The internet can be a great place for kids to learn and connect - but it can also be a very dangerous one, as most of us are well aware. But, if we’re being honest, the danger seems nebulous. Being aware that there are risks while not knowing what the dangers look like isn’t enough to help keep our families safe. Our cyber safety for teens program will teach you how to help keep your family safe online.
We get it. As the online entertainment world continues to rapidly grow, it becomes difficult to try and keep up, especially if we’re not as into streaming movies and games as our kids are.
Generally speaking, online risks related to video and games include inappropriate content, cyberbullying, online predators and malware to name a few. To make it even more challenging for us as guardians, it is very easy for kids to casually happen upon these dangers as they go about their seemingly harmless online activities.
Kids today are constantly talking about online games and watching YouTubers to gain tricks and tips. Today’s online games typically require players to earn power ups as a way to increase their chances of completing missions. Other games offer for-purchase tokens to upgrades on armor, uniforms or tech to enhance the player’s capabilities. Your kids may also look for cheat codes that give their characters stronger health or power to help them conquer the more difficult tasks in the game.
Scammers heavily rely on your kid’s desire for these enhancements. All they need to do is trick (aka social engineer) little Johnny into downloading what he thinks is a legit power-up, token, or cheat code, so they can infect Johnny’s device with malware. And unfortunately convincing kids of this is not really that hard as kids are naturally very trusting.
If your kid falls for a scam, what happens is that instead of downloading an enhancement, she is actually downloading malicious code onto her device(s). Once this malware gets on your kid’s device - or the family device - criminals can spy on private messages, take remote control of the device, gain access to your family passwords and even break into your online bank accounts or credit card portals.
Pirated movies and games are not what they once were when a hard copy on those shiny silver CDs were made. In today’s digital world of streaming entertainment, pirated goods come with a whole host of risks and even danger, beyond just being an illegal act.
With just a click of a button, they can trigger an explicit pop up or dubious code that aims to steal user passwords, get access to household accounts (think smart TV, Alexa, home controls) and ultimately, credit cards and bank accounts.
If this sounds familiar to the previous scenario with game cheats and illicit tokens, well, basically it is, just a different approach with the same end goals.
Which begs the question: who’s to say your kids even know that the game or movie they are downloading is even the one they actually intended? If someone is willing to target children with pornographic content, it’s safe to say that they have questionable morals. So what would stop them from switching out your kid’s Battlefield game with a porno, instead?
In the world of online gaming, there are also the consequences of actually playing the pirated games. Gaming companies, such as Xbox and PlayStation, have been cracking down on this. Case in point is the infamous Microsoft ban of nearly 1 million Xbox Live users several years ago where accounts found to be using pirated versions were booted out.
Speaking of streaming content, it isn’t only movies or games. Streaming live events as well, such as the Super Bowl, are also prime targets for scammers to go to work.
You can be anyone online. Which is exactly why on any given day, there are approximately half a
Predators excel at social engineering through the use of fake profile pictures, similar interests, compliments, gifts and even your kid’s desire for more friends or followers to secure trust. Once a relationship is formed, online predators typically steer the conversation towards sex by pressuring your kids to send them explicit pictures or videos of themselves. In other cases, they may simply ask to meet in real life, which blows open the door to sex trafficking.
But not all predators are adults. Nowadays, teenagers are being used by sex traffickers to create romantic relationships with your kids in an effort to eventually lure them away.
Take Lisa for an example. Her 13-year-old daughter was kidnapped by a ‘friend’ she met on Snapchat who cultivated the relationship romantically. The young girl thought she was simply sneaking away on a weekend adventure with her supposed 17-year-old boyfriend. What she didn’t realize was that this was only a ploy to get her alone and hours away from home to be sex trafficked. While this story has a happy ending, not every kid is as lucky.
(Watch the full interview with Lisa here)
Oversharing is the norm in today’s digital world so it’s not surprising that kids do not understand social boundaries. They may post personal information online that should not be public. This can be anything from photos of ridiculous behavior goofing off with friends in an unguarded moment to their favorite shows to their birthday, home address and astrological sign.
The majority of what your kids post is public, even with a private account and strict privacy settings. Unfortunately, nothing is truly private on the internet, so if you can see it, the reality is it can be found. There’s no “delete” button on the internet. Once your kid hits share, it stays online forever.
This can be particularly hard for teenagers to grasp. What they may deem as an “in the moment” party picture or Snapchat message can cause problems ten years down the road when they interview for a job or apply to graduate school, as was the case for Mimi Groves. The simple fact is that their style, attitudes and how they want to present themselves online will change as they get older.
And this constant sharing of information is exactly what scammers and anyone with a grudge are banking on. Think of scammers, in particular, as private investigators that are incessantly looking for a way to hack you. The more information out there about your kids and family, the more ways they have to break into your accounts or your children’s lives.
Another horrifying trend among kids and teens is sexting - sending nude images of themselves via text message or video. Sadly, some think this is the norm; and predators groom children to eventually do so and then blackmails the student when they may resist continuing the relationship.
It’s important we speak with our children and teens for them to know that first off, it is illegal even if done consensually as anyone who sends, shares, or receives pornographic material with or without a face is subject to criminal charges. Not to mention the psychological harm and humiliation that can result if ‘leaked’ out by peers and again once it’s out on the internet it doesn’t ever really disappear.
Downloading apps and going through the install process is a finger-tapping ordeal that we just want to breeze through which translates as quickly approving permission requests just to get to the app itself.
However, scammers, being the opportunists they are, understand this behavior and optimize on it. The reality is that many apps request permissions that are not necessary for the functionality of the program. Some capitalize on the extra permissions to gain insights into their audience for marketing purposes but others take it further for more dubious purposes.
Whenever you grant an app permission on your kid’s smart devices, it’s important to consider what it’s giving access to - is it personal information, such as contacts, call history, texts and photos?
By consenting, apps can use this access to do whatever they want for better or worse. Worse includes eavesdropping on conversations, sending spam messages, reading, modifying and adding contacts to an address book, and even obtaining their phone number and location at any given moment through tracking IP addresses and cellular network.
Camera access is one of the most commonly requested permissions. While these apps don’t want to surveil you, they do want the data that comes when your kid uploads a photo onto Instagram or scans a QR code when they’re at a restaurant.
Since their phone is connected to the internet and has built-in GPS and movement sensors, this allows apps to know exactly where you are and when you're moving so they can tweak their services and recommendations.
See full video playlist of Control Settings here
The key is to be intentional (and teach your kids, too!) about why you’re installing an app and what is its intended purpose. If you’re using a map for directions but the app requests location tracking and camera permission, the first makes sense and is appropriate, however, the camera permission is less so and may not be necessary to grant.
Most phones have a setting where you can check the permissions in use by various apps and you should be able to update those settings. If an app won’t allow you to control the settings, consider finding an alternative app that is reliable and less intrusive.
This brings us to another point to consider: don’t be quick to allow your kids to use Facebook or other social media accounts to login to apps and services either. While it’s obviously faster to connect with Facebook, enabling third-party apps spreads their personal information to even more companies and data brokers.
It’s also a security risk. If they use the same login and password across multiple platforms and their information shows up in a data breach (which is more common than you think) scammers now have access to all that personal information on every single app or website it’s connected to. Even more, when they let an app access, say contacts, they’re giving away other people’s private information as well.
Protecting ourselves has a ripple effect that also protects those digitally connected to us.
We teach our kids about real-life stranger danger but often forget that this also applies to the internet. Even with parental controls and privacy settings, predators can still get access to your child and your kid can still access anonymous chat rooms filled with strangers. Despite all the warnings, your kids may not recognize that the person they’re chatting with has bad intentions, especially given most predators are experts at social engineering and grooming.
So if your kid receives an online friend request from someone they know in real life, the simplest way to make sure that online friend is indeed their real-life friend is to ask them in person. Chances are their real-life friend is their online friend but it never hurts to ask, helping your child to develop the habit and mindset.
Since you can never be 100% sure who you are talking to online, encourage your kids to not accept friend requests from people they do not know in real life. However, being in a vastly connected society as kids grow this rule can modify as they mature. As a teenager, modification may look like allowing your teen to connect with other players online if they do a video chat first to meet each other and verify it is indeed another teen.
This is vital as online friends have access to photo albums, friend circles, personal comments and generally knowing what your kid and family are up to. More importantly, it could be a predator using a fake account or posing as the person in an attempt to lure your kid into a bad situation or relationship.
Not to mention, children’s identities are also desirable to criminals as they don’t have a bank account or financial history. Criminal hackers can then use them to issue new credit cards, checks and more.
It’s totally common for your kids to share clothes and secrets with their friends, but they may be sharing something else, too - their passwords. Password sharing has become a symbol of trust between friends and a sign of #relationshipgoals between significant others.
When they do this, though, they are opening a can of nasty worms. Their friends may not be as security-conscious and ea
Not to mention the friend's computer/device may be infested with malware. The minute they plug your kid’s password into the browser, the malware steals their information and then the above unfolds.
Sharing passwords also can lead to compromising multiple accounts especially if your kids use the same login and password across those accounts (see below). Scammers know this is a habit for most people, especially kids, and take advantage of it.
And if all of this isn't motivation enough, money might be. Once they hand off their password to a friend, your kid can’t guarantee they know what that friend will do with it. They can easily authorize services on an app that you will end up having to pay for.
We get it. Any one individual has multiple online accounts and trying to create a unique password for each one seems like such a pain. One report states that for just social media sites alone, the average person on social media interacts with an average of 6.6 platforms. Not to mention trying to help your kid keep up with which password goes with what account.
You’re not alone if you fall into the category of users who use either the same password across accounts or some simple variation of one for each.
The critical issue with reusing passwords (or even simple variations) across different accounts is that you essentially have created ‘one ring to rule them all’. Once that ring is lost, it’ll feel like the fires of Mordor have erupted across Middle Earth when the ring falls into the wrong hands.
Password reuse across multiple accounts also gives scammers (or any cyber criminal) easy access to your kid’s entire digital life.
If a scammer gains information for one of their accounts, they will absolutely try to access their other accounts, which typically works. In mere minutes, they can take over all their accounts and lock them out.
So how does this happen? While data breaches are the most common, scammers also use sophisticated methods such as phishing and advanced password cracking. But it’s also your kid’s behavior, too. Logging into accounts on public WiFi or sharing passwords with friends can also lead to breaches.
In order to prevent this, it’s important that your kid does not reuse passwords. Even if they have a strong and complex password complete with 23 completely random characters, their risk instantly increases if they then use that across multiple accounts.
Instead, they should ensure they are long, complex and unique as well as stored in a password manager for safe keeping.
The beauty of password managers is that they don’t have access to the master password. Even if a scammer was to hack the password manager company, they would only see the encrypted data. Password managers are also supported by multi-factor authentication (more about that below), so if they somehow retrieve your kid’s master password, they would still need the second factor to unlock the manager.
Multi-factor authentication, or MFA, uses at least two factors - such as password, personal information, facial recognition and one-time codes - to verify your identity and authorize access to your accounts and devices. It is also known as 2FA (two-factor authentication).
In a phishing attack targeting kids, scammers lean into the platforms they know youth frequent - social media direct messaging, gaming chat rooms and text messages. Tactics are similar to previously mentioned attacks - they pretend to be someone your kid would normally trust, such as a friend or gaming company - and send a malicious link (typically with a catchy headline) that looks like it came from a trusted source.
The main purpose is to fool your kids into taking an action that benefits the scammer. A perfect example of this is the class of 7th graders who all had their Instagram accounts hacked from an “ugly list.”
In this real life story, the scammers sent a link with the title “did you see you’re on the ugly list?” from a friend's account. When the kid clicked on the link, it prompted them to log into their Instagram account. Within seconds after they did, the scammer changed their password and locked the kid out of their account.
The scammer then steals your kid’s credentials, logs into the real account or website, changes the password, enables MFA themselves, and ultimately steals their identity.
Having MFA enabled makes an extra hoop for scammers to jump through and frankly for the regular ‘grab-and-go’ opportunists, it’s too much work for the quick return they look to get. While MFA isn’t ‘hack-proof’ (nothing is), it definitely gives an upgrade to your account security. If you need help getting started with MFA, check out our quick cheat sheet.
Privacy settings are another way to safeguard your kids from online predators, scammers and explicit content. They are a way for you to have control over what your kids are allowed to view, do and interact. It also controls what information the companies are able to share and not share related to your personal data. This is why it is absolutely vital to set privacy settings on all your kid’s social media accounts, gaming consoles, mobile phones, smart devices and browsers.
Having an open and honest conversation with your kids about their privacy settings will also help them understand the dangers and may decrease the likelihood of them turning the settings off. For more details see this privacy setting checklist here.
While privacy settings- even the strictest of ones - are the “gatekeepers,” you still need to exercise caution and keep privacy top of mind.
Just as keeping an open communication with your child is critical for body safety and physical safety, so too, is it one of the best defenses (and offenses) for online safety.
Creating an atmosphere that is an open exchange and fosters a sense of learning and support can be one of the best ways to give your child the skills needed to navigate the online world as safely as possible.
Finding opportunities to show your child a scam text received and reviewing it together can raise cyber security awareness and strengthen their ability to identify on their own as well.
Also, it may be helpful to set clear boundaries and expectations for how devices will be used in the home. Some families create a 'Family Tech Agreement' to spell out so everyone has a reference point when needed. Of course, it will look different for each family and will change as kids mature but it can provide solid guidance for everyone to be on the same page.
If you need help creating one, Wizer has created a few Family Tech Agreement templates to get you started.
Download a PDF version of the 10 internet safety rules to discuss with your kids
Monitoring Tools & Parental Controls
Kids & Teens Cyber Security Dos and Don’ts
Get Your Kids Talking About Online Safety
Family Tech Agreement Template
Guide to Setting Up MFA for Your Accounts
Personal Safety Video Shorts for Families