As students and young adults use the internet more often, they’ll be subject to more cyber threats. Nowadays students of all grades complete their homework, communicate with their peers and teachers, check their grades and conduct research for assignments online. Learning is more digital than ever and it will only continue in that direction. But along the advantages and immense potential of digital learning, threats are lurking in the binary universe as well.
Digital security threats can come from new and unexpected sources. With each passing year, not only has the sheer volume of threats increased, but the threat landscape has become more diverse, with attackers working harder to discover new avenues of attack and cover their tracks while doing so.
According to Dr. Rutger Leukfeldt, a senior researcher of Cybercrime at the NSCR and lector of Cybersecurity and SMEs at The Hague University of Applied Sciences, hardly anything distinguishes victims of online phishing and malware, except that the more time people spend on the internet, the more likely they are to be victims. Considering that 95% of teens have access to a smartphone and 45% say they are online ‘almost constantly’, they need all the support possible to avoid becoming victims of cyber threats.
According to a study done by Symantec, apps with the most cybersecurity issues are lifestyle apps, which account for 27 percent of malicious apps. Music and audio apps account for 20 percent. Both app categories are mostly used by young adults. Add to this the increasing number of potential cybersecurity risks faced by schools, and it’s obvious why it’s essential to teach at least the basics to those who are willing to learn and protect their personal data online.
Read more: Digital security and safeguarding student and staff data
3 Basic tips on teaching cybersecurity to your students
Today's students are digital natives. They intuitively know how to use all sorts of software, from mobile apps to online platforms for learning, and everything in between. But even though they are more tech-savvy than the average adult, they still have a lot to learn about the threats of the online world. As stated before, risks come in various shapes and sizes and are getting more creative. One needs to spot every cybersecurity risk in order to avoid it.
Here are the three basic areas that everyone needs to know about if they want to safeguard their online data:
Always have a strong password
The first step is to create complex passwords. A strong password should be a mixture of upper and lowercase letters and include numbers and symbols, as this will make it less likely to be guessed by cybercriminals. You can use tools like a password meter, which calculate how difficult or easy it would be to guess or hack your password, and aim for a high score for each password you create.
Create unique passwords for each online account. For instance, the password for your personal Facebook account should be different from that of your personal email, which in turn should be different from the one you use to access the learning portal at school. This means that if someone guesses or hacks one password, they won’t be able to access all of your accounts.
Try to change your passwords frequently. It is recommended to do this at least twice a year, but once every three months is even better and more secure, especially since the sheer number of online accounts accessed at school is so high.
Creating complex and unique passwords and changing them continuously is a great memory exercice. But if it turns out to be too difficult, try using a password manager to generate and store your passwords on your device or browser. A password manager uses a special database to create and store strong passwords so you don’t have to remember them. But you do have to be careful with that one master password.
While using public computers or other public devices and networks, never allow the public computer to remember or store your password. This can open the door for others to sign in after you and access your online profiles and any other personal information that might’ve been saved.
Finally, take advantage of two-factor verification when it’s available. These systems typically require you to enter both your password and a special code sent to your phone or email. This type of authentication offers the best protection for those of your accounts that hold personal and sensitive information about you.
Don’t fall for phishing scams
According to the United States Department of Homeland Security, phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by manipulating them into providing personal information to the attacker.
There are several ways online phishing scams can happen. Some are through emails, SMS text messages, social media, and even fake tech support phone calls/voicemails. The best way to avoid these scams is to not interact with them. Don’t text the number back, don’t answer phone calls when you don’t recognize the number, and never give your personal information out via email to someone you don’t recognize from your contact list. If you keep being targeted by the same number or email, block them, or talk to your cell phone provider about blocking the number from reaching your phone.
But before you can decide not to interact with phishing scams you need to be able to recognize them. Here are a few signs that should make you suspicious:
- Unfamiliar sources. If you've never interacted with this person or company before, be wary;
- Odd email addresses. Anyone can create a Gmail or Yahoo email account, but an established company will have its own email system: email@example.com versus firstname.lastname@example.org;
- Too many recipients of the same message. You should be the sole recipient of the email, or at least to know the other few people addressed in case you're not;
- Direct requests for personal information or money. Social Security numbers, bank account information or other passwords should not be shared with strangers just because they asked;
- Text riddled with errors. Cybercriminals send badly written messages to increase their chances — if grammar and spelling errors don't ring any alarm, someone is more likely to hand over the required personal information;
- Too good to be true offers. Murphy's law is not a law for nothing. If something seems unlikely, unrealistic or too good to be true, then it probably is;
- Strange attachments. An attachment should be necessary and related to the message. If not, or if the extension is odd (.exe instead of .docx), it's better to not open it.
Invest in antivirus protection
Malware, or “malicious software,” is an umbrella term that describes any malicious program or code that is harmful to systems. It includes computer viruses, ransomware, adware, spyware, scareware, worms and more. The damages made by malware vary from making your device more difficult to use by slowing down its functions, to more serious consequences, like controlling your device or stealing your data.
One rather famous way of malware spreading throughout a school is the use of infected removable drives. As Microsoft’s Windows Security noted, “many worms spread by infecting removable drives such as USB flash drives or external hard drives. The malware can be automatically installed when you connect the infected drive to your PC. Some worms can also spread by infecting PCs connected to the same network.” Working directly in the cloud is a better option, as long as the cloud is in its turn protected.
The most important thing you must do is to install antivirus software on all your devices to make sure you’re protected no matter what you’re using. This will ensure you’ll avoid many cyber attacks by default or at least you’ll get a notification on what seems suspect and needs more attention from your part. As a young adult, it might be hard not to expose many aspects of your personal information online, so protecting your online presence is crucial and worth the costs.
We are all already living in the future — one we thought was a lifetime away. We simply can not avoid the online world, with both its advantages and threats. Always having a strong password, avoiding phishing scams and investing in antivirus software are the three most basic and more efficient ways we can protect ourselves as digital citizens. Teaching these aspects of cybersecurity to your students is crucial nowadays.