Cybersecurity for kids, discusses phishing attacks, malware, and some basic tips for helping young adults identify attacks and what they can do to protect themselves.
These slides are by Jason Hong, a professor of computer science at Carnegie Mellon University.These slides were used at iTeams 2013, a camp for kids to learn about technology and entrepreneurship.Teaching kids cybersecurity was the main goal of my short 20 minute talk.Feel free to reuse and modify.
Picture from http://nakedsecurity.sophos.com/2012/06/12/beware-fake-facebook-notifications/
Picture from a real fake web site (via PhishTank).At this point, most kids will say that they will login, which is the wrong thing to do because the screens we just saw were fake.
How can you tell that it’s fake? Well, the only real hints you have are highlighted here, in terms of the email address and the URL (or web address). So let’s teach you how to read these email addresses and web addresses, so you can avoid these kinds of attacks.
Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil.Anti-Phishing Phil is a game that teaches people how to identify phishing scams.(Note: for disclosure purposes, Jason Hong is also a co-founder of Wombat Security)
Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
Screenshot courtesy of Wombat Security Technologies, from Anti-Phishing Phil
The only real tricky one here is the 4th one, National Geographic. Usually, about half of people will get it right, the other half won’t.It’s actually legitimate. This point actually leads nicely to the next slide, which is that if you aren’t sure, then use a search engine instead.Don’t click on strange links in email or Facebook, look up your destination instead.
It’s important to emphasize that bad guys can put any content they want in the browser content area.It’s also really easy to create a fake web page that looks legitimate.But it’s hard for them to fake the web address part.
I included this screenshot because Blizzard games are popular (World of Warcraft, Diablo, Starcraft, etc). Can emphasize that this is how a lot of gamers get hacked.
Here, I ask the kids about who is attacking, and why do they care?The basic answer is that there are a range of bad guys (small time to professional), and most of them care about making money off of you.
Takeaway 6 is trying to make sure that the kids understand that anyone can be a target. It’s not just rich people, it’s not just executives, it really can be anyone.Only a handful of kids seem to have heard of malware before too.
Good to emphasize that learning this material can help the kids protect themselves as well as their parents, siblings, and friends.
Here’s one example of malware, which is fake anti-virus.
Some more fake anti-virus. Simple lesson here is don’t install software that you weren’t expecting to install.http://oregonstate.edu/helpdocs/safety-and-security/computer-viruses-fraud/computer-viruses/fake-antivirus-warnings
Koobface example. These are fake messages that try to get you to install fake video software.http://news.cnet.com/koobface-virus-hits-facebook/
Koobface example, trying to trick you into “updating” your video software.