This guest blog was written by an independent guest blogger. He is a high school freshman with some fresh perspective.
October and Halloween are both fun and scary, just like cyberspace. Cyber Security Awareness Month is an excellent time for grown-ups to discuss cyber safety with us. It takes an informed cyber village to help raise savvy cyber kids, and I believe introducing cyber literacy to kids of all ages is increasingly critical. Today, every household is filled with connected devices, and I hope this information will help with better digital decision-making by kids.
After eighteen months of virtual schooling, using various digital devices has become second nature. In addition, our virtual collaboration with others via these devices has also increased. Games are not the only way we interact with digital devices anymore.
I crave my digital privacy just as much as every other high schooler. However, I have learned it is vital to know how to stay private online. I recently learned that things like having a clean credit history make me an easy target for identity theft (identity theft occurs when someone uses another person's personal identifying information, like their name, identifying number, or credit card number, without their permission), and this knowledge made my Halloween trickier without any treats.
It's never too soon to establish cybersecurity ground rules. Kids can soak up basic cybersecurity skills as rapidly as they pick up new technologies; grown-ups owe it to them to make that possible.
Below are some easy ground rules for grown-ups to share about cyber "stranger danger" with their kids.
- An exception to the rule of Sharing is Caring:
It is easy to succumb to oversharing on the Internet, especially on social media. Be careful about divulging personal information such as your school names, team names, home addresses, and telephone numbers. Are these also answers to your secret question when you set passwords? Read more about that below.
- Be on guard for Phishing:
No, this is not what you do with your parents on a nice day by the lake. "Phishing" is a popular way tricksters get information about you by baiting you. Someone might send you an email offering you a free toy or game, and when you click on the link, they take you to a webpage that infects your computer with something nasty. Or it asks for information that lets them pretend to be you on the Internet.
Maybe they know you like dogs or kittens, so they send you a picture of a dog or kitten as an attachment, and they hide the nasty thing in the picture file, so when you open it, your computer gets infected. How confidently can you spot bait? Ever click on an unfamiliar link and instantly regret it? You're not alone, and it happens every day. Tricksters go "phishing" and bait us into revealing our personal information to steal our data, money, or identity.
- Don't be click happy:
When you unknowingly click on a link or visit a shady website, you open your door to let the trickster in, where they can either plant a harmful code that automatically steals your information or lock you out of your games unless you pay a million V bucks. Whether it is a link on your text message or a pop-up that lures you into clicking it, a social media link asking you for information to help enter a raffle or appeals to you as a sports fan, take a breath. Do you trust this link? Think about the 5 Ws: who, what, when, where, and why.
Be cautious. When something is too good to be true, it is usually not good! Trust your source.
- Don't default to the default:
Change the default password if you have a device you will connect to the Internet. A device is not just your phone or laptop; everything from your Internet router, gaming devices, TVs, and home thermostats, to Wi-Fi, is included.
What does a strong password look like? Use a phrase instead of a word. "Passphrases" are easy to remember but difficult to guess. If the field allows, use spaces as special characters for added strength, making the phrase easier to type. Longer is stronger. The best passwords are at least ten characters in length and include some capitalization and punctuation. Typing the passphrase becomes a habit (usually within a few days).
Some examples of a strong passphrase include a strategy of misspelling, a nursery rhyme, a movie quote, or song lyrics with a twist.
Merging of the real and digital world:
As teachers incorporate more online educational tools into their curricula and parents permit children to play with online apps, they should simultaneously teach students of all ages basic cybersecurity skills and encourage them to become cyber aware. Just as Drivers Education and Financial Literacy are essential elements taught at high school to help equip us as adults, being cyber intelligent, savvy, and safe is also a skill that should be part of the curriculum. Kids should be prepared to protect themselves from cyber threats, just like they look both ways before crossing the street or taking candy from strangers.
Here are some excellent resources for you to try
We the Digital Citizens | Common Sense Education
My favorite “Cheat codes”
☐ I avoid using the same password for different accounts
☐ I change my passwords regularly
☐ My passwords are at least ten characters long (and ideally longer)
☐ My passwords involve a mix of upper- and lower-case letters plus symbols and numbers
☐ My passwords avoid the obvious - such as using sequential numbers ("1234") or personal information that someone who knows me might guess, such as my date of birth or a pet's name
☐ I change the default passwords on my connected devices, including Wi-Fi routers, gaming consoles
☐ I avoid writing my passwords down or sharing them with others
☐ I avoid clicking on suspicious links or links I am not sure of
☐ I avoid opening emails that look suspicious as well as any attachment
☐ I don't respond to or click on pop-up windows on my phone or computer.
☐ I avoid downloading suspicious attachments from emails or text messages I am not expecting
☐ I don't click on ads that promise free money, prizes, or discounts
☐ I am wary of strange or unexpected messages, even from people I know
☐ I don't use personal usernames (gamertags) and avoid usernames and gamertags that can reveal their identity
☐ I don't answer personal questions when using a text or voice chat during a gaming session online
I hope this handy list of cheat codes helps strengthen your cyber defense. And remember, a click is all it takes to turn a cyber threat into a cyber-attack. And Happy Halloween! More treats, less threats!
