Previous posts in our back-to-school series have covered how to protect your child’s devices and explain the importance of cybersecurity in school. Today we talk about the core, and often unavoidable, apps used in modern education. This means electronic diaries and virtual classrooms, plus videoconferencing for distance learning. They are all insecure.
Electronic study-diaries and virtual classroom websites are used these days to help administer the educational process. Educators use them to share lesson schedules, homework assignments, and announcements. And parents can see their kids’ grades, or even chat with their teachers.
The main problem with such web applications is the substandard protection of personal data that’s provided. In 2020, the attorney general of the U.S. state of New Mexico even filed a lawsuit against Google Classroom, citing the company’s alleged practice of collecting personal data from children and using it for commercial purposes. And in 2022, the Dutch Ministry of Education introduced a number of restrictions on the use of Google services in schools for the exact same reason.
Unfortunately, in most cases parents have no control over what services schools decide to use. The story of Google Classroom is by no means the worst. Issues with the service have been openly discussed for a long time, and Google has been forced to take note and beef up its protection. But, as a father of three, I’ve had the (mis)fortune of seeing other electronic diaries in action, where the situation with personal data storage and transfer is nothing if not murky.
What can parents do about this? Asking the school for all details about privacy and personal data usage in all services you need is a good start. And teach your kid how to leave as little personal data as possible on such sites.
The covid lockdown was a big eye-opener for many kids: turns out you don’t need to go to school! Lessons suddenly became more fun but for the wrong reasons: my daughter chats with her teacher in one window — and watches a movie or plays a game in another (or on a different device).
Such distance “learning” only adds to the worries of parents. Even before covid, we had to monitor what our kids were downloading, since banking Trojans, spyware and ransomware are forever sneaking in under the guise of legal apps — even in Google Play and other official stores. But at least in school they were less exposed to such threats, because internet usage was not generally a part of in-class learning.
With the distance-learning revolution, however, there are now even more apps on our kids’ tablets for us parents to fret about, as well as unlimited internet use for “study” purposes.
And although the lockdowns are long over, many schools continue to practice distance learning for some classes. Meanwhile, Zoom, Teams, and other videoconferencing platforms remain vulnerable to attacks. The most obvious consequence of such attacks, as before, is personal data leakage. But it can get worse: if a malicious third party were to gain access to a virtual classroom, they might show some decidedly “non-kid-suitable” videos.
And even if parents are versed in the safe hosting of video chats, they are unlikely to be able to influence the school’s choice of tools. Here, too, you should ask the school for an explanation as to why an insecure program was chosen.
In addition, you need to teach your kids the basic safety rules of using such apps. In particular, your child should learn to turn off both the microphone and camera when not required, as well as to blur the background and disable screen-sharing by default. And of course, your child should never accept video chat invitations from strangers — or communicate with any if they do show up uninvited to a video conference.
And it goes without saying that all devices your child uses should be protected with a reliable security solution — one that guards against viruses and personal data leaks on computers and mobile devices, and keeps your kid’s privacy intact. Remember that with your free annual subscription to Kaspersky Safe Kids as part of Kaspersky Premium, in addition to total protection for all devices, you get powerful parental controls over your child’s online activity and offline location.
Farewell, summer. Hello, back-to-school season! While the chill may not be in the air yet, parents may be feeling the slight shiver of unease as their kids, tweens, teens, and young adults return to school and become re-entangled with the technology they use for their education and budding social lives.
Before they hop on the bus or zoom off to college, alert your children to the following 10 online cybersecurity best practices to ensure a safe school year online.
1. Keep Track of Mobile Devices
It sounds obvious but impart the importance to your kids of keeping their eyes on their devices at all times. Lost cellphones and laptops are not only expensive to replace but you lose control of the valuable personally identifiable information (PII) they contain. Protect all devices with unique, hard-to-guess passwords. Even better, enable biometric passwords, such as fingerprint or face ID. These are the hardest passwords to crack and can keep the information inside lost or stolen devices safe.
2. Don’t Share Passwords
Streaming services host the most buzzworthy shows. All their friends may be raving about the latest episodes of a zombie thriller or sci-fi visual masterpiece, but alas: Your family doesn’t have a subscription to the streaming service. Cash-conscious college students especially may attempt to save money on streaming by sharing passwords to various platforms. Alert your children to the dangers of doing so. Sharing a password with a trusted best friend might not seem like a cyberthreat, but if they share it with a friend who then shares it with someone else who may not be so trustworthy, you just handed the keys to a criminal to walk right in and help themselves to your PII stored on the streaming service’s dashboard.
Once the cybercriminal has your streaming service password, they may then attempt to use it to break into other sensitive online accounts. Criminals bank on people reusing the same passwords across various accounts. So, make sure that your children always keep their passwords to themselves and have unique passwords for every account. If they’re having a difficult time remembering dozens of passwords, sign them up for a password manager that can store passwords securely.
3. Keep Some Details a Mystery on Social Media
Walk down any city or suburban street, and you’re likely to see at least one Gen Zer filming themselves doing the latest dance trend or taking carefully posed pictures with their friends to share on social media. According to one survey, 76% of Gen Zers use Instagram and 71% are on social media for three hours or more every day.1 And while they’re on social media, your children are likely posting details about their day. Some details – like what they ate for breakfast – are innocent. But when kids start posting pictures or details about where they go to school, where they practice sports, and geotagging their home addresses, this opens them up to identity fraud or stalking.
Encourage your children to keep some personal details to themselves, especially their full names, full birthdates, address, and where they go to school. For their social media handles, suggest they go by a nickname and omit their birthyear. Also, it’s best practice to keep social media accounts set to private. If they have aspirations to become the internet’s next biggest influencer or video star, they can create a public account that’s sparse on the personal details.
4. Say No to Cyberbullying
Cyberbullying is a major concern for school-age children and their parents. According to McAfee’s “Life Behind the Screens of Parents, Tweens, and Teens,” 57% of parents worry about cyberbullying and 47% of children are similarly uneasy about it. Globally, children as young as 10 years old have experienced cyberbullying.
Remind your children that they should report any online interaction that makes them uncomfortable to an adult, whether that’s a teacher, a guidance counsellor, or a family member. Breaks from social media platforms are healthy, so consider having the whole family join in on a family-wide social media vacation. Instead of everyone scrolling on their phones on a weeknight, replace that time with a game night instead.
5. Learning and Failing Is Always Better Than Cheating
ChatGPT is all the rage, and procrastinators are rejoicing. Now, instead of spending hours writing essays, students can ask artificial intelligence to compose it for them. ChatGPT is just the latest tool corner-cutters are adding to their toolbelt. Now that most kids, tweens, and teens have cellphones in their pockets, that means they also basically have cheating devices under their desks.
To deter cheating, parents should consider lessening the pressure upon their kids to receive a good grade at any cost. School is all about learning, and the more a student cheats, the less they learn. Lessons often build off previous units, so if a student cheats on one test, future learning is built upon a shaky foundation of previous knowledge. Also, students should be careful about using AI as a background research tool, as it isn’t always accurate.
Phishing happens to just about everyone with an email address, social media account, or mobile phone. Cybercriminals impersonate businesses, authority figures, or people in dire straits to gain financially from unsuspecting targets. While an adult who carefully reads their online correspondences can often pick out a phisher from a legitimate sender, tweens and teens who rush through messages and don’t notice the tell-tale signs could fall for a phisher and give up their valuable PII.
Pass these rules onto your students to help them avoid falling for phishing scams:
Never share your passwords with anyone.
Never write down your Social Security Number or routing number or share it via email.
Be careful of electronic correspondences that inspire strong feelings like excitement, anger, stress, or sadness and require “urgent” responses.
Beware of messages with typos, grammar mistakes, or choppy writing (which is characteristic of AI-written messages).
7. Social Engineering
Social engineering is similar to phishing in that it is a scheme where a cybercriminal ekes valuable PII from people on social media and uses it to impersonate them elsewhere or gain financially. Social engineers peruse public profiles and create scams targeted specifically to their target’s interests and background. For instance, if they see a person loves their dog, the criminal may fabricate a dog rescue fundraiser to steal their credit card information.
It’s important to alert your children (and remind your college-age young adults) to be on the lookout for people online who do not have pure intentions. It’s safest to deal with any stranger online with a hefty dose of skepticism. If their heartstrings are truly tugged by a story they see online, they should consider researching and donating their money or time to a well-known organization that does similar work.
8. Fake News
With an election on the horizon, there will probably be an uptick in false new reports. Fake news spreaders are likely to employ AI art, deepfake, and ChatGPT-written “news” articles to support their sensationalist claims. Alert your students – especially teens and young adults who may be interested in politics – to be on the lookout for fake news. Impart the importance of not sharing fake news with their online followings, even if they’re poking fun at how ridiculous the report is. All it takes is for one person to believe it, spread it to their network, and the fake news proponents slowly gather their own following. Fake news turns dangerous when it incites a mob mentality.
To identify fake news, first, read the report. Does it sound completely outlandish? Are the accompanying images hard to believe? Then, see if any other news outlet has reported a similar story. Genuine news is rarely isolated to one outlet.
Parents with students who have a budding interest in current events should share a few vetted online news sources that are well-established and revered for their trustworthiness.
9. Browse Safely
In a quest for free shows, movies, video games, and knockoff software, students are likely to land on at least one risky website. Downloading free media onto a device from a risky site can turn costly very quickly, as malware often lurks on files. Once the malware infects a device, it can hijack the device’s computing power for the cybercriminal’s other endeavors or the malware could log keystrokes and steal passwords and other sensitive information.
With the threat of malware swirling, it’s key to share safe downloading best practices with your student. A safe browsing extension, like McAfee Web Advisor, alerts you when you’re entering a risky site where malware and other shifty online schemes may be hiding.
10. Stay Secure on Unsecure Public Wi-Fi
Dorms, university libraries, campus cafes, and class buildings all likely have their own Wi-Fi networks. While school networks may include some protection from outside cybercriminals, networks that you share with hundreds or thousands of people are susceptible to digital eavesdropping.
To protect connected devices and the important information they house, connect to a virtual private network (VPN) whenever you’re not 100% certain of a Wi-Fi’s safety. VPNs are quick and easy to connect to, and they don’t slow down your device.
Gear Up for a Safe School Year
While diligence and good cyber habits can lessen the impact of many of these 10 threats, a cybersecurity protection service gives parents and their students valuable peace of mind that their devices and online privacy are safe. McAfee+ Ultimate Family Plan is the all-in-one device, privacy, and identity protection service that allows the whole family to live confidently online.
1Morning Consult, “Gen Z Is Extremely Online”
Identity theft protection and privacy for your digital life