Category: Online Safety for Kids

Teaching, Not Precluding, the Web

Teaching, Not Precluding, the Web

There can be so many risks associated with the online world, from the threat of identity theft to the potential for exposure to inappropriate content to the danger of child exploitation, that parents may be tempted to try to shield their child from the digital domain entirely. But not only is that impossible, it’s also unwise.

The reality is that the digital revolution is here. Now, more than ever, our lives revolve around the web. For many of us, cyberspace is where we work, learn, get our entertainment, and connect with the people we love. And if you want to prepare your child to thrive not just for today but for the increasingly digitized world of tomorrow, then you can’t avoid the cyberworld. But what you can do is teach them how to navigate it skillfully, safely, and smartly.

Gaming Your Way to Good Internet Citizenship

One of the most challenging aspects of teaching your kids how to be safe online derives from the fact that the risks are not only constantly changing, but they can also be difficult to understand and identify. This is particularly true for younger children, who may not yet have a solid understanding of important safety and security issues, such as the need to safeguard your personal data or how to remain alert to stranger danger online.

Fortunately, parents have several great resources for helping their kids learn good internet citizenship while having fun at the same time. Games such as Internland engage children through a series of challenging puzzles and quests. These games require players to master important online safety skills to advance to higher levels of the game.

Best of all, gameplay gets kids to apply these techniques in a range of different scenarios, helping them to retain, recall, and effectively use these skills.

Another engaging and nonthreatening approach to learning internet safety through gameplay is the bCyberwise Monster Family app for Android and iOS. The app addresses myriad challenges that today’s connected kids, and their parents, face every day. Topics such as respectful online communication, savvy social media use, and even the importance of strong passwords are explored through mini adventure games that children and adults alike will love.

Turning Kids Into Content Creators

If you’re like many parents, long months of pandemic lockdowns have likely sent you scrambling for ways to keep the kids entertained and occupied while Mom and Dad attend to work and home responsibilities. But just because pandemic restrictions are beginning to ease does not mean that you can’t use the time you and your little ones spend at home to discover new ways to safely engage in the digital domain.

Kids today are true digital natives, having grown up with access to technologies that their parents could not have begun to imagine at the same age. And that means that children are often far more technologically skilled than their parents realize.

These skills can be harnessed to great effect regarding teaching web safety by encouraging your child to become not just a digital content consumer, but also a content creator. For instance, helping your child create their own videos and animations can be an ideal way for them to learn about the “behind the scenes” realities of their favorite digital channels, the hidden processes their favored producers use to create content.

And ultimately that’s going to increase your child’s digital literacy, better equipping them to differentiate fact from fiction when consuming online content and thus making it less likely that they will fall prey to deceptive or nefarious materials. After all, there is perhaps no better way to master a medium than by actively engaging with it, no better way to learn than by doing.

A Family Affair

One of the scariest things about allowing your children to engage the internet is how easily the virtual door to your home and child may be opened to predators and others with evil intent.  But it is possible to guard the gate to your little one while still giving them the freedom to take advantage of all the opportunities that the great World Wide Web provides.

In addition to educational gaming and digital content creation, children should also learn about internet safety through the policies that parents impose regarding technology use. The prioritization of internet safety at all times and in all contexts must inform every encounter with the child’s tech.

This must involve the effective use of firewalls and passwords, the rejection of suspicious apps and downloads, and the avoidance of insecure websites. Above all, this should include an approach to internet technology that sees every device and all the content on it not as private, but as the province of both the child and their parents.

For example, children should learn to expect that parents will monitor all of their online activity, including not only the use of online trackers and monitors but also regular inspections of the child’s devices. Children should expect parents to enter the room and look over their shoulder when online, to demand to see their smartphones and tablets without warning and to keep a current list of all the child’s online accounts and passwords.

If such an approach to the online world is integrated into the internet safety learning process from the beginning, then kids are less likely to see it as restrictive or punitive. Rather, parents can help children understand that family transparency when it comes to the internet is simply an aspect, perhaps the most important aspect, of online safety.

The Takeaway

Given the risks that too often accompany the online world, parents may be tempted to ban their children from the internet entirely. But that may well do more harm than good. Rather than precluding children from the web, however, parents can teach kids about safe web search alternatives and how to use the internet safely, skillfully, and smartly.

Share This Article

Guide to Protecting Children Against a Session Hijacking Attack

Protecting Children Against a Session Hijacking Attack

With just about every child using the internet these days, combined with the steady stream of new technological advancements coming out every year, the challenge of controlling what your kids do online is not going to get any easier.  Staying on top of online safety for kids is top concern for every parent, but not all take the time to stay informed.

Whether by using mobile devices, watching YouTube videos, taking online classes, texting or chatting on a webcam with friends or family, online gaming or browsing through social media platforms, there are growing number of ways your child is connecting interacting to the internet.   The graph below shows how kids used the internet last year.

types of kids internet usage
Just when you think you’re up to date on the latest security threats, something new comes along.  Often, issues come to light that are not new but no one seems to be focusing on them, such as preventing a session hijacking attack.  Safe Search Kids has your back, so let’s dive in.

Ultimate Guide on Session Hijacking Attack

There are significant benefits your kids will get by allowing them to stay online. The internet gives them exposure to the outside world. Your child will get to learn a lot through the internet.

However, it is also important to note that, while it is recommended that you allow your kids to use the internet, you should limit them and protect them against threats. Just like adults, kids are susceptible to several internet threats.

Session hijacking attacks are common these days, and they are one of the major attacks that your kids are vulnerable to. Most parents are faced with a heavy huddle trying to protect their kids against such an attack. If you are such a parent, worry no more.  This guide is an excellent read that will show you how to protect your children against a session hijacking attack.

Know What a Session Hijacking Is

I bet your child probably doesn’t know what a session hijacking is. They don’t even know if it exists. It happens when an attacker takes over your internet session. For instance, assume your child is using a smartphone to browse through the internet.  They have a favorite educational platform where they can read through various educational articles and undertake several activities. A lot will happen between the time you log in and when you log out.

For instance, hackers can obtain or generate your child’s session ID while the session is in progress.  The attacker will use the session ID to take over your child’s session, steal their sensitive data, distort their progress on educational websites, perform malicious money transfers, among many other evils.

To properly shield your kids against a session hijacking attack, you need to establish the root cause of the problem.  In essence, you must know the types of session-hijacking techniques that hackers could use to target your kids.

Session Hijacking Techniques

Session hijackers usually have a few techniques of choice to undertake a session hijack. They can choose to work with them individually or combine all of them. Here are some of the session-hijacking methods that attackers could use.

1.     Cross-Site Scripting

A malicious attacker can use cross-site scripting (XSS) to trick your child’s device into executing a malicious code masquerading as a genuine code. The XSS attacker will allow the session hijacker to have a copy of the cookie they need to perform a malicious action.

2.     Brute Force Attack

A hacker can hijack your child’s session by literally guessing a session key. Websites or applications that use a predictable or sequential pattern in their session keys are vulnerable to brute force attacks.

Brute force attack was the most dominant session hijacking technique in the past. However, applications and websites are now using randomly generated and complex session keys that offer considerable resistance against brute force attacks.

3.     Session Fixation

Session hijackers can sometimes craft a disguised session to trick your child into authenticating to a malicious server.

For instance, social engineering attacks such as phishing could effectively persuade your kids to click on a link or download an attachment that takes them to an unknown session cookie.

The session hijacker can then use the known session ID to hijack your child’s session.

4.     Session Side Jacking

Session side jacking is where an attacker uses a packet sniffer to steal a session cookie.

Typically, websites use SSL certificates to encrypt data on their pages. However, some websites do not use site-wide authentication, leaving their data vulnerable to interceptions by malicious intruders.

The moment the intruders lay their hands-on session cookies, they can hijack your child’s sessions to conduct malicious operations. For instance, an intruder can target children connected to an unsecured Wi-Fi to read through data.

5.     Malware Injection

Some malware is specifically designed to steal cookies. For instance, when your child is tricked into clicking on a malicious link or downloading an unsolicited file, the malware will scan through the network and traffic to collect session cookies which they can use to hijack your child’s session.

Ways to Stop Session Hijacking Attacks

Any effort to protect your kids against these threats will also help shield them against session hijackers.

Do you wish to know how to prevent session hijacking? The following are some of the measures you can take to protect your kids against session hijacking attacks.

1.     Do Not Allow Them to Use Public Wi-Fi

In session hijacking, unsecured public Wi-Fi could be the culprit that gives hijackers a direct ticket into your kid’s session.

It would be best if you never let your child use public Wi-Fi. There might be a cybercriminal nearby using packet sniffing to try and steal session cookies and compromise the data and online accounts.

2.     Ensure they use a Virtual Private Network

Using a Virtual Private Network will help your kids stay safe and keep hackers outside sessions if installed on the device being used.  A VPN will mask your child’s IP address and keep their browsing activities private.  VPN’s creates a secure tunnel through which all online activities will have to travel. It works by encrypting all data, thereby keeping it safe from hackers

3.     Provide Them with an Anti-Malware Software

Children usually act without contemplating the consequences of their actions. For example, when a hacker sends them a malicious link, they will rush to download the link without giving it a second thought.

The best way to stop malware attacks is to buy them anti-malware software. You should also know some of the tips that will protect them against malware attacks.

4.     Countercheck on the Security of Their Website and Web Application

Parents must be vigilant to continually counter check their kids security posture.

It is also important to educate them on some of the various internet scams they are vulnerable to and how to safeguard themselves against such scams.

Session hijackers might be targeting your child.  It’s a scary thought but with the proper knowledge and tools you can make every online experience a safe and positive one for your kids, as well as yourself.  Spread the word and share this article with friends and family.  Session hijacking is a major security threat than many parents are not aware of.

Share This Article

How Your Child’s Data Is More Important Than You Think

Girl on Phone on Social Media

Last year, millions of students, parents, and teachers were forced to make the difficult transition to online learning. The abruptness of this transition meant that most of the attention was placed on creating a system that was functional and far too little effort was allocated to cybersecurity.

The danger here is that this oversite combined with the drastic increase in remote learning puts millions of children at risk from privacy concerns that even parents and teachers may not even know exist.

Old Privacy Concerns

The harrowing truth is that these privacy concerns are not new. In fact, the FBI has warned the pre-university students face a number of cybersecurity risks that include the exposure of their personal identifiers, biometric data, school information, location, browser history, IP addresses, and many other data that should be closely guarded.

What Exactly Can a Criminal Do with This Data?

While your child’s data may not seem like a valuable resource, there’s so much a criminal can do with your child’s data. The most prevalent use of a child’s stolen data is in the creation of a synthetic identity, which is a “unique” identity created by piecing together bits of data from a collection of different individuals. These identities are then paired with an unused Social Security number.

How Does This Harm My Child?

As absurd as it may sound, there are limited measures that can prevent a fraudster from applying for credit through an underage Social Security number. Once a fraudster has access to a credit line, they can begin to undermine your finances right from under your nose by building credit, gaining account access, and by amassing heart-rending debts over time.

The primary purpose of using children’s data for this type of fraud is that parents don’t generally check their child’s credit reports or teach their kids about identify theft prevention.

The worst part is that this security compromise can go unnoticed until the child (now a young adult) tries to apply for a student loan, a credit line, or a car loan. Criminals can wreak havoc on your finances in a matter of minutes. Imagine what they can do with several years.

Can I Protect My Child?

Fortunately, this threat can be averted by establishing good internet security habits at home. Many of these habits, such as the use of strict privacy app settings, enabling two-factor authentication, and the use of antivirus software, are general safety practices that every citizen ought to know by now. Other measures function as an additional security layer for when you use your device as a conduit of data, as is the case in remote learning and in remote working setups. Parents aren’t hopelessly vulnerable to these attacks, but even a single security lapse can cost you dearly.

This Threat Will Only Worsen in The Near Future

Even when this problem seems as bad as it already is, the threat to data privacy will only become worse with the advent of data-focused technologies such as artificial intelligence and the internet of things.

Artificial intelligence will require a lot of raw data before it can function the way it was intended to – which is to be able to assimilate new information to alter its processes on its own. This can easily become an excuse to collect data from users, especially from those who choose to opt into the services that are provided by these programs.

The introduction of the internet of things into the consumer market will mean that there will be a sudden and drastic increase in the devices that will be able to collect data from their users, which will make it much more difficult to control the flow of data, especially when children are involved. We cannot yet implement security measures for a problem that has not arisen, but the one thing that’s sure to happen is that things will only become more complicated, which is why it’s important to establish good data security habits as early as now.

Remember, even when your child’s data may not seem like much, it can be used to devastating effect by criminals. Your child’s data is more important than you might think; be sure you guard it accordingly.

Share This Article

Important Safety Tips while Using Public WiFi

Safety Tips while using Public WiFi

You do not have very go far these days to access free public Wi-Fi. It is available in airports, libraries, cafes, hotels and government buildings. This is helpful but it is important for both adults and kids to make sure they do not trade safety and security for convenience. Just because the public building you are in is reputable, does not mean the Wi-Fi connection is secure.

When using your smart phone or computer in a public hotspot, you need to be careful to ensure the Wi-Fi network is encrypted. Otherwise, it opens you up to the risk of having your online accounts hacked. This could result in cyber thieves stealing your personal information.

Here are two basic safety tips to keep in mind to protect your information.  And then we will explore additional ways to stay safe while online in public.

1. Check if the Public Wi-Fi Network is Secure

As mentioned, we are not worried about the people who control the Wi-Fi network.  The risk is when others around us are in the business of hacking into the personal accounts using the network. safety-tips-that-both-adults-and-kids-need-to-know-while-using-public-wifi/ It could be the person sitting across from you in a coffee shop, or just outside on the street. 

If the public Wi-Fi network does not ask you to enter in a WPA or WPA2 password, the network is not secure. As you are probably thinking, this is most places.  The most common public Wi-Fi networks that require a password are internet providers with home you have an account.

2. Ensure the Websites You Visit Show https 

An example of this is https://youraccount.com or https://yourbank.com.  Secure websites will encrypt your information as you use the site.  Unsecured sites do not have the “s” in them, such as http:// (your information is not encrypted and kept safe if you don’t see the “s”)

Unsecured websites will also show a padlock that is unlocked.  Here is an example of what a secured website looks like.  Notice how with website URL with https also has a closed lock.

secure encrypted website

Clicking the lock will reveal more information about the secure site.  Now you can be sure you are on a secured website.

On a mobile website, it will look like this.

secure encrypted mobile website

If you are using a site that is not secure and locked, you open yourself up to hackers that can access your personal accounts and steal your data.  This could mean your name, address, phone number, address book and photos.

Hackers need to see you on a public WiFi to be able to monitor your activity, so one sure fire way to to prevent this (regardless of being on an unsecured network) is to encrypt your data by using a VPN. It can be turned on when you wish, such as when you are in public or traveling.

Here are more ways to protect your personal information when using public Wi-Fi.

  • It is good idea to have different passwords for each of your online accounts. This way if a cyber thief gets a hold of your email and password on one of your accounts, they will be unable to log into other accounts using the same password.
  • Educate yourself on the various ways cyber attacks happen even when you are in the safety of your own home network, such as Phishing, Vishing and SMishing. Hacking through public WiFi is less common than these other methods used.
  • Do not email important information about yourself for any reason.  This includes credit card details, bank account information and your personal government ID number. You should never do this even if a network is secure, not even from home.
  • Use a mobile proxy to mask your IP address and when accessing accounts in public, whether it is your own computer or a PC in a library, always log out when finished.
  • Take advantage of 2 step verification methods being offered within your personal accounts.  This will add further security because 2 step verification means you cannot log in until you enter a secret code that is sent to you by text or via the Google Authenticator App.

Proper Online Activity When Using Public Wi-Fi 

If you are in doubt about the security using any public Wi-Fi network or website, it is best to restrict your activity online to general use, such as searching Google while you are not logged into your Google account.

Do not log into any personal accounts and if you find it necessary to do so, disconnect from Wi-Fi and use your personal cell data.  Even then, it is always important to ensure the websites on your account pages start with https in the URL.  Most major accounts websites are secure, but if you do not see https something may be wrong.

If you are in doubt about the security using any public Wi-Fi network or website, it’s best to restrict your activity online to general use, such as searching Google while you are not logged into your Google account.

Don’t log into any other personal accounts and if you find it necessary to do so, disconnect from Wi-Fi and use your personal cell data.  Even then, it’s always important to ensure the websites on your account pages start with https in the url.  Most major accounts websites are secure, but if you don’t see https something may be wrong.   

Beware of Evil Twin Attacks

What does this have to do with protecting yourself on publish Wi-Fi? Well, an Evil Twin Attack happens when a cybercriminal sets up a Wi-Fi network that mimics a legitimate one. The goal is to trick you into the log into the wrong network by mistake. 

Unsuspecting victims will think they have connected to the “safe dedicated network” associated with the public area they are visiting.  Scammers and then can steal your information or infect your devices.

Captive portal pages can also be used by hackers to funnel you to malicious websites or infect your device with malware. 

Red Flags to Look Out For

Seeing multiple networks with similar names should raise suspicion. Stay alert for security notices on your device. It will often let you know if you’re about to connect to an unsecured network.

These networks are dangerous because there are no built-in security protections to keep hackers out. Using your personal data or a friend Hot Spot is a safer alternative when you encounter unsecured public Wi-Fi networks. 

Additional Resources:

Share This Article