Can your child recognize suspicious online behaviour?

Before we start: How to perform the following activities

Present each situation to your child and let them explain how they would react in each circumstance. Strive to create a welcoming environment where they don´t feel embarrassed or negatively judged when unsure of their answers. Each model situation is followed by the ideal response. Use the test to enhance your children’s attentiveness to online risks and work on their cyber-awareness as a team.

1. In an online game, you receive a message from a person you´ve never met before. They claim that they are just looking for new friends. How would you react?

The proper reaction will differ for little children and young teenagers.

When children receive such a message, they should always alert their parents, who can then investigate the situation and see whether it requires further action on their part such as blocking or reporting the profile. It is recommended that children dismiss similar messages and only communicate with people they know personally.

For young teens, it is common to meet new friends online, for example on social media or through video games. However, whenever they get a message from an unknown user, however, they should be cautious and remember the warning signs they ought to watch out for.

Is this stranger…

- acting almost insincerely kind and extremely insistent?

- messaging the child on multiple platforms several times a day?

- asking the child to keep their conversation a secret?

- trying to isolate the child from friends and parents?

- claiming themselves to be the only one who truly understands the child?

- often asking whether the child is alone, or whether the parents are nearby?

- demanding pictures or videos and manipulatively offering money or other goods in return?

- forcing the child into any uncomfortable conversations, which may even concern sexual topics?

If the answer to any of these questions is yes, children should immediately exit the situation and share the problem with someone they trust, if not a parent then ideally another adult. You can resolve the issue together, block the user, and, if needed, contact the relevant authorities. 

Find out more about grooming and learn to recognize online predatory behaviour

2. When you open your social media, you see a notification – you have been tagged in a post that claims you have won the newest iPhone! How would you react?

Similar posts are quite common on social media platforms, and they are commonly used to spread malicious websites or apps. When tagged in such a post, children should never click the attached link or interact with the message in any way. However, it is a good idea to make a screenshot.

If the post has been shared by someone they personally know, they can contact this person over the phone, through other social media, or in person and verify the authenticity of the message. Maybe they will help the user in whose name the post appeared to take action before the problem gets worse. The person may also want to manually delete the post and make other appropriate responses to protect themselves from future harm, such as scanning their computer for malicious software. 

Some children might not be able to delete the post themselves, but they still can report it to the platform moderators and wait for them to take action. It is also a good idea to delete the tags so that the post is no longer visible on their profile. This will help prevent the scam from spreading as rapidly. 

3. You receive an email from Instagram asking you to immediately click the attached link and update your login credentials – otherwise, your account will be deleted. How would you react?

Whenever a child receives a message urging them to respond immediately and threatening them with potentially serious consequences, they should first consult their parents about the situation before reacting or interacting with the message.

If your child alerts you to such a situation, check the contents of the message together – but don’t click on any of the provided links or attachments! Before taking any action, check for some of the common signs of phishing:

- Strong sense of urgency: Because phishing relies on the recipient’s hasty reaction, the message may urge the reader to respond within a short time window and threaten them with negative consequences if their reaction is not immediate.

- Bad grammar and spelling errors: It is common for phishing emails to contain grammatical as well as spelling errors since the writers are often from foreign countries.

- Requests for personal details: Whenever an email asks you to share any of your personal or sensitive data, you should keep your guard up.

- Discrepancies in URLs: If there is a link, don’t click on it, just move the mouse over the section, this allows you to see the hyperlinked address. Commonly, this address will differ slightly from that of the company being imitated.  Let’s look at an example: Facebook.blabla.com. You should check the last domain name right before the country domain (.com, .net). Facebook.blabla.com uses blabla as the domain name (or second-level domain). The correct login would be blabla.facebook.com.

If you determine that the email is probably a malicious phishing attempt, delete the message and consider getting a reliable security solution that can detect and protect you from phishing as well as other social engineering threats. 

Read more about social engineering attacks that target children.