Online safety and privacy (explained to children)Author: Bernard Sfez -
Father of 2 teenagers with their own smartphones, I am concerned about privacy issues and their online safety. Between this hyper-connectivity and the constant implementation of new technologies without any hindsight on an often "involuntary" public, it is essential to prepare and protect our children for the revolutions to come and to give them the tools and the necessary education. For example, children (and adults) need to understand that the information they share online can be used for malicious purposes, such as harassment or impersonating. It is therefore important that they learn to protect their privacy by not sharing personal information such as their full name, address or telephone number.
Explanations of these things are all complicated and boring and I had to use a simple language and make it fun or at least pleasant. While teaching them how to safely enjoy the internet and providing them with a good security posture against malicious attacks, I saw adults walking by, stopping, listening and asking questions too. Motivated by my satisfaction in helping others, I decided to organize myself a little and prepare a publishable version of my "dad's wisdom meeting" 😉. This is the first post, let's see where the wind will take us...
You can read this article as is or view it in presentation mode.
How to protect your information online, the passwords
To catch their attention I showed them, in the form of a game, how to reveal a password on a web page through the simple tools of the browser. A good show-off trick that they were going to share with their friends. 😀 Stimulating their curiosity, I explained to them and made them understand the risks associated with passwords.
Passwords are often view like a padlock and are a way to protect their online accounts. One should use "strong" passwords, which are difficult to guess, and they should not share them with strangers or friends. In addition to giving his password, it also helps to understand how an individual chooses his passwords, which would then make it easier to find other passwords created by the same person. It is also important to change them regularly and not to reuse them. If a password is compromised it will be for only one account. Regularly changing your passwords, in addition to strengthening security, ensures that the tools and access recovery means are working properly if necessary.
Internet dangers and privacy risks
They then asked me: "What does it matter if someone has access to our accounts? What I publish is public, so it doesn't change anything..."
Before going into the logical explanation, I realized that it would miss meaning without context. Had to reframe a bit...
The use of the Internet and social networks involves dangers and knowing them helps you understand why you need to protect yourself. We can cite:
- Cyberbullying, you may find yourself victim of online harassment, such as receiving insults or threats. A subject that teachers talk to them about (too regularly obviously 😞).
- Identity theft or fraud, with access to one of your accounts a thief can pretend to be you and ask to change your passwords, lock your accounts or write in your name to your friends.
- Loss of privacy, you may be exposed to the collection of personal data, photos or videos that may be made public and used for malicious purposes.
- Inappropriate content, you may be exposed to horrible images, violent, sexual or hateful content online or inappropriate behavior.
- Manipulation and fake news, malicious individuals or organizations seeking to deceive you or steal money from you by accessing your personal information or that of your family members. Influencing your thinking on such and such a subject, or even worse making you do something you wouldn't normally do.
Social Media Addiction
Finally, although it spoke less to them, I mentioned that there seems to be a form of addiction and attention disorders due to excessive use of the Internet which can affect the academic and professional performance of young children. Many studies on social networks speak of depression, anxiety and low self-esteem, caused by constant comparison with others.
Cyberbullying and teenagers
On the point of online harassment they had a lot to say following the various courses and discussions at school and college.
This harassment occurs online can take many forms, such as insults, threats, rumors, teasing, embarrassing photos or videos, or being kicked out of an online group. It's hard to fight and deal with because it can happen at any time, and it's often harder to know who and when it starts or to prove harassment. You have to be attentive, stop toxic discussions in time, help people in distress and if necessary, warn an adult (teacher or parent). It can go a long way and there have been cases of suicide... 🥺
How to fight online harassment?
I did not need to say much and in conclusion, it remains important children are aware of the risks of cyberbullying and encourage them to use the Internet and social networks in a responsible way, while giving them options to protect themselves. After all, it is always possible to "unplug". It is also important to inform them of the reporting options available to help them cope.
Notify an adult (parent or teacher) but if necessary, in addition to the police or gendarmerie services, there are emergency help lines. They are different depending on the country and you must give them the information it is not always clear to who to turn to in case of emergency as not all country created an official hotline. While Police services should have dedicated resources to help kids like 911 in the North American continent some other countries provide specific hotline desk. You need to check in your area and pass the information to your children.
Digital bullying affects young people first and foremost
To conclude, some statistics and research found on Google (a search engine that tracks our online actions 🙄) which shows that this is a growing problem in many countries. According to the research of the European Union ("Flash Eurobarometer on cyberbullying" survey in 2020) and that of the American organization Cyberbullying Research Center as well as studies have also been carried out in different countries of the world, such as Australia, Canada , the United Kingdom:
- About 1 in 3 teens (29%) said they had been bullied online.
- Teenage girls are more at risk of cyberbullying than teenage boys (34% vs. 24%)
- Social media is the place where cyberbullying is most common (42%)
- Teenagers who have been cyberbullied are more likely to suffer from mental disorders such as depression and anxiety.
While these figures may vary between studies and countries, and the results of these may vary in terms of methodology and results, they all provide a general view of the extent and trends of cyberbullying around the world.
Identity theft and phishing
Showing them a fake SMS message sent by a supposed delivery company to my phone, I started talking about the risks of phishing and encourage them to be suspicious of emails and messages that ask for personal information or Passwords. In a few minutes, I created a page with the logo of a company and a form asking for personal information and a credit card number.
Phishing websites try to look like like a real companies and here's how it's possible to trick a user into willingly giving up sensitive information, such as passwords, credit card numbers and account information. Scammers also use emails, whats'app or other messages application, links and websites that look like those of real companies to deceive users. Phishing emails may appear to come from a legitimate company, such as a bank or credit card company, but why not your school or a so-called lottery. This can be direct or in a more subtle way with a chain of requests for information at first not very sensitive then, once a barrier of trust has been passed, they'll ask for more (give your name, telephone or a subscription number for verification). Sometimes also simple information can help to impersonate your identity, a hacker can reprogram a phone to display your number, he knows your name, knows that you have subscribed to a repair service with such a company, etc.
How to protect yourself from phishing?
To protect against phishing, it's important to never click on links in suspicious emails or instant messages, and never "give" sensitive information on websites for no reason especially if something look broken, incorrect or with wrong spelling. It's also important to maintain up-to-date security software and regularly monitor bank account and credit card activity. There are also viruses or robots that can install themselves on a naive friend's computer and send messages on their behalf (identity theft) asking to click on a link. As a general rule, even if a message comes from a known person, we do not click on a link sent without it being expected and with a reason.
Why does everyone want our personal data?
''From there it was rather them who guided the discussion by asking questions.''
Personal data is valuable to businesses and online criminals because it can be used for commercial or malicious purposes.
Companies like Google, Facebook and Youtube use personal data to target advertisements and special offers to people who have similar interests. Personal data may also be used to improve products and services by understanding consumer needs and preferences. They then offer content that an algorithm has determined and this can give a distorted image of reality.
Online criminals, on the other hand, will use personal data to commit fraud, scams and identity theft. Personal information such as social security numbers, credit card numbers, and passwords can be used to access bank accounts and other online accounts. This cybercrime is an illegal activity that aims to take advantage of the weaknesses of the Internet or the laws of a country (it takes longer to make laws than new technologies) to commit criminal acts which also include theft of money , spreading malware, online fraud and racketeering. Cybercriminals can operate from anywhere in the world, and they can be difficult to identify and prosecute.
How much money is at stake?
To understand the strength of online crime you have to talk about value (in money). The biggest companies that make money on the Internet that you know of:
- Amazon generated more than $386 billion in revenue in 2020.
- Google generated more than $182 billion in revenue in 2020.
- Facebook generated more than $86 billion in revenue in 2020.
- Alibaba/Alieexpress generated over $71 billion in revenue in 2020.
That's a lot, a lot of money!
To give an example, this represents a little more than the GDP (gross domestic product, the sum of the added values of all companies in a country) of a country like Switzerland or Taiwan!
For cybercrime, according to a report by the Cybersecurity Ventures organization, economic losses from cyberattacks could reach $6 trillion by 2021!!!! In reality it is very difficult to give a precise figure for the financial losses caused by cybercrime, as it depends on many factors such as the scale and nature of the criminal activities, data recovery costs, lost productivity, damage to information systems, loss of customers and revenue, etc. Furthermore, the cost of cyberattacks to businesses is not only related to direct financial losses, but also to damage to reputation and customer trust. Companies that experience cyberattacks may also have difficulty recovering from the incident and regaining their previous level of performance. But it's huge and some States shamelessly engage in this practice to acquire information or make money with real "hacker" farms!
On Cyberterrorist States (apart)
The French groups Thales and Israeli Verint published on Monday a global directory in 2019 of the most threatening hacker groups, in which state or parastatal groups particularly stand out.
Of the 66 high-level attacker groups featured in this Who's Who of Cybercrime, 49% are considered state-originated or state-supported. These groups generally act for the purposes of cyber espionage, political destabilization, or sabotage. In the rest of the groups, 26% are "hacktivists", activists motivated by community, religious and political ideologies. 20% are cybercriminals, motivated by greed, 5% cyberterrorism attacks.
Among the most dangerous groups in terms of the sophistication of their tools, Russian groups dominate (4 in the top 10), followed by Chinese groups (3 out of 10). Discretion of American groups
Conversely, the American groups remain extremely discreet, and very little information has been collected. In the top 10 groups in the ranking, there is also a Vietnamese group, an Iranian group… and a French group, called Animal Farm or ATK 08, whose report suggests that it is undoubtedly linked to the French state.
What about misinformation?
A different subject and related at the same time... Another danger is disinformation, which is the intentional or unintentional dissemination of false information to mislead people and influence them in their opinion or behavior. And there is propaganda, among other things, the use of repetitive and manipulative messages to knowingly influence people's opinions and beliefs.
This affects people's credulity, unfortunately, some people are more vulnerable than others depending on their age, their education, their culture, their level of self-confidence. The dangers are to find yourself manipulated by people who seek to impose their ideas, to exploit others or simply to steal from others.
To fight misinformation or know how to stop manipulation in time, you have to develop your critical sense and seek to understand things before taking a position. When someone gives information and uses it as an argument, it is important to verify or ask for the sources of it and to verify them. It is important to develop strategies to protect yourself against online manipulation... You have to train your brain!
We used someone's online tools to reverse-search images re-used to create false information by viewing Hoaxbuster, Tineye and Google image. Playful and fun party to ventilate the brains a little. 😉
Now that you understand a little better, here are some simple rules to protect yourself and your privacy on the Internet:
- Use a strong and unique password for each online account. Avoid using personal information, such as your name or date of birth, in your passwords.
- Use a secure connection (http__s__://) when opening an account or buying online. (on the url bar should be displayed a lock or a shield)
- Be careful when clicking on links or downloading files from the Internet. Do not click on dubious links or attachments that come from unknown or suspicious sources.
- Use security software to protect your computer from viruses, spyware and malware (and make sure it's up to date).
- Use privacy settings on social networks and other online sites to control who can see your personal information.
- Be aware of the nature of the information you (re)share on social networks.
- Use a password management solution (family subscription) to generate and store strong and unique passwords for each online account.
Online security is not a static thing, so it is important to stay informed about the latest cybersecurity trends and threats to best protect your privacy on the Internet. Open and regular communication with children to discuss their use of the Internet, and to help them understand the risks and potential dangers will help them to regularly use the means you put in place to protect themselves.
Here are some tips for discussing these topics with children (I would have learned something too 😉):
- Use simple, understandable language for children. It is important that they understand the risks and are able to manage them.
- Use concrete examples and give them a mouse for which shows you their good understanding. Use stories or real-life examples to illustrate risks and dangers.
- Encourage them to ask questions. Children often have questions about risks and dangers, it is important to listen to them and answer them clearly and precisely.
- Be a role model. Children often lead by example, so it's important to show them how to use the Internet responsibly and safely.
- Give them regular reminder shots, for example when your antivirus is up to date, remember to ask them to check theirs.
- If you can, use parental control and internet connection limitation tools and offer "outdoor" alternatives to avoid overuse and confinement.
In conclusion, remember that it is important to discuss these topics with children on a regular basis to ensure that they contain the risks and that they know how to protect themselves. It is also important to monitor their internet and social media usage to ensure that they are taking appropriate security measures.
That's it for this first part of this series... to be continued.