Internet safety isn’t about a bunch of rules telling you “never do this”, or trying to scare you into safe behavior. Internet safety is about avoiding being ripped off, disrespected, bullied, scammed, or stalked while you’re just trying to have a good time online. You don’t need to be sold on all the really great opportunities the Internet offers, but you do need to understand how to dodge problems.
Staying safer just takes learning a few things
Most of you are already pretty good at using the online sites you’re interested in or have friends that help you. Over 60 percent of you have already taken steps to be safer online.
But there is a real difference between the steps you’ve taken to be safe online and what it really takes to be safe and savvy online. The difference has nothing to do with how skilled you are at using Internet services – even the most advanced Web developer has to learn how to be safe online because the dangers come from other people, not programming code.
You are a commodity
The way ‘free’ services make money is not by selling advertising. What they sell is access to you, and information about you to advertisers, marketers and researchers, and others. Your information is also used by others looking to track people for various purposes.
Every piece of information you post, and every action you take online has commercial value to someone. That isn’t necessarily a bad thing. Your information helps companies provide you ads that are more targeted to your interests, it helps researchers know what kind of products to design, and so on. But your information is also used in negative and sometimes criminal ways. For example:
- By someone who wants to embarrass or bully you
- Plagiarists who want to claim your content as their own
- By companies who want to use your information in ways that act against your interests
- Insurance companies are using information posted on blogs to deny coverage of medical claims, car accident claims, and so on.
- Companies may reject your job application; find reasons to fire you, and so on.
- Your school applications may be rejected
- By criminal organizations or individuals building profiles of people to scam, steal identities, hijack computers, find interesting homes to break into or cars to steal, people to physically harm, and so on
As you provide information consider how it is being sold, bought, or simply taken and make sure you’re okay with potential outcomes. Learn how information as a commodity relates to taking surveys, chat, discussion boards, and forums, online dating, creating safe personal e-mail aliases, sharing Images and Video, and gaming online.
Why the terms and conditions matter on your profiles and sites
You may be surprised to learn that many sites you are likely to use include in their usage terms the right to use any of your information in any way they choose. If they own your content and profile, and your information is ‘repurposed,’ there isn’t much you can do about it. If you don’t like the terms and conditions, find another site.
If you don’t understand what the settings and permissions really mean, they might not be what you intend
Example 1) This 23-year-old set her social networking site to private. But on this ‘private’ page we learn much more than she imagined.
Her first name is Jessica, her last name is Massing (look at the URL). We know what she looks like and her ethnic background. How she dresses says a lot about the group she hangs with as well as her socio-economic status. We also know what city and state she lives in. Finding her phone number and address is just a search away. Finding articles about her in her local newspaper or on her school Web site is just a matter of another search.
What Jessica didn’t understand is that setting her social networking site to private wasn’t enough to protect her identity when ‘private mode’ still shows her photo, name, URL, city, state, and when she last logged in. With this much information, stealing her identity isn’t hard, cyberbullying is one click away, customizing a scam to match her interests is easy, and so is showing up on her doorstep. To make this so-called private page be private she should have changed her profile picture to something less identifiable, taken her city (at least) out of her profile, used a nickname instead of her real name, and made her URL anonymous.
Example 2) Chelsea assumed that because her social networking site was set to private, invitations to parties she sent would also be private. This wasn’t correct and she was shocked when several people that she didn’t know RSVP’d. She was also upset to discover she’d just posted her address publicly.
Identity theft is a big issue for teens
Lots of teens get tripped up because they figure they don’t have enough money in their bank account to matter – if someone really wants to steal their $54.13, they would go for it. But this is the wrong way to look at it. It’s not what you have in your account that interests a criminal, it’s how far they can put you in debt.
A criminal is not likely to steal anything from your bank account because it would tip you off. What they’re interested in is getting a $40k loan using your identity. Because you are not likely to be checking your credit history it can be years before you discover that your credit rating is ruined and you owe money; and it’s really hard to fix this years later.
Your money isn’t the only part of your reputation malicious or criminal people may be interested in. Your reputation and photos are other elements of your identity that can be stolen, and trying restore these may be even more difficult than restoring your credit. Learn how to avoid being a victim of Identity theft.
Getting and giving friends respect online
You know what’s okay to say about your friends in the physical world, but there are some differences you need to consider when talking to others or about others online.
The first thing to consider is who will see your words online. In face-to-face conversations you see who you’re talking to and modify your comments to fit the situation. Over the phone you know who’s on the call. Online you may or may not know who will see what you say. If someone else’s site or your site is locked down to just friends you both know, you can use the same considerations as you would face-to-face or over the phone. If you don’t know who else may see the interaction you have to assume that anyone could see it and respect your friends’ privacy as you would expect them to respect yours. It’s rude to expose information about someone – including pictures and videos — without their permission. The only way you’ll know what they want kept private is to ask them; and the only way for them to know what you want private is to tell them.
Who is exposing you online?
You may be surprised to learn how much your friends expose about you and how much you may inadvertently be exposing about them. This example is taken from the public social networking site of a girl who made her profile anonymous. She didn’t give her name, used a photo of her cat, didn’t provide her age or city, and only mentioned her state. But three comments by friends completely exposed her.
Her name is Blanche O’connelly, her birth date is July 16th, and she turned 16 in 2006. Had you looked at the time you would know where her party was going to be held, where she lives, where she goes to school (her state combined with the school’s team name gives it away), where to find her at the game, and how to identify her (she’ll be with her friend and you know what her friend looks like). A friend has also provided her telephone number.
In addition, all of these friends have photos of Blanche on their sites – you know who Blanche is because under the photos it lists who is in the pictures.
That’s a lot of information to expose about someone who went to great lengths to remain private. There are two problems here: though Blanche did a lot to protect her privacy, she didn’t tell her friends that her privacy was important to her and Blanche’s friends were disrespectful by posting identifiable information about her without first learning her privacy boundaries.
Another problem occurs when a bunch of friends have private sites and share lots of information, then one friend decides to make her site public without first asking her friends what information she should remove (and then removing it) to respect their privacy.
Information is permanent
Many teens, are very casual with giving out personal information online because they fail to fully understand the ramifications of doing so. You will rarely feel any immediate negative consequences for giving out information. Much of the time you may never understand that there is a connection between something we, a friend, or family member posted and a subsequent consequence.
Think of each piece of information as a drop of water. When a drop of water lands, it is either absorbed, evaporates, or becomes part of a body of water and is indistinguishable from any other drop. This is not the case with online information.
Today each drop of information is collected into personal virtual buckets. The information rarely disappears; instead, it accumulates, slowly building a comprehensive picture of your identities and lives. Small details about your appearance, where you live, go to school and work, financial status, emotional vulnerabilities, and the lives of those close to us all add up.
Comments, actions, or images once posted online may stay long after you delete the material from your site or request a friend to delete your information from their site. You won’t know who else has downloaded what you wrote or what search engine crawled and stored a photo. You can’t know who else sees your comments and judges you by them, nor will you have the opportunity in most cases to explain.
If you want to shed an earlier image and move in new directions, your previous postings may make it difficult. Perhaps an old relationship that you do not want to be associated with any longer remains online for anybody to see. You may have had embarrassing moments documented that won’t go away.
Anyone – those with good intentions as well as those with intent to do harm – can dip into your virtual bucket and search for your information years from now. It may be the admissions director at a school to a potential employer, or your future children or in-laws. Or it could be an identity thief or any other kind of predator, or anyone in your life who wants to lash out at you, can cause harm.
What seemed like a good idea at the time may come back to bite you in a variety of ways. So think before you post. It is far easier to think twice and refrain from posting than it is to try to take it back.
Cell phones have only been available to the general public for 16 years! It’s hard to know how we lived without them. However, having a cell phone is not a right; it’s a privilege and with privilege comes responsibility.
Phones are powerful tools that can be used in positive ways, or used in ways that cause real harm. You are responsible for protecting the safety, privacy and reputation of yourself, your family and others when using a phone. This includes never sharing your location publicly, or giving out your phone number indiscriminately, and so on.
Sexting is one of the stupidest thing tweens, teens, and adults do with their phones. Once you share an image with anyone YOU HAVE NO CONTROL over where it goes next. Have you ever asked someone for a nude/semi-nude pic and not shared it? Not likely, the purpose of getting photos is to show others.
Potential problems from sexting for teens include: Humiliation, Bullying, Sexual exploitation, extortion, Criminal charges – in some areas this can have you labeled a sex offender for life, get you kicked off sports teams or other extracurricular activities, make it difficult to get scholarships or jobs.
Girls in particular get pressured to send sexting images/videos and perhaps the best thing you can do is be prepared with how you say NO to this question. Here are 3 basic strategies: 1)keep it humorous, 2)get firm, 2)turn it around on the asker:
- I heard your question, did you hear my answer?
- You asked, I answered, don’t ask again.
- Why don’t YOU send me your pic, then I’ll share it will all my friends and let it go viral. Let’s see what it does to YOUR reputation first.
- My parents check my text messages; you want my dad/mom reading your request? I don’t.”
- Gee, can you say stupid?
- Let me save us some time, the next 2,000 times you ask, the answer will still be no.
- Have a parent text the guy – ‘don’t ask again’. Or send a text from her phone that says “This is ____’s dad, don’t ask again”.
- You want a naked pic? Fine, one. Then never ask again. – Then send a pic of a bear butt or something similar. Some girls send a nude baby pic of themselves (or of a random baby), and a few take pictures wearing a ‘boob’ shirt…
A few basic precautions can significantly reduce the chances your phone or email will be hacked by friends or romantic partners, ex-friends or -romantic partners, other students, teachers, parents, children, or others you know.
- PIN/password protect your cell phone and email. Strong, unique, PIN numbers and passwords are a must. Choosing ‘password’ or something else obvious doesn’t cut it. The same goes for PIN numbers. You must change your phone’s default PIN number to something unique. Choosing easy to guess numbers like your birthdate or ‘1234’ is asking for trouble.
- Once you have created safe logins don’t tell anyone what they are and change them periodically.
- Be consistent about locking your phone and email accounts. All the passwords in the world are useless if you leave your account/phone unlocked and unattended. Make a habit of locking accounts whenever you are not in control of the device – whether it’s your phone or your computer.
- Do not use any automatic sign-in functionality or password reminder tools on shared computers. If you do, everyone who shares the computer may have full access to your accounts.Similarly, many phone services allow you to call your own voicemail without having to enter your PIN if you call from your own phone number. While this is convenient for you, it’s even more convenient for someone else who wants to hear your voice messages.The problem is that your voicemail isn’t actually checking to see if the call came from your phone, it just checks to see if it came from your phone number which is very easy to spoof or fake. All someone has to do is use a service like SpoofCard that allows a user to make their number appear to be whatever number they want it to be – like yours. Then they dial ‘their’ number to hear your messages. SpoofCard now allows you to spoof SMS’s as well. Just imagine how much additional damage this can cause in the hands of a bully, stalker, or other freak with malicious intent – the mean call or message may look like it is from someone’s phone even when it isn’t. To best protect yourself, skip the convenience of automatically retrieving your voice messages, and set your voicemail to require your PIN to keep would-be snoopers at bay.
- Use strong, up-to-date security products on your cell phone and computers. All it takes to learn everything on your device is one little piece of malware – and there are only two things between you and an infection: 1) Strong security software, and 2) your ability to spot fraud.
- Strong security software: Most professional hackers collect passwords using malware that has been installed on your computer or mobile phone, and savvier snoopers can do the same. Be sure your anti-virus and anti-malware programs are up to date. Also be sure that any operating system updates are installed. See my blog Are You a Malware Magnet? 4 simple steps can make all the difference and Malware reaches New Highs, Spam Dips; Mobile Malware New Frontier.
- Your ability to spot fraud: Spam and scams come at us from all angles; in the mailbox in front of your home (junk mail) in your email inbox, via IM, social networking sites, chats, forums, websites, and sadly, now also on your phone. Learn these 14 Steps to Avoiding Scams, and practice on some of the examples (scroll further down the webpage) to see how well you can avoid the common consumer pitfalls scammers want you to stumble over.
- Avoid logging into accounts when using public wireless networks – you don’t know if these are safe or compromised. Read Like Lambs to the Slaughter? Firesheep Lets Anyone be a Hacker. Since many smartphone users use free WiFi hotspots to access data (and keep their phone plan costs down) smartphones are also more susceptible when leveraging public networks.
- Validate the legitimacy of any program/game/app before downloading it. Read Windows Getting Safer, but Study Finds that 1 of Every 14 Programs Downloaded is Later Confirmed as Malware and More Mobile Apps Caught Inappropriately Collecting User Info and Installing Malware.
- Check your computer and phone for monitoring tools. Family safety tools are designed to help parents protect their children, but all too often these tools are used to monitor spouses, friends, ex’s, etc. To know if you are being monitored – and all your interactions recorded and reported – you’ll need to check for monitoring tools. Online Tech Tips has an article titled How to detect computer & email monitoring or spying software that can be quite helpful.
- On phones, consider who sees your monthly statement. If family members have access to your statements, they can see who you called (phone number look up), who called you, and the times of day these occurred. This is also true of your text messages. If this is more information that you want snooped through, get your own plan and don’t leave your statements lying around.
- Don’t use location tools that track and broadcast your location. There are two types of location tools, those that you can ping to get information like driving directions, and those that track your location to broadcast to others. If you don’t want to be snooped, tracked or stalked, don’t use a tool that can track you.
Applying these precautions to your mobile and email usage will not guarantee that you aren’t snooped or hacked, but they will go a long way towards protecting you from the snoops in your life. If nearly half (47%) of the under-20 crowd are snooping, the non-snooping half had better start defending.
Create Strong Passwords
Creating strong passwords is actually easy. You don’t have to memorize multiple passwords like Wt4e-79P-B13^qS. But few people know the secrets to strong safe passwords and as a result, you may be using just one password even though you know it’s unsafe and that if it gets compromised all of your Web information is exposed. Or you use several passwords, but they are all short simple words or include numbers that relate to your life they are still too easy to guess.
The key aspects of a strong password are length (the longer the better); a mix of letters (upper and lower case), numbers, and symbols; with no ties to your personal information, and no dictionary words.
The good news is you don’t have to memorize awful strings of random letters numbers and symbols in order to incorporate all of these aspects into your passwords; you simply need a few skills.
The secret is to make passwords memorable but hard to guess. Learning a few simple skills will make creating strong memorable passwords easy. Creating them can actually be fun – and your payoff in increased safety is huge.
First, look at a few weak passwords to understand why these put you at risk:
- Password – The word “Password” is the most commonly used password and it is pathetically weak – as are ‘default’ and ‘blank’. These are simple words and easily guessed or broken with a hacker program that uses a dictionary assault on the password.
- Monard1968 – Though this uses 10 characters and includes letters and numbers, names that are associated with you or your family, or uses other identifying information such as birth year, are easily hacked.
- F1oweR – Though it mixes up capitols and numbers, it is too short and substituting the number 1 for the letter l is easy to guess.
To avoid these easy to guess or hack passwords try one or more of the following tricks:
Use a phrase and incorporate shortcut codes or acronyms: These examples let you use phrases that either mean something to you, or you associate with a type of website. For example, the ‘all for one and one for all’ may be the password for a social networking site where it’s all about sharing. It could be phrase about money for a banking site, and so on.
- 2BorNot2B_ThatIsThe? (To be or not to be, that is the question – from Shakespeare)
- 4Score&7yrsAgo (Four score and seven years ago – from the Gettysburg Address)
- John3:16=4G (Scriptural reference)
- 14A&A41dumaS (One for all and all for 1 – from The Three Musketeers)
Use passwords with common elements, but customized to specific sites: These examples tell a story using a consistent style so if you know how you write the first sections, and you’re on the login page for a site you’ll know what to add.
- ABT2_uz_AMZ! (About to use Amazon)
- ABT2_uz_BoA! (About to use Bank of America)
- Pwrd4Acct-$$ (Password for account at bank)
- Pwrd4Acct-Fb (Password for account at Facebook)
Play with your keyboard: It isn’t just the numbers and letters you see, it can also be a canvas to draw on.
- 1qazdrfvgy7, is really hard to remember unless you know that it’s a W! Make letters, shapes, and more by ‘drawing’ on the keyboard.
Add emoticons: While some websites limit the types of symbols you can use, most allow a wide range. Make your symbols memorable by turning them into smiley faces to instantly boost your password power.
- Commonly allowed symbols:
C?U2canCRE8Pwords;-) (See? You too can create passwords J)
Now create your own strong, memorable passwords!