify independently |
| Explaining complex concepts in plain language | Knowing what happened after their training cutoff |
| Brainstorming and generating options | Calculations involving very large or precise numbers |
| Writing and explaining code | Knowing your specific context without being told it |
| Translating and adapting writing for different audiences | Producing reliable citations — always verify sources |
| Organizing and structuring information | Replacing professional judgment in consequential decisions |
The verification rule: any factual claim, statistic, citation, or data point produced by an AI tool must be independently verified before it is used in any professional or academic context. AI tools are research accelerators, not research replacements. Confidence of tone is not evidence of accuracy.
AI tools raise new questions about integrity, authorship, and judgment that every student and professional must navigate. These are not simple questions — and they do not have identical answers across every context. A business professional who uses AI to draft a first version of a proposal is working efficiently. A student who submits AI-generated text as their own original work is misrepresenting their abilities. Context, disclosure, and judgment determine whether AI use is professional or problematic.
Acceptable: Using an AI tool to get a first draft, generate ideas, explain a concept, check grammar, or research background on a topic — as long as you read it critically, verify facts, revise for your own voice, and the assignment does not explicitly prohibit it.
Not acceptable: Submitting AI-generated text as your original work on any assignment that asks for your own analysis, argument, or expression — including essays, career reflections, business plans, and portfolio work.
When in doubt, ask. Asking your teacher whether AI assistance is appropriate for an assignment is not a violation. It is professional communication.
AI tools give AOBF students access to a capabilities layer that was previously available only to people with expensive professional services — legal research, financial analysis, writing assistance, coding support. A student in Birmingham-Bessemer with strong AI literacy has access to tools that would have cost thousands of dollars per hour a decade ago. The competitive advantage is real. The obligation is to use these tools well — to build genuine skills alongside them, verify what they produce, and represent work honestly. AI fluency without integrity is fragile. AI fluency with integrity compounds.
Select a scenario on the left, then the matching threat type on the right.
Answer five questions about your current security practices. This tool calculates a security score across three categories — account protection, threat awareness, and information integrity — and identifies your highest-priority improvement.
Answer the questions on the left to see your security assessment.