As many children of all ages are starting school remotely this year, they’re getting a crash course in internet security and protecting their identities. They’re spending much more time online than they had in the past, often with a lot less adult supervision. And scammers have been out in full force taking advantage of new opportunities for theft from the pandemic. It’s a good time to take extra steps to help your children protect their personal information when going to school online – and to protect your computers, too.
“As distance learning becomes more routine, the scammers are going to look at that and say, ‘Where can I exploit this?'” says Eva Velasquez, president and CEO of the Identity Theft Resource Center. “You have to treat your interactions with these devices and platforms like it’s going to happen. Part of it is keeping it top of mind.”
You may have already taught your kids some online safety when they were playing computer games or on social media, and they should follow similar advice now for school. “When you’re online for school, you have to treat it the same as you would for recreational use – you have to have the same caution and concern,” says Velasquez. “It’s educating kids and letting them know what to ask.”
Here are some tips to avoid child identity theft:
- Remind kids to be careful about opening attachments and suspicious emails.
- Choose new passwords.
- Check security and privacy on school computers.
- If your kids use a home computer, be careful with your personal information.
- Be careful with your kids’ personal information and watch out for ID theft clues.
Remind Kids to Be Careful About Opening Attachments and Suspicious Emails
You may have already taught your kids to be careful opening emails and attachments from people they don’t know, but it’s a good time for a reminder since they’re likely to get more messages from a variety of people – including their teachers, their guidance counselor and their school – that they won’t be able to verify in person. Help them identify when the message could be from a scam artist posing as a school-related email.
“Think before you click,” says Elena Mauer, consumer safety editor at SecurityNerd.com. “Some of these emails have gotten more sophisticated, and they’re getting better at making these emails look legitimate. Verify the email address and domain name. It might look like it’s from the guidance counselor, but they click on it and someone’s looking for their personal information.”
Let older kids who are doing more on their own know when they should ask you about suspicious emails. “The parent can’t be available at all times looking over the shoulder of their kids, so try to set some ground rules and have the child know when they should come to the parent before they do something,” says Paul Stephens, chief analyst, consumer education and advocacy for the Privacy Rights Clearinghouse. “Understand how to look for phishing email – basically if you receive an email from someone you do not know, don’t give out any information to anybody you didn’t know before the email was sent.”
And parents need to be careful when downloading programs or accessing information for the online classes, too. “If access to the program is not being sent directly from the school district, make sure you’re in the right place,” before downloading any new apps, says Velasquez. “We know how popular impostor scams are, and the scammers are out there waiting.” If your school is using unfamiliar educational programs, make sure you’re accessing the correct one and not a lookalike, says Velasquez.
Choose New Passwords
Don’t use the same passwords on your child’s computer and school programs as you do for your financial accounts. That sounds obvious, but so many people duplicate passwords because it’s easy. “I can’t tell you how many people use the same password on everything, or something that’s easy to remember, or the default password,” says Mauer. “We should have complex passwords, and they should be different on each device. If you’re using your bank account password on your kids’ Chromebook because you remember it, that’s not a good idea because someone can find out that password and use it.” She recommends passwords of eight to 10 characters that use symbols and punctuation. She uses the password generator on Chrome, and then signs in with the master password.
Check Security and Privacy on School Computers
If your child received a computer from school, find out about the protection included on the device. “They should at least have some antivirus software and things to prevent malware,” says Mauer. “I would keep personal information off of that school computer, because you just don’t know what sort of protections are on there. Any device that belongs to the school, use for school only, and for any personal accounts, use your home computer.”
You may want to take extra steps to find out about security and privacy settings. “If families are being issued these laptops or Chromebooks, I would encourage them to ask questions to understand what ability do I have to change the privacy settings both on the device and browser the kids are using, and if they’re using special apps that are already downloaded, I would ask questions about what data and information is being collected by those apps, and do I have the ability to set those privacy settings?” says Velasquez.
The computer may already block certain explicit sites, but it also helps to keep an eye on what your child is doing on the computer when possible. “These parental controls are not a substitute for actually knowing your kid and what’s appropriate for them,” says Mauer. “If they’re in common rooms in the house when they’re online, you can kind of keep track of what they’re doing. You can get an idea of what they’re using it for, and can set up boundaries about what they’re allowed to do and not to do. You can explain to your kids the risks.”
If Your Kids Use a Home Computer, Be Careful With Your Personal Information
If your children are using your home computer for their schoolwork, it’s a good time to take extra steps to protect any sensitive personal or financial information that is stored on that computer, in case the child does click on something that makes it vulnerable. “If it’s a home computer and family computer, what do you have on that computer?” says Velasquez. “If your child makes a mistake or if you have a network, please realize those connections create vulnerabilities and if one computer is infected, it could affect your entire network. If you’re using one computer are you storing your taxes and sensitive information, and if your child inadvertently downloads a virus, are you going to compromise yourself? Do an audit of what you have on that computer, and realize that if you want to store these documents digitally, you can store it on a separate hard drive,” says Velasquez.
Consider setting up parental controls on the device. “I recommend using the parental controls,” says Mauer. “Some people feel that they’re being too cautious, but as long as you keep it age appropriate – thinking about what your child is ready and responsible for – it’s a good idea. Even in social media or video games, enabling parental controls can prevent someone from finding out their name and school and prevent them from contacting your child.” SecurityNerd’s Guides for Parents explains how to set up parental controls on several kinds of devices.
Be Careful With Your Kids’ Personal Information and Watch Out for ID Theft Clues
Both you and your child should be careful before providing any personal information that ID thieves could use to steal their identity – especially since school registration and other paperwork is being collected online rather than in person at many schools this year. “Be really careful with Social Security numbers,” says Mauer. “Online predators see those Social Security numbers as something they can easily take because parents aren’t necessarily checking that yet, and it’s a clean credit report.”
Synthetic identity theft is a growing problem – ID thieves may use a child’s Social Security number and combine it with other information to create a new identity and take out loans or make purchases. “Child ID theft can go undetected for such a long time because if you’re talking about a very young child, they may not detect the ID theft until they reach adulthood and apply for their first credit card, and it will be a real mess,” says Stephens.
Keep an eye out for suspicious activity that could provide clues that someone has stolen their personal information. “If the child is receiving credit card offers in the mail, or notices from the IRS that taxes are due, or debt collection calls, that could be a tip off that the child could be a victim or identity theft,” says Stephens. “Then you’ll want to check their credit report and if you find anything there, dispute the information and place a security freeze,” he says.
Velasquez recommends that parents freeze their children’s credit record now that the freezes are free in all states, which makes it more difficult for identity thieves to take out credit in their name. “As a parent, freezing your child’s credit is one of the most robust consumer protection steps you can take,” she says. “We do advise parents to go ahead and freeze their children’s credit since it’s free now. That will take a lot of the guesswork out of it. There is no reason why a child’s credit needs to be open.”
It can be more complicated to freeze a child’s credit than it is for an adult – Velasquez recommends going to each credit bureau’s website for its procedure for children’s records (Experian.com, Equifax.com and TransUnion.com). If you do freeze your child’s credit, make sure that your child knows the status as he or she gets older – especially since it may be a decade or more before the child needs to thaw the report to apply for his or her own credit. Keep track of the information needed to thaw the report with your important financial records, and make sure another trusted adult knows the procedure, too. “Make sure there’s a conversation around the fact that the credit is frozen, because there can be divorce, remarriage, death in the family,” says Velasquez. “You want to make sure that enough trusted people in the family know.”