Spoofy is meant for use in class with younger school aged children and in kindergartens. The game develops different competencies laid out in the national curriculum. The main elements of the game are sensing the sangers and asking for help. The game is downloadable to phones and tablets, or playable here on this website.

This page has lesson plans and more important topics. All this information and an overview of the worlds is also included in the downloadable instruction manual.

Spoofy is a cybersecurity game with the goal to teach children about cybersecurity threats, behaving online and other issues related to smart devices. The game presents different scenarios, the player can collect cyberpets and do other fun things. The player can play five different worlds and move between the spaceship and each of the worlds. Each world has its own individual assignments: solving cyber problems or collecting items.

Themes in the game

Friend requests

People get many friend requests, children are no different. Therefore it is important that they can critically evaluate, which are good requests to accept. Adding the wrong people can give them additional information and access. Therefore, it is important to stress that they should know the person in real life or at least in a game or similar. If the photo and name are familiar but the profile seems strange, they should also be careful and ask for additional information because there are many fake accounts going around. When they meet an internet friend in real life, they should always consult an adult first, especially if the “friend” asks them not to.

Scams on the internet

There are many free things, ads and good offers on the web. Many of them are scams.

  1. Free things often come with viruses or other malware. If it should not be free (like a movie, for example) and someone else is charging for it, the free one is suspicious.
  2. „Share this and you might win“ is usually a scam. Even if you get the reward right away, the sharing is still not a good idea.
  3. If something seems like too good to be true, it usually is.

Passwords and multifactor authentication

All devices and accounts should be password protected. You have to remember three things:

  1. All passwords must be unique, each account has to have a different password;
  2. Passwords must be long and complicated
    1. At least 12 characters
    2. Letters, numbers and other symbols
    3. Don’t use easily recognisable things like your name, name of a family member etc.
  3. Do not share your passwords with anyone, maybe only your parents.
  4. One way to protect one’s account is using multifactor authentication. This means that you need something else in addition to a password. For example, a message is sent to your phone, or you need something physical (such as your ID card or Smart ID) or something biological (like your fingerprint). With this additional layer, it is much more difficult to hack into your account.


Hacking is any misuse of computer to get access to someone’s computer or system. Hackers can have ethical goals but often they are malicious. Hacking usually requires computer skills and knowledge but there are also those who purchase readymade assets on the internet and use them for their goals. Hacking is usually illegal so hackers are often greeted by police at their doors, and hackers are considered criminals.

Scams on the internet

The number-one internet threat right now is scams. This often means phishing emails and messages or the spreading of false information. It is important to be vigilant at any age and to keep in mind the main rules of cyber hygiene.

  1. Always be careful when selecting a WiFi network, downloading apps or reacting to messages.
  2. Fake messages can come via email or SMS, through instant messengers or even as phone calls.
  3. It is important to always double-check the information through a different channel before reacting.
  4. Some common signs of scams are:
    1. a surprising sender;
    2. the phone number or address is different from the sender’s usual one;
    3. being prompted to react quickly;
    4. vagueness in details.
  5. Never send money based on just one email or message.
  6. Children should always discuss any suspicious messages with their parents, especially when money or data are involved.

The instructions include all the necessary information, all in one place

Useful materials