The document discusses a mitigation plan addressing internet security challenges faced by children and adolescents, particularly concerning identity theft and phishing. It highlights the lack of cybersecurity knowledge among this demographic and presents a structured educational approach to enhance their awareness and skills through interactive games and tutorials. The plan aims to facilitate positive social change by empowering students with the knowledge to navigate online threats while minimizing risks.

1. Running head: WK10ASSGNHAYNESO 1
DPSY 6121-8121 Week 10 Final Project: Mitigation Plan
Identify Theft and Phishing: Children and Adolescents
The evolution of communication technology has permanently changed how societies
engage (Cortada, 2017; Greenwood, Perrin, & Duggan, 2016). Greenwood et al. (2016), for
example, noted that media use in the Unites States rose to 69% in 2016—compared to 5% in
2005. End-users such as education communities use wireless media and digital devices (e.g.,
virtual classrooms, computers, and iphones) as their primary means to address communication
needs and to facilitate teaching and learning practices (Greenwood, et al., 2016; Gruzd, Staves,
& Wilk, 2012; Prieger, 2013; Tomczyk, & Kopecký, 2016). Among children and adolescents
(e.g., between the ages of 9 to 19 years), however, research shows growing concerns about
internet security even though most schools, colleges, and universities post cyber security
resources on their websites (Ng Chong, et al., 2016; Prieger, 2013; Shillair, Tsai, Alhabash,
LaRose, & Rifon, 2015; Tomczyk & Kopecký, 2016).
The Problem
The problem, therefore, is that most children and adolescents or vulnerable population lack
internet security knowledge and skills to protect themselves from cyber threats—while engaging
online, especially identify theft, phishing, and password protection (Jang-Jaccard, & Nepal, 2014;
Tomczyk, & Kopecký, 2016; Shillair et al., 2015). Although most vulnerable population members
are familiar with junk mail (e.g., unauthorized advertisements via standard or electronic mail),
spam is its equivalent (e.g., via emails or text messaging) (Mazzarello, Fralick, & Clemons,
2016). In contrast, commercial mailing list vendors and internet software programs usually
supply cybercriminals with verifiable addresses including residential and personal emails

2. WK10ASSGNHAYNESO 2
(Mazzarello, et al. (2016). In addition, research indicates phishing share similar characteristics:
unsolicited and via commercial delivery sources (Mazzarello, et al., 2016).
However, the purpose is different. In that—rather than devising ways to acquire
unauthorized mailing and electronic addresses—cybercriminals including data hackers’ shop for
personal data such as passwords, credit cards, bank accounts, and social security numbers solely
to commit fraud (Mazzarello, et al., 2016; Shillair et al., 2015; Tomczyk, & Kopecký, 2016).
Children and adolescents are primary targets mostly because they usually have non-adverse
personal data profiles, ideal for cyberthieves to create new identities or to apply for new credit
cards (Mazzarello, et al., 2016; Shillair et al., 2015; Tomczyk, & Kopecký, 2016).
Developmental Age Group and Diversity Factors
Children and adolescents’ cognitive development literature is substantial (Newman, &
Newman, 2016). Piaget’s theory of cognitive development encompasses four stages: (1)
sensorimotor (e.g., birth to 2 years old), (2) preoperational (e.g., ages 2 to 6 years), (3) concrete
operational (e.g., ages 7 to 11 years), and (4) formal operational (e.g., 12 years and upward)
(Newman, & Newman, 2016). He theorized that children’s cognitive factors including learning
and acquisition of skills develop in stages (Newman, & Newman, 2016). His findings revealed
children illustrate levels of cognitive development through their abilities to interpret information
correctly and then use it to create new modes of thinking and knowing. All of which occur in
stages (Newman, & Newman, 2016).
Vulnerable population falls within Piaget’s third and fourth cognitive development
stages: concrete and formal operational thought (Livingstone et al., 2017; Newman, & Newman,
2016; Slavtcheva-Petkova, Nash, & Bulger, 2015). Excluding debilitating health problems, most
children and adolescents have adequate cognitive development to acquire cyber safety

3. WK10ASSGNHAYNESO 3
knowledge and skills (Newman, & Newman, 2016). On the other hand, studies show that (a)
development of positive self-esteem correlates with successful life experiences, that (b) self-
esteem increases with age, that (c) it is lowest among adolescents, and that (d) it is gender
specific (Mehdizadeh, 2010; Moksnes, & Espnes, 2013; Orth, Erol, & Luciano, 2018). Self-
esteem refers to an objective or subjective evaluation about oneself; it includes attitudes, beliefs,
and emotional states (Baumeister et al., 2003; Ciarrochi, Heaven, & Davies, 2007; Orth et al.,
2018).
Although widespread awareness about its effects on vulnerable population began during
the evolution of the Internet and the worldwide web (Cortada, 2017; Haigh, Russell, & Dutton,
2015). Orth et al. (2018) theorized, for example, that although self-esteem fluctuates, it remains
constant among adolescents. They conducted a meta-analysis study which included data from
164,000 research subjects. Alone these lines, Moksnes and Espnes (2013) discovered that males
score higher than females on self-esteem and life satisfaction measurement scales.
Implications of Developmental and Psychological Risks
In 1892, Psychologist William James defined the term “self-esteem” to emphasized
success correlates with pleasant feelings including positive attitudes about oneself. High self-
esteem correlates with positive feelings, which are typical emotions among children and adolescents
when they perform as expected on academic tasks. Its counterpart “low self-esteem” usually occurs
among vulnerable population when he or she, for example, experiences problems (Ciarrochi, et al.,
2007; Hawi, Nazir, & Samaha, 2017; Shillair et al., 2015). Inadequate internet safely skills as well
as password protection issues could produce negative attitudes, factors related to low self-esteem
(Baumeister et al., 2003; Ciarrochi et al., 2007; Orth, et al., 2018). Moreover, most children and
adolescents are not aware of strategies used by cyber criminals to steal personal data (e.g.,
phishing); thus, to experience a phishing related incident may trigger negative feelings, which may,

4. WK10ASSGNHAYNESO 4
in turn, lead to low self-esteem (Jang-Jaccard, & Nepal, 2014; Livingstone et al., 2017; Shillair et
al., 2015; Slavtcheva-Petkova et al., 2015). Based, in part, on William James’ research,
Sociologist Morris Rosenberg designed the Rosenberg self-Esteem Scale, an effective self-report
instrument used for evaluating self-esteem, primarily among children (Baumeister et al., 2003).
Benefits and Drawbacks of the Digital Technology
Primary types of action research are participatory and practical (Mills, 2014).
Participatory strategies address social, organizational, and community problems. The primary
purpose is to improve people’s lives by empowering them to create solutions that address
specific problems or issues (Lodico et al., 2010; Mills, 2014). In contrast, the aim of
practical research, as in the mitigation plan, is to improved teaching and learning practices
(Lodico, et al., 2010; Mills, 2014). Educators use the framework to create (a) educational
settings that are both proactive and content driven, (b) to address specific problems or issues in
applied settings, and (c) to create structured opportunities that enable reflective discussions about
issues like identify theft and phishing which occur in cyber environments but have negative
influences on teaching and learning practices (Creswell, 2012; Mills, 2014).
However, action research designs have more limitations than theory-driven frameworks
(Lodico et al., 2010; Mills, 2014). For example, research methods are subjective rather than
objective; this difference means that biases are more prevalent than their “scientific” counterparts
are (Mills, 2014). In addition, practitioners and participants play active roles in research
processes (Lodico et al., 2010). Most importantly, however, is that finding do not qualify for
generalization purpose but rather to address practical problems within organizational settings
(Lodico et al., 2010; Mills, 2014).
Strategies for Mitigation

5. WK10ASSGNHAYNESO 5
Although some cybercrimes like identify theft and phishing are ongoing (Jang-Jaccard, &
Nepal, 2014; Somekh, 2000; Tomczyk, & Kopecký, 2016), “action research” design flexibility
allows professional adults to use an array of strategies to address (a) specific phenomena, to
explore (b) practical solutions, and (c) to conduct research in natural settings and in real-time
(Creswell, 2012; Lodico, Spaulding, & Voegtle, 2010; Mills, 2014). Unlike theory-driven
research designs which are theory based and require hypotheses, research questions, and, usually,
control groups (Creswell, 2012; Lodico et al., 2010), action research (AR) excludes these
components, in part, because doing so allows for framework flexibility (Lodico et al., 2010;
Mills, 2014). In that, researchers employ a series of sequential steps which include (a) joint
interactions among researchers and participants, (b) actions such as implementing strategies or
intervention plans, (c) reflections, and (d) resolution of problems or issues (Creswell, 2012;
Lodico et al., 2010; Mills, 2014). As such, AR facilitates social change by empowering
organizations to address social problems specific to their organizational structures in real-time
(Mills, 2014). Primary types of AR are participatory and practical (Mills, 2014).
Participatory strategies address social, organizational, and community problems. The
primary purpose is to improve people’s lives by empowering them to create solutions that
address specific problems or issues (Lodico et al., 2010; Mills, 2014). In contrast, the aim of
practical research, as in the mitigation plan, is to improved teaching and learning practices
(Lodico, et al., 2010; Mills, 2014). Educators use the framework to create (a) educational settings
that are both proactive and content driven, (b) to address specific problems or issues in applied
settings, and (c) to create structured opportunities that enable reflective discussions about issues
like identify theft and phishing which occur in cyber environments but have negative influences
on teaching and learning practices (Creswell, 2012; Mills, 2014).

6. WK10ASSGNHAYNESO 6
This action research mitigation plan, for instance, will include strategies designed to
address inadequate internet safety skills among children and adolescents and to inform education
communities: An interactive cyber security game, a cyber tutorial, pre-post-standardized exams,
and pre-post online surveys. After completing these activities, students will understand
• cyber security and internet terminologies including phishing and password protection;
• internet and cyber security problems and issues;
• what the phrase the “Internet is forever” means;
• how to recognize cyber security threats; and
• where to find relevant cyber security tools and resources.
The appeal of action research began in the 1940s (Lewin, 1946). Social psychologists including
Kurt Lewin believed that although action research frameworks differed from scientific-research
designs, their primary purpose contributes to social science. In that, action research’s aim is to
address social problems even though the methodology is based on direct intervention rather than
development and evaluation of theories and findings (Lewin, 1946).
Although most education communities use wireless technologies to facilitate and to
improve teaching and learning practices (Creswell, 2012; Lodico et al., 2010; Mills, 2014;
Somekh, 2000), research indicates most children and adolescents lack basic knowledge about
how to protect themselves from identify theft and phishing while engaging in cyber
environments (Jang-Jaccard, & Nepal, 2014; Tomczyk, & Kopecký, 2016); therefore, this action
research mitigation plan will not only provide them with adequate knowledge to surf safely
online but also with adequate skills.
Social Change Implications
When organizations, individuals, or groups complete an act or acts for the sole purpose

7. WK10ASSGNHAYNESO 7
of improving the livelihood of cultures or societies, the deed refers to positive social change
(Weinstein, & Weinstein, 2010). Education communities, for example, have pioneered efforts to
foster social change, in part, by providing educational opportunities to millions of people
worldwide. Most graduates, for instances, acquire professional careers, which allow them
addition options to improve human lives (http://www.waldenu.edu/about/social
Change). Similarly, the mitigation plan herein will facilitate social change by helping students
acquire skills that are vital toward efforts to protect their private data while surfing the internet;
thus, it will not only encourage positive behaviors among vulnerable population but also
discourage negative behaviors among cybercriminals (Jang-Jaccard, & Nepal, 2014; Mazzarello,
et al., 2016; The Importance of Passwords, n.d.; Weinstein, & Weinstein, 2010).
Summary
Although most education communities use wireless technologies to facilitate and improve
teaching and learning practices (Creswell, 2012; Gruzd, et al.,2012; Mills, 2014; Somekh, 2000),
research indicates most children and adolescents lack basic internet security knowledge
including how to protect their private data as well as how to identify and prevent cybercrimes
such as phishing and identify theft (Jang-Jaccard, & Nepal, 2014; Tomczyk, & Kopecký, 2016).
Slavtcheva-Petkova et al. (2015) noted that children and adolescents need protection from cyber
predators. Alone these lines, Livingstone et al. (2017) discussed three common internet security
strategies mostly used by parents: restrictive mediation, active mediation, and co-use mediation;
however, they noted that outcomes are less than effective primarily because teaching and
learning environments are (a) unstructured, (b) not carried-out by professionals, and (c) not
implemented in natural settings in which the phenomena occur. In such instances, best practice
recommends an action research approach (Creswell, 2012; Lodico, Spaulding, & Voegtle, 2010

8. WK10ASSGNHAYNESO 8
; Mills, 2014).
Unlike scientific research design which are, among other factors, theory-driven, action
research frameworks are flexibility. In that, professionals including educators have an array of
design strategies readily available to address specific, organizational problems such as designing
structured educational settings in which students can acquire internet safety skills in natural
settings and in real-time (Creswell, 2012; Lodico, Spaulding, & Voegtle, 2010; Mills, 2014). In
this sample mitigation plan, for example, students will complete pre-post, multiple choice exams,
an interactive cyber security game, a cyber security tutorial, and pre-post online surveys. All of
which will foster social change because after completing the mitigation plan children and
adolescents will have adequate internet safety skills, which will allow them to engage in cyber
environments while optimizing opportunities and minimizing risks.

9. WK10ASSGNHAYNESO 9
References
Baumeister, R. F., Campbell, J. D., Krueger, J. I., & Vohs, K. D. (2003). Does high self-esteem
cause better performance, interpersonal success, happiness, or healthier lifestyles?
Psychological Science in the Public Interest, 4, 1-44. Retrieved from
https://assets.csom.umn.edu/assets/71496.pdf.
Ciarrochi, J., Heaven, P. C. L., & Davies, F. (2007). The impact of hope, self-esteem, and
attributional style on adolescents’ school grades and emotional well-being: A longitudinal
study. Journal of Research in Personality, 41(6), 1161–1178.
https://doiorg.ezp.waldenulibrary.org/10.1016/j.jrp.2007.02.001
Cortada, J. W. (2017). A history of information in the United States since 1870. Information &
Culture, 52(1), pp. 64–84. https://doi-org.ezp.waldenulibrary.org/10.7560/IC52103
Creswell, J.W. (2012). Educational research: planning, conducting, and evaluating quantitative
and qualitative research (4th Ed.). Boston, MA: Pearson Education Inc.
Greenwood, S., Perrin, A., & Duggan, M. (2016). Social media update. Pew Research
Center. Retrieved from http://assets.pewresearch.org/wp-content/uploads/sites/14/
2016/11/10132827/PI_2016.11.11_Social-Media-Update_FINAL.pdf
Gruzd, A., Staves, K., & Wilk, A. (2012). Connected scholars: Examining the role of social
media in research practices of faculty using the UTAUT model. Computers in Human
Behavior, 28, 2340–2350. Retrieved from
https://doiorg.ezp.waldenulibrary.org/10.1016/j.chb.2012.07.004
Haigh, T., Russell, A. L., & Dutton, W. H. (2015). Histories of the Internet: Introducing a special
issue of information & culture. Information & Culture, 50(2),143–159.
https://doi-org.ezp.waldenulibrary.org/10.7560/IC50201

10. WK10ASSGNHAYNESO 10
Hawi, N, S, Nazir S., & Samaha, M. (2017). The relations among social media addiction, self-
esteem, and life satisfaction in university students. Social Science Computer Review, 35(5),
576-586. doi: 10.1177/0894439316660340.
Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal of
Computer and System Sciences, 80(5), 973–993. http://dx.doi.org/ 10.1016/j. jcss. 2014
.02.005.
Lewin, K. (1946). Action research and minority problems. Journal of Social, 2, 34–46.
http://dx.doi.org/10.1111/j.1540-4560.1946.tb02295.x
Livingstone, S., Ólafsson, K., Helsper, E. J., Lupiáñez, V. F., Veltri, G. A., & Folkvord, F.
(2017). Maximizing opportunities and minimizing risks for children online: The role
digital skills in emerging strategies of parental mediation. Journal of Communication,
67(1),82–105. https://doi-org.ezp.waldenulibrary.org/10.1111/jcom.12277.
Lodico, M., Spaulding, D., & Voegtle, K. (2010). Methods in educational research: From theory to
practice (Laureate Education, Inc., custom ed.). San Francisco: John Wiley &Sons.
Mazzarello, S., Fralick, M., & Clemons, M. (2016). A simple approach for eliminating spam.
Current Oncology, 23(1), e75-e76. https://doi:10.3747/co.23.2860
Mills, G. E. (2014). Action research: A guide for the teacher researcher (5th eds.). London: Pearson
Education Limited.
Moksnes, U. K., & Espnes, G. A. (2013). Self-esteem and life satisfaction in adolescents—
gender and age as potential moderators. Quality of Life Research, 22, 2921–2928.
doi:10.1007/s11136-013-0427-4.
Newman, B. M., & Newman, P. R. (2016). Theories of human development (2nd ed.). New
York, NY: Psychology Press/Taylor & Francis.

11. WK10ASSGNHAYNESO 11
Orth, U., Erol, R.Y., & Luciano, E. C. (2018). Development of self-esteem from age 4 to 94
years: A meta-analysis of longitudinal studies. Psychological Bulletin, 144(10), 1045-
1080. http://dx.doi.org/10.1037/bul0000161
Osborne, R. E. (2018). Self-esteem. Salem Press Encyclopedia of Health. Retrieved from
https://ezp.waldenulibrary.org/login?url=https://search.ebscohost.com/login.aspx?
direct=true&db=ers&AN=93872219&site=eds-live&scope=site
Orth, U., Erol, R.Y., & Luciano, E. C. (2018). Development of self-esteem from age 4 to 94
years: A meta-analysis of longitudinal studies. Psychological Bulletin, 144(10), pp. 1045-
1080. http://dx.doi.org/10.1037/bul0000161
Prieger, J. (2013). The impact of government policies on access to broadband. School of public
policy working papers. Retrieved from
http://digitalcommons.pepperdine.edu/cgi/viewcontent.cgi?article=1043&context=sppwo
rkingpapers
Shillair, R., Cotten, S. R., Tsai, H. S., Alhabash, S., LaRose, R., & Rifon, N. J. (2015). Online
safety begins with you and me: Convincing Internet users to protect themselves.
Computers in Human Behavior, 48, 199-207. https://doi.org/10.1016/j.chb.2015.01.046
Slavtcheva-Petkova, V., Nash, V. J., & Bulger, M. (2015). Evidence on the extent of harms
experienced by children because of online risks: implications for policy and research.
Information, Communication & Society, 18(1), 48–62.
https://doi-org.ezp.waldenulibrary.org/10.1080/1369118X.2014.934387
Somekh, B. (2000). New technology and learning: Policy and practice in the UK, 1980--2010.
Education and Information Technologies, 1, 19. Retrieved from
https://searchebscohostcom.ezp.waldenulibrary.org/login.aspx?direct=true&db=edsgea&
AN=edsgcl.161385328&site=edslive&scope=site

12. WK10ASSGNHAYNESO 12
The Importance of Passwords (n.d.). University of Ottawa, Canada. Retrieved from
https://it.uottawa.ca/accounts/password-tips
Tomczyk, L. Kopecky, K. (2016). Children and youth safety on the Internet: Experiences from
Czech Republic and Poland. Telematics and Informatics, 33, 822-833. Retrieved from
https://www.researchgate.net/profile/Lukasz_Tomczyk/publication/285288746_Children
_and_Youth_Safety_on_Internet_Experiences_from_Czech_Republic_and_Poland/links/
56d3138108aeb52500d1829c/Children-and-Youth-Safety-on-Internet-Experiences-from-
Czech-Republic-and-Poland.pdf
Weinstein, J. A., & Weinstein, J. A. (2010). Social change. [electronic resource]. Lanham:
Rowman & Littlefield Publishers. Retrieved from
https://searchebscohostcom.ezp.waldenulibrary.org/login.aspx?direct=true&db=cat06423
a&AN=wal.EBC616416&site=eds-live&scope=site