How to talk to your kids about malware
Children’s impulsiveness, easy distraction make them especially vulnerable; inform them of risks, set boundaries
By Adam Levin, Special to ThirdCertainty
Picture this: The car is full. You’re navigating by the side mirrors while doing a mental inventory of everything you packed and wondering if you’re going to make it to the realtor’s office in time to pick up the keys for your vacation rental. You have absolutely no idea what the kids are doing in the back seat.
Now forget the massive distraction of that summer road trip and consider the bigger picture. It doesn’t matter how old or worldly they are, or how ridiculously up in their business you are. You can’t know what your kids are doing every second of the day. And just like a good cops and robbers game, better surveillance only creates better criminals—which means all the more careful your child will need to be when your eyes aren’t directly on them.
While most of us have learned over the past few years to ignore the lures and snares of malware propagation—whether they come via app, Facebook post, email or text—no one is perfect, and kids may not understand the big picture well enough to avoid the hazards without some guidance.
The big picture is simple: There are criminals out there—more than you can imagine—whose day job it is to get enough of your personally identifiable information to steal goods and services in your name or crawl into your bank account and drain it; in other words, to commit identity-related fraud.
Your first job is to get this across to the children in your life: Criminals can use their information—personal details like birthdays, addresses, family names—to steal things—and those criminals do this by tricking kids into providing that information.
Yes, you really need to have that talk
Remember the toddler years when things went missing—car keys, credit cards, stock certificates, crown jewels—only to resurface during a weekend excavation of their play space or in the back of a sock drawer? Teens and tweens aren’t much better. They lose house keys and car keys, too; they forget where they parked the car, smartphones disappear, and so on and so forth.
The bottom line here is that kids are strangers to two key concepts that help put a layer of protection between you and online scams aimed at separating you from your personally identifiable information.
While it’s true that focus and impulse control aren’t exactly something adults just magically acquire with age, when it comes to younger people, it’s an oxymoron. This is something that needs to be discussed, notwithstanding all the eye-rolls and sighs. That lack of impulse control is what makes phishing and other malware scams work.
Phishing attacks succeed or fail depending on a number of factors, but the main one is the target’s distraction level. Kids are not always the most mindful among us. This makes them targets for phishing scams.
Forget the helicopter routine
The very best advice I can give you here is to set strong “Do Not Cross” lines for them from the very start. Use examples of things that have gone missing, or days that have been horrible because of distraction, to start the conversation.
Tell them that real-life risk includes digital things, especially with regard to their personally identifying information. Have a basic rule: If you are asked for personal information, check with a parent. Explain some common tactics used by phishing scams. For example, popular websites and services require updating, authorization or validating an account. It’s a real thing, but scam artists use it to get personal information. All such requests should raise their level of concern.
Set a basic rule here: Only adults can provide payment information, or troubleshoot an account that has asked for information.
Tell them to watch out for websites that are almost right: If you follow a link that was sent via email or text or that was posted on a social network and something looks a little wrong, leave that site immediately.
Phishing scams often create sites that look like the real thing, but there are little differences here and there. That said, sometimes the only way to detect the fraud is by looking at the URL. The many scam sites will spell it a little differently, but just barely so.
Today’s kids know more than their parents about a dumbfounding array of topics that would make the most hardened politician blush. But unfortunately they may be even more vulnerable to phishing attacks, and it’s your job to keep them out of the shark tank.
Full disclosure: IDT911 sponsors ThirdCertainty. This story originated as an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.