What cybersecurity threats to kids parents should be aware of in 2024? | Kaspersky official blog
In the era of modern technology, the age at which children are introduced to the digital world and technology is increasingly lower. This digital experience, however, can be marred by potential risks lurking online. As technology continues to advance, the tactics and strategies used by cybercriminals to target and exploit young internet users are also evolving.
Therefore, it’s crucial for parents to stay informed about the latest cybersecurity threats targeting kids to better protect them from potential harm. In this post, me and my colleague Anna Larkina will explore some of the key cybersecurity trends that parents should be aware of and provide tips on how to safeguard their children’s online activities.
Children will increasingly use AI tools that, so far, are not ready to provide the necessary level of cybersecurity and age-appropriate content
AI is continuing to revolutionize various industries, and its daily use ranges from chatbots to AI wearables, personalized online shopping recommendations, and other common uses. Of course, such global trends do not bypass the interest and curiosity of children, who can use AI tools to do their homework or simply chat with AI-enabled chatbots. According to a UN study, about 80 percent of youth claimed that they interact with AI multiple times a day. However, AI applications can pose numerous risks to young users involving data privacy loss, cyberthreats, and inappropriate content.
With the development of AI, numerous little-known applications have emerged with seemingly harmless features, such as uploading a photo to receive a modified version — whether it be an anime-style image or simple retouching. However, when adults, let alone children, upload their images to such applications, they never know in which databases their photos will ultimately remain and whether they will be used further. Even if your child decides to play with such an application, it is essential to use them extremely cautiously and ensure that there is no personal information that may identify the child’s identity — such as names, combined with addresses, or similar sensitive data — in the background of the photo, or consider avoiding such applications altogether.
Moreover, AI apps – chatbots in particular – can easily provide age-inappropriate content when prompted. This poses a heightened risk as teenagers might feel more comfortable sharing personal information with the chatbot than with their real-life acquaintances, as evidenced by instances where the chatbot gave advice on masking the smell of alcohol and pot to a user claiming to be 15. On an even more inappropriate level, there are a multitude of AI chatbots that are specifically designed to provide an “erotic” experience. Although some require a form of age verification, this is a dangerous trend, as some children might opt to lie about their age and the prevention, in cases like this, is insufficient.
It is estimated that on Facebook Messenger alone, there are over 300,000 chatbots in operation. However, not all of them are safe and may carry various risks, like the ones mentioned earlier. Therefore, it is extremely important to discuss with children the importance of privacy and the dangers of oversharing, as well as talking to them about their online experiences regularly. It also reiterates the significance of establishing a trusting relationship with the child. This will ensure that the child feels comfortable asking their parents for advice rather than turning to a chatbot for guidance.
The growth of malicious actors’ attacks on young gamers
According to statistics, 91 percent of children in UK aged 3-15 play games on any device. The vast gaming world is open to them, also making them vulnerable to cybercriminals’ attacks. For instance, in 2022, our security solutions detected more than 7 million attacks relating to popular children’s games, resulting in a 57 percent increase in attempted attacks compared to the previous year. The top children’s games by the number of users targeted even included games for the youngest children — Poppy Playtime and Toca Life World, which are designed for children 3-8-years-old.
What raises even more concerns is that sometimes children prefer to communicate with strangers on gaming platforms rather than on social media. In some games, unmoderated voice and text chats form a significant part of the experience. As more young people come online, criminals can build trust virtually, in the same way as they would entice someone in person — by offering gifts or promises of friendship. Once they lured the young victim by gaining their trust, cybercriminals obtain their personal information, suggesting they click on a phishing link, download a malicious file onto their device disguised as a game mod for Minecraft or Fortnite, or even groom them for more notorious purposes. This can be seen, in the documentary series “hacker:HUNTER“, co-produced by Kaspersky, as one of the episodes revealed how cybercriminals identify skilled children through online games and then groom them to carry out hacking tasks.
The number of ways to interact within the gaming world is increasing to include voice chats as well as AR and VR games. Both cybersecurity and social-related threats remain particular problems in children’s gaming. Parents must remain vigilant regarding their children’s behavior and maintain open communication to address any potential threats. Identifying a threat involves observing changes, such as sudden shifts in gaming habits that may indicate a cause for concern. To keep your child safe, stopping from downloading malicious files during their gaming experience, we advise installing a trusted security solution on their device.
The development of FinTech industry for kids marks the appearance of new threats
An increasing number of banks are providing specialized products and services designed for children, including banking cards for kids as young as 12 years old. This gives parents an array of potential advantages, such as the ability to monitor their child’s expenditures, establish daily spending limits, or remotely transfer funds for the child’s pocket money.
Yet, by introducing banking cards for children, the latter can become susceptible to financially motivated threat actors and vulnerable to conventional scams, such as promises of a free PlayStation 5 and other similar valuable devices after entering card details on a phishing site. Using social engineering techniques, cybercriminals might exploit children’s trust by posing as their peers and requesting card details or money transfers to their accounts.
As the Fintech industry for children continues to evolve, it is crucial to educate them not only about financial literacy but also the basics of cybersecurity. To achieve this, you can read Kaspersky Cybersecurity Alphabet together with your child. It is specifically designed to explain key online safety rules in a language easily comprehensible for children.
To avoid concerns about a child losing their card or sharing banking details, we recommend installing a digital NFC card on their phone instead of giving them a physical plastic card. Establish transaction confirmation with the parent, if the bank allows it. And, of course, the use of any technical solutions must be accompanied by an explanation of how to use them safely.
The number of smart home threat cases, with children being potential targets, will increase
In our interconnected world, an increasing number of devices, even everyday items like pet feeders, are becoming “smart” by connecting to the internet. However, as these devices become more sophisticated, they also become more susceptible to cyberattacks. This year, our researchers conducted a vulnerability study on a popular model of smart pet feeder. The findings revealed a number of serious security issues that could allow attackers to gain unauthorized access to the device and steal sensitive information, such as video footage, potentially turning the feeder into a surveillance tool.
Despite the increasing number of threats, manufacturers are not rushing to create cyber-immune devices that preemptively prevent potential exploits of vulnerabilities. Meanwhile, the variety of different IoT devices purchased in households continues to grow. These devices are becoming the norm for children, which also means that children can become tools for cybercriminals in an attack. For instance, if a smart device becomes a fully functional surveillance tool and a child is home alone, cybercriminals could contact them through the device and request sensitive information such as their name, address, or even their parents’ credit card number and times when their parents are not at home. In a scenario such as this one, beyond just hacking the device, there is a risk of financial data loss or even a physical attack.
As we cannot restrict children from using smart home devices, our responsibility as parents is to maximize the security of these devices. This includes at least adjusting default security settings, setting new passwords, and explaining basic cybersecurity rules to children who use IoT devices.
Children will demand that their personal online space is respected
As kids mature, they develop greater self-awareness, encompassing an understanding of their personal space, privacy, and sensitive data, both offline and in their online activities. The increasing accessibility of the Internet means more children are prone to become aware of this. Consequently, when a parent firmly communicates the intent to install a parenting digital app on their child’s devices, not all children will take it calmly.
This is why parents now require the skill to discuss their child’s online experience and the importance of parenting digital apps for online safety while respecting the child’s personal space. This involves establishing clear boundaries and expectations, discussing the reasons for using the app with the child. Regular check-ins are also vital, and adjustments to the restrictions should be made as the child matures and develops a sense of responsibility. Learn more in our guide on the First kids’ gadget, where, together with experienced child psychologist Saliha Afridi, our privacy experts analyze a series of important milestones to understand how to introduce such apps into a child’s life properly and establish a meaningful dialogue about cybersecurity online.
Children are eager to download apps that are unavailable in their country, but stumble upon malicious copies
If some app is unavailable in the region, the user starts looking for an alternative, but this alternative is often only malicious copies. Even if they turn to official app stores like Google Play, they still run the risk of falling prey to cybercriminals. From 2020 to 2022, our researchers have found more than 190 apps infected with Harly Trojan on Google Play, which signed users up for paid services without their knowledge. A conservative estimate of the number of downloads of these apps is 4.8 million, but the actual figure of victims may be even higher.
Children are not the only ones following this trend, adults are as well, which was highlighted in our latest Consumer cyberthreats predictions report as a part of the annual Kaspersky Security Bulletin. That’s why it’s crucial for kids and their parents to understand the fundamentals of cybersecurity. For instance, it’s important to pay attention to the permissions that an app requests when installing it — a simple calculator, for instance, shouldn’t need access to your location or contact list.
As we can see, many of the trends that are playing out in society are also affecting children, making them potential targets for attackers. This includes both the development and popularity of AI and smart homes, as well as the expansion of the world of gaming and the FinTech industry. We are convinced that protecting children from cybersecurity threats in 2024 requires proactive measures from parents.
By staying informed about the latest threats and actively monitoring their children’s online activities, parents can create a safer online environment for their kids.
It’s crucial for parents to have open communication with their children about the potential risks they may encounter online and to enforce strict guidelines to ensure their safety.
With the right tools such as Kaspersky Safe Kids, parents can effectively safeguard their children against cyber threats in the digital age.
To help parents introduce their children to cybersecurity amidst the evolving threat landscape, our experts have developed the Kaspersky Cybersecurity Alphabet with key concepts from the cybersecurity industry. In this book, your kid will get to know new technologies, learn the main cyber hygiene rules, find out how to avoid online threats, and recognize fraudsters’ tricks. After reading this book together, you’ll be sure that your kid knows how to distinguish phishing website, how VPN and QR-codes work, and even what honeypots and encryption are and what role they play in modern cybersecurity. You can download the pdf version of the book or the Kaspersky Cybersecurity Alphabet poster for free and go through the basics of cybersecurity with your child, building their cybersafe future.
Kaspersky official blog – Read More