Children and hackers: What you need to know

What risks do young online users face - and what can be done to keep them safe?
Written by Charlie Osborne, Contributing Writer

Spam, malware and phishing campaigns are all irritating and potentially dangerous components of being online today. As adults begin to wise up to the process, albeit slowly, a worrying trend has emerged -- that of targeting young online users for profit.

Where the media is constantly reporting examples of people meeting online and then ending up in dangerous situations when they meet in reality, or discussing cases of people 'falling in love' and then being scammed out of their savings, children generally are taught never to talk to strangers -- a precept which may or may not be followed online.

However, it is not only negative communicative influences that parents should be aware of. There are other pitfalls your children may experience online; including exposure to pornography, violence, identity theft and malicious content.

Young children who are playing a flash-based game online are more likely to press that pretty, animated download button with the upbeat audio -- which could result in malware thieving stored bank details on a computer from right under your nose.


In what ways are children targeted online?

A recent study conducted by a large Internet security firm, Avast, found that malicious code is now appearing more frequently, and is often embedded within gaming websites aimed at children. Avast said that in the run up to January this year, malware threats were detected at more than 60 websites containing SEO-laden phrases including 'game' or 'arcade' within their titles.

Due to this, children often click on pop-ups or linked pages that may redirect a user to inappropriate pages, download Javascript infections, adware or malware. In serious cases, this could also include backdoor infections which could allow severe computer infections to bypass computer security and hijack a machine.

The most visited site affected within this study was Cutearcade.com, which generated over 12,600 infection reports alone. A trojan redirected users to a well-known distribution point for malware, although the owner of the site believes the reports were due to third-party advertising.

Children are targeted through the use of visual lures -- flashing colours, pretty animations and interesting graphics can all serve as tools for a hacker to gain access to your machine. It is highly unlikely a young child will be worrying about online safety when a highly-visual animation or graphic ropes them in to clicking a button -- and they may not understand what permissions they are granting a piece of third-party software when they do.

A child is also not necessarily aware of what signs to watch out for in order to realize a machine is infected. Slow performance, a spam bot sending out infected emails, or software such as toolbars and a changed Internet home page may rouse suspicion in an adult, but not necessarily someone younger.

Why does this occur?

Children are not always aware of threats lurking on the Internet, and therefore do not know how to prevent themselves becoming exposed to online scams -- making them an enticing target for cyber-criminals. However, the machines that children use may exasperate the situation:

"I believe that children's computers are more vulnerable to attacks because they are usually in worse shape -- in other words the owners are less likely to have the latest security updates installed," Mr Vlcek, Avast's chief technical officer, told the BBC. If computers are mainly used for entertainment purposes, security updates can and often are forgotten.

After all, how much of a threat can a flash-based child's game be? Often, popular games can be corrupted by hackers; exploiting children who may be too young to read or understand security risks online -- and are unlikely to have heard the terms 'malware' or 'trojan' before, let alone comprehend what it means.

"Some scams might raise suspicions of adults -- particularly when they seek to install software on the computer or redirect computer users to suspicious web sites," said Catalin Cosoi, head of online threats lab at Bitdefender:

"So the scammers are going for easier targets. Kids are more easily tempted into click on that big green download button or flashing icon in hopes of having more fun. A four-year-old, obviously, isn't worried about online banking vulnerabilities."

It needs to be kept in mind that a website imbued with forms of malware may be legitimate, and has fallen prey to hackers itself. Sometimes third-party advertisements, that are prevalent on websites offering free games or services, may have malicious code within -- rendering the third-party culpable rather than the website itself.

What can be done to ensure your child's safety?

  • Keep your anti-virus software current and up-to-date. It is also worth downloading a separate program, such as Spyware Doctor, that roots out spy and adware rather than focusing on more serious viral infection. Sometimes a singular program will not clean your computer completely, so running frequent scans with different varieties can help.
  • Block sites known to contain malware. If you visit a website and are asked to run suspicious scripts or software, playing it safe has its advantages.
  • Install monitoring software. Especially for younger children, supervising their activities is important. There are a number of different options online for parents to be able to control online activity.
  • Supervise young children when they are online. Some malware may prompt a child to disable your anti-virus software. If this happens, then you need to know in order to rectify the situation, as well as be aware of what content your child is viewing.
  • Set boundaries. Depending on the age of the child and what they are able to understand, setting some clear rules concerning what they are allowed to do online (with the threat of taking away the privilege if rules are broken) can prevent your child being exposed to inappropriate items -- and potentially keep malware at bay.

Another option is to set a code of conduct that your child must follow to keep their access to Internet services. Some questions to consider are below:

  • How long are they allowed to use the Internet, and what websites do they have permission to visit?
  • What content is off-limits?
  • What kind if communication is acceptable, and do you require passwords to their accounts -- whether it be social networking or email addresses?
  • What happens if they break the rules?

It is difficult to avoid your machine being infected all the time, however, being aware that there are risks in seemingly innocent websites and games can make a difference to keep both your child and personal data safe.

Image credit: Philippe Put


Editorial standards