When I was a teenager, my online world was limited to trawling Star Trek message boards and anime chat rooms, looking for people my age to talk about my very specific interests. My parents allowed me to roam freely on the internet, but I didn’t wander very far. I primarily used online tools for schoolwork and most of my chat messages were from school friends. My parents did a minimal job of monitoring my activity online. I remember my dad warning me not to accept file transfers from strangers, but beyond that—I was free to explore to my heart’s content.
Today’s online landscape is much different from the world of the early 2000s. Along with the abundance of porn and predators in online social spaces, there’s also plenty of other harmful activity lurking just below the surface, in the form of criminal schemes specifically aimed at children. Teaching kids how to safely navigate the internet goes beyond installing invasive parental control software on their devices to block porn sites. Crafty criminals can get around parental control parameters by using social engineering to lure kids into their traps.
Online Risks for Kids
According to a recent FBI Internet Crime Center report, crimes against children increased by 144% in 2020. Furthermore, from 2015 to 2020, the FBI got close to 10,000 reports concerning online crimes targeting children, totaling more than $2 million in financial losses. In a separate report from cybersecurity company Surfshark, the company found 6 out of 10 children between the ages of 8 and 12 encounter cyber risks online. That same report shows that educating children about the impact of cyber threats is an effective way to mitigate some of the dangers.
Social Engineering Threats
I recently chatted with Povilas Junas, a research manager at Surfshark (we’ve reviewed the company’s VPN software, Surfshark VPN) about some of the specific risks children face and the role of cybersecurity education in creating a safer world for everyone online. Junas told me that teaching kids to spot social engineering schemes is important. “Kids can be a bit more naive and more susceptible to pressure,” he said. “Let’s say you presented yourself as a police officer online. You may be able to trick a kid into giving up key information about themselves or their parents.”
In a similar vein to online dating scams, cybercriminals impersonate anyone they want online to get money or valuable personal information for the purposes of identity fraud, and kids, especially younger ones, may fall for the ruse. It’s imperative adults make it clear that not everyone is who they say they are online, and to warn children to enter all conversations with a healthy dose of skepticism.
Staying Safe In-Game and Beyond
The online gaming world is also rife with criminal schemes targeting children. Junas said, “There are in-game purchases. Kids are used to exchanging goods and services for money, but they may not be able to tell official vendors from black market sellers.”
If you trust your kid with your credit card, teach them how and when to use it online. Urge them to only buy games from licensed, official vendors and to avoid anyone asking them to pay for gaming goods or services via chat or social media sites. Scammers may use phishing links to lure kids into giving up information or money via in-game chat or SMS messages. Teach your child not to open links from strangers, and to verify unexpected links from friends via voice chat.
Make sure your children know to look closely at familiar web addresses. Fraudsters put up websites that look like major gaming retail sites or social media sites, but with subtle spelling differences. For example, if you are a BTS fan and you want to keep up with the band’s activities, you could go to Weverse.co. Until very recently, the more common .com version of that address redirected to an explicit sex cam site.
How to Talk to Kids About Online Safety
There are plenty of online resources that can help you talk to your kids about cybersecurity. The Center for Internet Security has links to various programs for children, caregivers, and educators. The US government’s Cybersecurity and Infrastructure Security Agency also has a number of guides and tips for parents and teachers who want to help kids protect themselves online.
Junas told me that, along with introducing kids to cybersecurity informational resources, it’s important to establish an open line of communication with kids regarding their online activity. He said, “It’s about building trust. Basically, kids need to trust the adults in their lives so they can come and share their doubts about tricky situations where they do not know how to behave or react.”
Junas went on to say there is no one-size-fits-all approach to parenting or educating kids about online safety. You must tailor your message to each individual child and remain cognizant of their needs. “When you start with six-year-olds, you can talk about basic things and apply a bit more control,” he said. “You have a computer in a common area so you can observe what is happening. As they get older, maybe you give them more freedom.”
An easy way to block explicit content online is to use parental control apps. If you are put off by the idea of paying to install third-party parental control software on your child’s computer or mobile device, Apple, Google, and Microsoft all have free parental control settings baked right into their platforms. That said, parental control software can only do so much to protect kids online. Making kids aware of phishing schemes, scammers, and social engineering techniques can save everyone a lot of trouble and money in the long run.
For more on kids and online safety, you can read our story, 10 Things Every Parent With a Connected Kid Needs to Know.
Recommended by Our Editors
Like what you’re reading? Get an extra story delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.
What Else Is Happening in the Security World This Week?
Hackers Are Timing Ransomware Attacks to Hit Farmers During Harvest Season. The FBI notes the attacks could impact the food supply chain.
Report: LAPSUS$ Hackers Breached T-Mobile in March. The company denies anything of value was compromised.
Pwn2Own Miami Hackers Make $400,000 Targeting Industrial Systems. Critical vulnerabilities for critical infrastructure.
Flaw in Audio Format Exposed Millions of Android Phones to Remote Hacking. Google rolled out patches for the flaws in a December security update, so Android users should make sure they’ve updated their mobile OSes.
Pentagon Impressed by Starlink’s Fast Signal-Jamming Workaround in Ukraine. An official with the US Office of the Secretary of Defense says he was impressed with how quickly SpaceX foiled a Russian jamming attempt on Starlink dishes in Ukraine last month.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.