Hey PUG! - Identity Theft
Finn thinks his password is strong enough to keep his mom’s valuable data from online theft. PUG and Miki are not so sure.
This Cybersecurity Awareness Month: Do Your Part. #BeCyberSmart
Cybersecurity Awareness Month continues, and this week’s theme is “Fight the Phish.” Ah yes, the cybersecurity world’s favorite nemesis—the ubiquitous, highly effective phishing attack. According to the FBI Internet Crime Report 2020, phishing claimed the most victims of all U.S. cybercrimes this past year.
Unfortunately, some of those victims were kids. So let’s talk about some strategies that parents can use to help their kids avoid falling victim to the next phishing scam.
What is phishing, again?
Phishing is a pernicious representative of the “social engineering” category of cyberattacks. Here’s a quick definition of phishing from our peers at Phishing.org:
“Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.”
One of the more common examples of phishing is an email that perfectly mimics an email from the bank, but directs users to malicious URLs in an attempt to separate people from their personal information.
How to talk to your kids about phishing
As our friends at the National Cybersecurity Alliance suggest, it’s important to build an attitude of wariness in children using the internet. Kids need to understand that every single email, text, direct message, phone call and chat could be a phishing attempt. More importantly, they need to understand that they themselves are the gatekeepers against these attacks.
Easier said than done, of course. Phishing has evolved, and its perpetrators are adept at duping even the most vigilant adults, let alone children.
We’ve all heard the “think before you click” mantra, and it’s a good one. Another approach for parents is to instill a “come to me first before you click it or open it” mindset in children. That should go for any unexpected message coming from an unrecognized stranger, or even someone you know.
Tips for Spotting a Phishing Attack
If we’re going to entrust our children with screen time and the “gatekeeper” responsibilities that go with it, we need to show them how to spot phishing attempts. Here, “show” is the operative word, since simply explaining phishing attacks (and their consequences) only goes so far.
In its educational Stay Safe From Phishing video, for example, Google uses a “bandit” character to get the point across:
You can also show kids all the different places these bandits go to catch “phish,” perhaps by building and printing out a graphical “places we don’t click stuff from strangers” list. This list can include the apps and interfaces your kids use most, for example:
● Text messages
● Facebook, Instagram, TikTok and Twitter messages
● Online games
Similarly, you can create a “STOP, DON’T CLICK” list to go over with your kids. This is an opportunity to reinforce some of the warning signs that a message might be a phishing attempt, such as:
● It doesn’t address you by your name
● There are typos or the formatting is weird
● The message includes attachments
● You don’t recognize the sender
● The content makes you scared or uncomfortable
● It asks for your information
● It includes weird looking links
Finally, you can always show your kids an example of a phishing attempt when you yourself receive one. It’s bound to happen, and a real-world example can illustrate the danger of phishing a lot more effectively than any mantra can.
For more information on Cybersecurity Awareness Month, please visit: https://www.eset.com/us/cybersecurity-awareness-month/
