Security 101 12-04-2014

Your Children Could Open You to Attack

DigiCert

According to a poll from earlier this year, 75% of households with children and teens have smartphones and more than 50% have tablets. According to a different study, 93% of teens have computer or access to one.

With easy, constant access and so much to entertain them—social media, videos and movies, free online games—it’s no wonder that kids and teens spending at least an hour and a half a day on the Internet.

Children Can Be Victims of Cyberattacks

As adults we are aware of the threats lurking on the Internet. We know not to become friends with strangers on social media or click ads for free giveaways. And though children seem to come pre-programmed with an aptitude for all things technology, they still lack experience and knowledge. They may not realize the potential dangers when a stranger wants to friend them on Facebook or maybe they just really want that free iPad. Regardless of the reason, children do not come pre-programmed with Internet safety in mind.

Criminals are aware of this, which is why there are many cyberattacks specifically targeting kids. Parents need to be aware of the potential risk for their child, as well as the potential risk for their own information.

Social Media and Social Engineering

The more information a cybercriminal has, the greater their chances are of successfully scamming someone. Social media platforms such as Twitter, Facebook, Google+, and Instagram offer criminals the fodder they need for their attacks to work. Youths are easier targets than adults because they don’t know how or neglect to safeguard their information. A 2013 study showed how much information teens hand out on social media:

  • 50% of teens state their real age
  • 41% include the city where they live
  • 45% include their school name and location
  • 14% post their cell phone number
  • 9% give their exact location

Combine those startling stats with frequent posts and status updates, and criminals have more than enough to pull off a successful crime. Below are just a couple scenarios to illustrate this point.

Scenario A:

Thirteen-year-old Jared and his family are going on a family vacation to Yellowstone National Park. He is very excited and has been posting on Facebook all the awesome things they’re going to see and do. He makes sure not to advertise when they’re leaving and when they’ll be back, but he does post that they’ll be gone during his birthday.

Bob, our criminal, sees Jared’s vacation as an opportunity. He discovers that Jared’s birthday is July 7th by looking at Jared’s Facebook profile. Now that Bob knows when Jared's family will be gone, all he has to do is go to the house, break in, and take what he wants.

Scenario B:

Sixteen-year-old Jennifer loves to shop online at Forever21. She likes to look fashionable and can’t help but share pictures of herself in new outfits with everyone on Instagram and Facebook.

Again, our criminal Bob does a little research and writes an email to Jennifer that looks and sounds like Forever21. It states that an unknown charge was made on her account and instructs her to download a summary of her charges. She clicks the download, infecting her parent’s computer with a keylogger virus that collects her and her parent's information for the next six months. This information includes credit card numbers, email addresses, mailing addresses of her family and friends, and even social security numbers.

Takeaway

Both scenarios are examples of social engineering. In both, the criminal gathered the information he needed by browsing the victims’ online profiles.

In the second scenario, Bob uses a phishing email to get Jennifer’s information. Phishing emails are emails that appear to come from an entity the victim trusts. Social engineers go to great lengths to make these emails look real by obtaining company logos and sound real by using professional proofreaders. Phishing emails can be hard to spot for adults because of their seeming authenticity, but they are especially hard for inexperienced youth to spot.

Mobile Malware

Mobile devices are another avenue for cyber threats, especially for young children. Children are very interested in technology, and tablets and smart phones can come in handy when parents need to keep children busy. Since last year, the threat of mobile malware has increased by 167% according to a June 2014 report. Many children enjoy streaming videos, online games, and other media, and most of them may be quick to click on an update that stands in the way of their entertainment.

One Trojan virus, reported in the same study, comes “disguised as an update for Adobe Flash Player or another legitimate utility app, and is hidden from the home screen after installation.” Once the update with the Trojan is installed, it checks whether the user has a digital wallet service, checks the balance of the account, and then transfers the funds to the attacker’s account, all without the knowledge of the victim.

Free Online and Mobile Games

When asked about what their children do online, 53% of adults said their children play online games. We’ve all played free online games where you can only make it to level thirty, but with a small fee you can upgrade and play through to seventy more levels. Children may be tempted by cheap upgrade fees, and on mobile devices may even be able to purchase these upgrades without their parents knowing. However, some of those upgrades may be another avenue attackers take to exploit your device.

Just like phishing emails, attackers go to extremes to make advertisements for free games or free upgrades to existing games. As with mobile malware once children click on these malvertisements, software is installed that could steal information or compromise your device.

How Can Parents Mitigate These Cyber Threats?

Although these cyber threats can have dire consequences, they are easy to avoid. The best way that parents can protect their children, and themselves, is through education. Below are some tips parents can keep in mind:

  • First and foremost, clear communication throughout the entire education process is key. Talk to your children about online dangers.
  • Privacy Settings. Make sure to teach your children the importance of privacy settings on Facebook and other social media platforms. Show them how to enable the settings and sit down with them to do it.
  • Updates and installations. Teach your child to come and get you before installing or upgrading any program on a computer or mobile device.
  • Use the computer together. Have your child show you their favorite sites, games, or social media platforms. Kindly, without condescension, point out possible phishing scams or other threats.
  • Standard user account. It is a good idea to withhold admin rights from your children to limit what they are able to do and help lessen the damage if their account were ever compromised.
  • Out in the open. Keep the family computer in a high-traffic area of the house (a living room, family room, etc), this way you can occasionally check in on what your child is doing.

Using these tips will not prepare your child for every cyber threat they will encounter, but they can help children become more careful. Educating them will not only safeguard your sensitive information but it will also help them stay safe online.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-27-2024

6 actionable ways to secure the IIoT at every stage

Tracking the progress toward post-quantum cryptography

The state of PQC since the publication of FIPS 203, 204 and 205