| Malware

Identifying common social engineering attacks to kids

| 01 Dec 2022

Psychological manipulation is a key characteristic of social engineering attacks like these, so identifying them is key. With less experience in the digital world, children are much more vulnerable to these cyberattacks. Let’s break down these scams to help you protect against them.

Though there are many new security threats to be aware of today, we mustn't neglect the prevalence of two of the most pervasive: phishing and ransomware. Psychological manipulation is a key characteristic of social engineering attacks like these, so identifying them is critical. Children with less experience in the digital world are much more vulnerable to cyberattacks. Let’s break down these scams to help you protect against them.

What is phishing, and how does it work?

Phishing is an attack where cybercriminals masquerading as trusted entities send fraudulent emails, texts, or social media messages - ‘fishing’ for information. Why is this technique so popular, you ask? Attackers can reach millions of people both directly and instantly.

Typical of these techniques, hackers prey on their subject’s goodwill, coercing them into performing specific actions like divulging sensitive information. Messages are designed to create a sense of urgency and demand immediate action, giving their targets less time to consider their response. Phishing attempts can also install malware and obstruct systems. 

Receive an unexpected and urgent request? Think twice before you act.

What is ransomware, and how does it work? 

Ransomware is a type of malicious software (malware) that, once installed, encrypts files or blocks access to a system - effectively holding it hostage - until a sum of money is paid (hence its name). Usually, ransomware is spread through email attachments or by downloading infected files. The hacker will likely threaten to share the target’s data or permanently block access unless the ransom is paid - but remember, there is no guarantee of its return. 

Inevitably, ransomware can be devastating, so it is essential to be aware of the risks and take necessary precautions. Always back up your important files, and don’t open attachments or links from unknown sources. It can be tough to remove if you are infected with ransomware. The best thing to do is not to pay the ransom and seek professional help.

How are children targeted in social engineering attacks? 

It’s no secret that cybercriminals target the vulnerable and use various techniques to do so. Malicious links are often used to exploit a child’s curiosity and naivety, and the attack query begins with a simple click. 

Children are not always conscious of the risks associated with downloading files from unknown sources, and hackers are very much aware that parents are increasingly sharing devices with their children (especially on the back of the pandemic). This dynamic creates ample opportunity also to target professionals through their kids.

Social media versus social engineering

Today, the younger generation increasingly turns to social media for entertainment (something propelled by the pandemic) with the internet at their fingertips -  a trend that cybercriminals monitor closely. It is inevitably rendering them at greater risk of falling victim to countless scams associated with social media (as well as other dangers, like cyberbullying and predators). 

TikTok is the most downloaded app, with over 1.2 billion daily users. The hub for entertainment videos continues to break records and expand its audience, presenting a field day for scammers. Like TikTok, Instagram, and Snapchat’s minimum age is also thirteen - which many argue is too young. 

We recommend you make use of any site’s built-in security features and encourage open dialogue about the use of these apps.

What can you do to protect children from phishing and ransomware? 

Here are some quickfire tips to share: 

• Don’t open unknown attachments or links in suspicious emails

• If you get an unexpected message requiring urgent action, think twice before submitting

• Look out for grammatical and spelling errors and generic or impersonal greetings

• Keep your social media accounts set to private

• Don't store user credentials like passwords in your browser

• Back up your data (!)

• Install reliable security software and keep operating systems updated

• Use multi-factor authentication to protect your accounts

Final thoughts

Phishing and ransomware are serious threats that can affect anyone. Knowing what they are and how to avoid them is essential for us all to be better protected. In this blog, we’ve outlined the basics of phishing and ransomware - what they are, how they work, and tips on how to avoid falling victim to them. 

We hope this information is helpful for parents, teachers, and children alike. Please share with your friends and family to inform everyone about these dangers. And as always, if you have any questions or need more help staying safe online, don’t hesitate to reach out.

To learn more about keeping kids safe online, visit Digital Matters - a free online interactive learning platform supporting schools as they teach the online safety curriculum and media literacy. It provides interactive lessons and dynamic storytelling on various topics- empowering teachers and parents to engage young people.

ESET Parental Control for Android ESET Parental Control for Android

Make the internet safer for your children

With ESET Parental Control for Android