According to the Department of Homeland Security, kids between the ages of 8 and 18 kids spend an average of 7 hours and 38 minutes each day online. But the sheer amount of time spent online is only one of the many issues revolving around digital exposure. Most parents are painfully aware of how nefarious navigating the internet can be: from cyberbullying to inappropriate content, to damaged self-esteem. And children are also especially vulnerable to burgeoning cyber security issues, where hackers and scammers can gather sensitive information putting both you and your child at risk for identity theft, wire fraud, and other crimes.
As your children become more independent with their online presence, it’s important to provide them with a strong foundation to understand the importance of safeguarding themselves and their information. Here are three important lessons every parent should impart to their child to help ensure their online safety.
#1: Don’t Overshare
We already know to teach our children to be careful about what they post—you never know where an image or comment will end up or who will see it. Oversharing on the internet is one of the biggest mistakes that people of all ages—but especially young adults—can make.
It’s equally important for your children not to share personal information, even if they don’t think it will be public. Certain information can be not only used to locate the child or login to accounts, but can also help hackers verify the accounts they are trying to break into. This information includes:
- First and last names
- Address and phone numbers
- Passwords and passcodes
- Social Security numbers
- Names of schools, places of employment (parent or child), and any other locations that anyone in the family frequents (church, rec center, hangout location, etc).
Lastly, remind your child not to share their phone itself, except in the case of an emergency. Another person—even a trusted friend—could inadvertently allow a third party to access sensitive information.
#2: Be Skeptical of Outside Calls, Emails, and Texts
Your child may know not to share passwords or sensitive information with others, but they may not be aware of the lengths hackers and phishers will go to obtain that data, disguising themselves as legitimate businesses and institutions. Teach your children this important rule of thumb: Trusted institutions will never contact you first and then ask for your personal information.
The FTC gives the following tips on how to avoid scams:
- Don’t wire money, send cash, or use gift cards or cryptocurrency to pay someone who says they’re with the government.
- Don’t give your financial or other personal information to someone who calls, texts, or emails and says they’re with the government.
- Don’t trust your caller ID.
- Don’t click on links in unexpected emails or text messages.
This last tip is an important one to keep in mind—actively giving away information isn’t the only way hackers and phishers can get it. Simply clicking on a link can infect your device with malware, which can track your keystrokes and obtain sensitive information. The amount of spam sent each day is astronomical; according to Forbes.com, “some 320 billion spam emails are sent every day, and 94% of malware is delivered via this medium.” Using reputable email providers like Gmail with built in spam-controls can stop a significant number of these emails, but it’s also necessary to be aware of common phishing techniques, like the ones listed on this FTC guide, for email, text, and private messages.
#3: Use Strong Passwords
Even if your child doesn’t give away their information or click on a phishing link, if their password is weak, it could still leave them vulnerable. Passwords containing personal information are especially in danger of being hacked, so avoid items like birthdays, names or initials, or other details that can be easily guessed by others. However, it’s not just individual hackers out there, guessing one password at a time. For instance, a significant portion of the 134 million customers whose personal information was leaked in the 2017 Equifax hack came from an artificial intelligence program scanning LinkedIn profiles. Any basic combinations of words and letters that contain personal information can be guessed by these programs.
Creating longer or more complex passwords—with upper and lowercase letters, numbers and symbols—can help. Choosing to use a passphrase (a sentence or phrase instead of one word) adds complexity while making it easier to remember. Savvy Cyber Kids also recommends using an authenticator app like those created by Google or Microsoft. These apps use a two-step or two-factor verification system to insure the person logging in is using an authorized device. And using a password manager, like these recommended by C Net, that can generate and store complex passwords, adds an additional layer of protection. For more information on how to create strong passwords, check out this handy primer from Harvard Information Security.
Lastly, don’t forget the security of the device itself. If the screen is easy to unlock or uses no locking function at all, anyone who finds or steals your child’s phone can easily access their personal information. Encourage your child to use fingerprint verification or face ID, with a complex passcode as backup. Remember, you can set more than one fingerprint to unlock a phone—your child’s and your own!
Ultimately, your child’s safety is your responsibility and for your children to have the most secure cyber experience, it’s crucial for you to remain active in and aware of their digital usage and presence. But imparting these simple lessons to your children, early and often, will ensure that they can keep themselves and their assets safe for years to come.