While the internet can bring a wealth of educational and entertaining information into your family’s home, there are also associated risks. For children and teen internet users, accidental exposure to inappropriate content (pornographic, violent, or offensive language or images) is possible. Also, as evidenced by Dateline NBC‘s To Catch a Predator series of sting operations, child predators may use chat rooms on the internet to try to establish contact with children or teens, sometimes posing as a child in order to establish a “friendship” and then attempting to meet face to face, with ill intentions.
In today’s post we offer the following tips to help parents keep their children safe from these dangers when online:
- Discuss the dangers with your children and let them know that caution must be used to protect their safety.
- Establish clear rules for your child’s use of the internet, as well as specific consequences for breaking those rules. Set guidelines regarding the time(s) of day that are acceptable for internet use, as well as a daily time limit. Discuss which websites and activities are appropriate and approved, and which ones are off-limits.
- Set specific rules about internet shopping. Either restrict your child from shopping online completely, or establish rules for approved shopping sites and limit amounts to be spent.
- Supervise your child’s online activities. Place the computer in a public part of the home (like the family room, living room, or kitchen) where supervision is easy, rather than in a bedroom where the child is likely to be alone.
- Establish which search engine(s) you will allow your child to use and prohibit the use of any other ones (again, with specific consequences for violations). Visit each approved search engine in your child’s web browser and click the Preferences link, then select the option for “strict filtering” of offensive images and language, then click to ‘Save’ the setting. For younger children, you may wish to prohibit the use of general search engines like Google and Yahoo entirely, and allow only the use of search engines designed specifically for children, like the CyberSleuth Kids Search Engine.
- Set your web browser’s preferences to filter out undesirable material. Most modern browsers allow you to filter images or websites based upon content (nudity, offensive language, etc.), or through use of a ratings system similar to that used for movies, with G, PG, and R ratings. Some browsers will also allow you to create a list of only parent-approved web sites which can be visited, while blocking all other sites.
- Set your Windows or Mac OS preferences to enable the Parental Control option… you’ll find this under the User Accounts settings. There, you can establish limits for content and usage for your child’s account on your computer.
- Check with your Internet Service Provider, as many now provide filtering and blocking features that can help prevent offensive material from being accessed through your internet connection. These should not be seen as a substitute for proper parental supervision, however, as filtering and blocking programs are not fool-proof.
- Encourage your child to tell you about anything seen or read online which makes him or her feel uncomfortable. Discuss the material appropriately; if the material was viewed by accident, do not place blame on your child.
- Require that your child pre-approve any chat rooms with you before joining. Many online games and websites aimed at children include chat rooms which are likely filled with other child participants… but these may also be targeted by child predators who pose as children.
- Insist that your child use an anonymous screen name in chat rooms, rather than his or her actual name.
- Tell your child to never reveal any personally-identifying information in chat rooms… this would include: first or last name, home address, phone number, names of family or friends, schools, and churches or after-school activities, as well as photographs. Also never to be shared are: passwords, email addresses, credit card numbers and social security numbers.
- Make sure that your child understands that any online “friendships” created through chat rooms should remain in the online world, and that your child should never agree to meet face-to-face with an individual met online. If an online friend asks your child to meet face-to-face, your child should inform you immediately so you can investigate accordingly.
- Check the browser history from time to time to see which websites your child has been visiting.
- If your child clears the browser history, preventing you from seeing which sites have been visited, install parental monitoring software to allow you to view the footsteps of your child’s online activities. If this makes you feel like you are “spying” on your child inappropriately, explain that you have added that function to the computer to ensure your child’s safety… in this way, you are not hiding anything from your child, and are taking proper steps to ensure compliance with your ground rules. Information on a number of monitoring software solutions with different features can be found here.
- Advise your child to inform you immediately if he or she ever feels threatened or “bullied” by anyone online, and to allow you to see the message or messages received. If you feel it is appropriate, contact the website which provides the chat room and/or the local authorities regarding the matter.
Additional helpful information on safe internet practices for children and teenagers is available from the following online resources:
Among the most dangerous types of spam e-mail are Nigerian Letter scams, named for the West African country from which many of the messages originate. Nigerian Letter scams are a form of Advance Fee Fraud, in which victims are conned into sending a fee up front in order to receive a promised larger payoff later. Nigerian Letter scams are sometimes also called 419 letters after the specific section of the Criminal Code of Nigeria which applies to these deceptions.
While the details of Nigerian Letter messages may vary, the scam is always essentially the same: a fictional wealthy individual asks for assistance moving millions of dollars out of his country, promising a substantial share of the funds as compensation for helping with the transfer. If the target of the scam responds and is willing to help, the con-man then provides reasons why a fee up front is needed, or requests the target’s bank details so the transfer can take place… but in either instance, the victim loses any fees sent and may lose the entire balance of his bank account as well. And of course, the promised share of millions is never provided, as it is simply bait used to lure the victim.
A variant of the same type of fraud may indicate that the recipient of the message has won a large sum of money in a foreign lottery, and bank account and personal details are requested so the winnings can be transferred. But of course, to those who respond to such messages, the only funds transferred go out of the victims’ accounts and into the con man’s hands.
These scams are not new; by some accounts this type of fraud dates back to the 1920′s in the form of postal mail and later by faxes, and recently by way of electronic mail as well. The victims are many; by some estimates, losses total in the hundreds of millions of dollars annually.
To protect yourself from these types of scams, never respond to a suspected Nigerian Letter. If you respond, even if you do not follow through with fees or bank details, you can bet that your e-mail address will be shared with others who will try to scam you again, keeping your inbox full of unwanted messages.
For more information and numerous examples of the creative messages used to try to lure unsuspecting victims, the following website is a great online resource: http://www.svbizlaw.com/nigerian.419.letters.htm
Another online educational resource on the types of Nigerian Letter fraud is available here: http://home.rica.net/alphae/419coal/
And here is one more online source of information to help you identify and avoid these fraudulent schemes: http://www.snopes.com/crime/fraud/nigeria.asp
The best way to avoid becoming a victim of these cons is simply to be informed, so you’ll know what to be on the watch for, and be suspicious… if you receive an offer in an unsolicited message that seems too good to be true, it probably is. Don’t fall prey to a con man offering the lure of easy money, no matter how many millions he promises you.
Pharming is a name given to a computer hacker’s attempt to redirect traffic from a legitimate web site to a very similar but bogus web site.
Pharming is similar to phishing in that the goal of the hacker is to steal login and other sensitive financial and identifying information from users. However, while phishing depends upon the user clicking a link in an email, pharming can direct numerous users to an impostor web site without their knowledge, where those users are prompted to provide login usernames and passwords and other information. To draw a comparison, while Phishing is similar to actual fishing with a line and a hook to get a single “bite” at a time, Pharming is like fishing with a large invisible net, scooping up several victims all at once.
Victims of pharming begin by entering the URL domain address for a web site they wish to visit into the address bar of a web browser, but instead of reaching the intended web site destination a rather convincing impostor web site is visited instead. Once the user enters his information into the bogus site, the hacker has it.
You may wonder how a correctly-entered URL address can take a user to a bogus web site instead of the real thing. This usually happens through DNS cache poisoning in which the hacker hacks into a Domain Name Server on the internet and changes the settings within to redirect web traffic.
A Domain Name Server is used by Internet Service Providers to allow internet-connected computers to visit web sites through the entry of simple domain name URL addresses (http://www.yahoo.com for example) rather than requiring users to know and enter full numeric IP addresses (http://126.96.36.199 which is the IP address for the Yahoo site). A Domain Name Server functions sort of like a map or traffic cop of the internet, directing connections to destination servers. In the instance of a DNS server which has been compromised or “poisoned” the conversion from the entered address to the numeric IP address is used to re-route the traffic to a different server instead of the intended one through a different numeric IP address, which the viewer usually never sees.
A variation known as “drive-by pharming” occurs when a hacker infiltrates the wireless network of a home or business and changes the settings on the computer’s host file to cause it to use a different DNS server (one which is controlled by the hacker) and then redirects traffic. The “drive-by” attack is so named because most wireless networks penetrate the walls of a building and have a range which reaches nearby streets, allowing a hacker to try to access the network from his car.
The biggest problem with pharming attacks is that they are virtually impossible to notice by the user. Due to this, the best ways to avoid becoming a victim of pharming are all of a preventative nature:
- Be sure to use a password on your wireless router, and don’t use the default password or one that can be easily guessed (for helpful tips see our previous article on Choosing safe passwords).
- Use a Firewall, which may prevent a hacker from accessing your computer’s host file if he penetrates your wireless network. Windows and Mac computers have a built-in software firewall under the Control Panel or System Preferences; make sure it is turned on. Many modems and routers also include a firewall feature. Configure your firewall(s) to offer the highest level of protection while still allowing your activities (email, instant messaging, etc.) to function.
- Use only secure web connections to access web sites where you will provide sensitive personal or financial information. Hypertext Transfer Protocol over Secure Socket Layer (or HTTPS) connections can be established by entering the URL address with “https” at the beginning rather than the usual “http”… for example, to visit the Bank of America web site using a secure connection one would enter https://www.bankofamerica.com/ into the address bar. Most web browsers will then show a padlock symbol to indicate that a secure connection is established, which will encrypt any information you enter into the site.
- Web sites which support the HTTPS protocol are sometimes referred to as “pharming-conscious” (or “PhC”) web sites. if an impostor site attempts to present itself as a pharming-conscious web site, the viewer will see an alert message indicating that “the name on the security certificate is invalid or does not match the name of the site” like the following:
Should you see a message like this one, you should click No as proceeding may expose you to a pharming web site.
Malware (short for “malicious software”) is a general term encompassing various ill-intentioned software programs including Spyware, Adware, and Viruses.
Malware programs are installed without the user’s knowledge or consent. Often this occurs when the user installs or runs another program which has hidden malware bundled with it… free “shareware” program downloads are a frequent source of infection. Malware is commonly spread through the use of file sharing programs including Limewire, Kazaa, Morpheus, P2P and other peer-to-peer programs, as well as through BitTorrent sharing; when users download software, music, or movies from unknown sources through file sharing programs, a virus, spyware, or adware program may be received as well. Malware infections can result in slow, bogged-down computer processing speeds, hard drive data corruption, and (even worse) financial and personal data theft.
Spyware programs are a specific type of malware which collect information about the way a person uses the computer and delivers the information secretly to another person’s computer via the internet. Spyware programs can track web sites visited, usernames and passwords entered, and can even log all keystrokes entered including credit card and account numbers; this information is then used for profit-driven purposes by the receiver. Spyware programs may have very little impact on computer performance, allowing the spyware to run unnoticed.
Adware programs force pop-up advertising windows to appear in a web browser. Adware programs may be bundled with other software provided for free and may work along with spyware programs to display ads targeted to the user’s interests as determined from internet usage patterns. Adware programs often target users of the Internet Explorer browser, as it is used by a large portion of the internet population and is frequently found to contain vulnerabilities in its programming which can be exploited. Adware often has a noticeable negative impact on computer speed and performance.
Virus programs can secretly cause a computer to do a scammer’s work for him, including sending out spam emails or even “hijacking” a computer entirely and using all of the computer’s resources for nefarious deeds. Viruses can result in data corruption and loss as well as extreme reductions in processing performance.
When it comes to malware, preventing an infection is easier than detecting and curing one. Following are some basic safeguards you can practice to help protect against a malware infection.
- Use a Firewall – Windows and Mac computers have a built-in software firewall under the Control Panel or System Preferences; make sure it is turned on. Many modems and routers also include a firewall feature. Configure your firewall(s) to offer the highest level of protection while still allowing your activities (email, instant messaging, etc.) to function. Firewalls can prevent malware from transmitting your sensitive information.
- Install OS and browser updates – Keep your computer’s Operating System and web browser updated with the latest available versions. Updates usually include security patches to prevent the kinds of unauthorized access that malware utilizes to do its dirty work. Only download updates from reputable sources.
- Beware of risky downloads - Avoid peer-to-peer type file sharing programs and make sure your children and teens do as well. Music or movie files shared from unknown sources are common vehicles for distribution of hidden malware. Only download software or media files from well-known trusted online sources.
- Beware of email attachments – Be suspicious of any executable programs (with filenames ending in “.exe”) which may come attached to emails, even if they come from someone you know… these can spread malware, so if in doubt, don’t open the attachment and simply delete the email.
- Choose your browser wisely – As Internet Explorer is used by a large portion of the internet population and is occasionally found to have security vulnerabilities, it is the most common target for malware attacks. Other browsers may be a safer alternative, like Mozilla’s free FireFox or Apple’s free Safari (both are available in both Windows and Mac versions).
- Use anti-virus software – A good anti-virus program can prevent virus infection as well as detecting and curing some virus problems. While some free shareware virus programs are available online, it is best to purchase a good anti-virus program from a reputable company like McAfee, Norton, or AVG. Also be sure to update your anti-virus software regularly with the latest virus definitions to prevent against the latest virus attacks.
- Use anti-malware software – Software to detect and remove spyware and adware is also available from well-known providers including McAfee and Norton. If you use Microsoft Windows, they also offer their own program called Windows Defender which you may consider.