Digital safety and security tips for college students and teens
Being a teen, surviving high school, and embarking on your college journey are already hard enough as is. In today’s highly connected world, you also have to navigate online safety and cybersecurity issues.
Cybersecurity is the digital equivalent of protecting a house from crooks, except there are many more entry points to protect. According to Cisco, a company that specializes in networking, cloud, and security solutions, cybersecurity is “the practice of protecting systems, networks, and programs from digital attacks.”
Cyber threats can include malware, ransomware, phishing, and social engineering. Any of them may result in identity theft. You can lose your data and your money, and a cybercriminal could even impersonate you on social media, damaging your reputation. Worse yet, a malicious cybercriminal could lure you into a dangerous situation offline, putting your physical safety at risk.
Teens and college students are particularly vulnerable to cyberattacks. In this guide, you will learn how to stay safe and secure in an evolving digital landscape of cybersecurity threats. But first, let’s explore some surprising stats about teen internet use that bring the issue of cybersecurity into sharper focus.
College student and teen internet use
It comes as no surprise that digitally literate teens and college students are online, the surprising part is just how often they are. A 2019 survey by Common Sense Media about media use by tweens and teens found that:
84 percent of teens have their own smartphones.
- Teens spend about seven hours a day on their smartphones.
- Teens watch on average nearly three hours of online video per day.
- 70 percent of girls in their teens use social media every day.
- Nearly 60 percent of teens do homework on their computers every day.
For college students, the stats take on a deeper dimension. One study on smartphone addiction and sleep from Frontiers in Psychiatry polled 1,043 college students from King’s College London. Of those, almost 40 percent reported being addicted to their smartphones.
If you are one of the many who are spending more and more time online, you might be wondering what it really means to be “in danger.” You may not be hanging on the edge, but all of us online are walking on a cliff. It certainly does not hurt to learn the facts about cybersecurity.
Myths vs. facts: cybersecurity in a digital world
The internet is global, there is no one in charge, and there are many cybersecurity myths people perpetuate without knowing it. Here are some of the most common cybersecurity misconceptions, along with a little myth-busting to give you some perspective.
Myth: A variety of difficult, personalized, complex passwords will keep you safe online.
Fact: Hackers use software that runs billions of password combinations and their methods for figuring out your passwords are very sophisticated.
Myth: If you use antivirus software, you are safe.
Fact: A hacking collective called Fxmsp breached three of the biggest antivirus providers in 2019.
Myth: It’s not that big of a deal to have your data stolen if you just use social media, surf the web, or email.
Fact: Your social media data is worth thousands of dollars to marketers. It is worth just as much, if not more, to hackers. And surfing the web attaches cookies to your browser, making it easy for hackers to see where you have been. The more of your data hackers get, the easier it is for them to take over your computer and hold it hostage until you pay them money (ransomware).
Myth: Phishing scams are easy to spot.
Fact: Phishing attacks are the most common type of cybersecurity breach and college students are particularly vulnerable. In 2021, the IRS had to warn students about an impersonation email scam in which hackers tried to get access to their taxpayer info. In 2020, the FTC also saw a COVID-19 economic stimulus check phishing scam that targeted college students.
Myth: You can tell when your phone or computer has been hacked.
Fact: When hackers install malware on your device, it can be very hard to detect. Once hackers have access to your device, they can use it as a “zombie” device to coordinate attacks on other systems. They may even be able to access your webcam.
These are just some of the harmful cybersecurity myths floating around. It is best to take your internet safety and cybersecurity seriously.
How to stay safer online
Keeping yourself safer online can help protect your information, as well as create peace of mind while you are using the internet, either for school or personal use. There are many ways that you can keep your information safer on your personal devices, as well as practice good internet safety. You can use these practices separately or combine them for a more holistic approach to online safety.
Secure your digital signature
Universities will often cut administration costs by digitizing academic documents and forms — on the upside, this is more convenient and accessible for students and faculty when the document requires a signature. Education forms that may require your e-signature include:
- Applications
- Financial aid and scholarships
- Admission forms
- Internships
- On-campus jobs
- Housing agreements
- Meal plans
Your e-signature is just as important, and as legally binding, as your wet signature. This is why it is important to keep it secure. You can keep your e-signature secure by:
- Refraining from saving your signature to any devices: While saving your signature can make filing paperwork easier, it can also make copying your digital signature easier for someone who might want to steal your identity. By having to create a new signature each time, you are decreasing the chances of e-signature fraud.
- Using password-protection: Some PDF software, like Adobe Acrobat, will allow you to password protect a document. This means that only people with the password can access your signature. This can help keep documents with sensitive information, such as financial aid forms, secure.
- Installing encryption software: You can also install encryption software on your personal devices. This will scramble any PDFs, emails, and other documents from anyone without the proper digital ID. This will ensure that any documents with your signature or other personal information remain safe, even if they are intercepted.
These practices can help teens and young adults create good digital security habits that can serve them throughout their higher education and well into their professional careers.
Protect your mobile device
Smartphones have become a huge part of our daily lives, and survey data from Statista show the average person spending around five to six hours on their phone per day. According to Peterson’s, colleges and universities are also encouraging mobile device use by releasing apps that allow students to access their financial and education records, and even take tests or check in to class right from their phone.
There are many benefits to a mobile-first approach, but there are also several risks. Your phone can be vulnerable to hacks based on the security measures you do or don’t implement, the data on the devices, and the apps you have installed. This is why it is important to take steps to secure your mobile device before accessing sensitive information. You can do this by:
- Enabling two-factor authentication: Two-factor authentication can help keep your phone secure if you’ve lost your device or had it stolen. Two-factor authentication, as the name suggests, requires two types of identity verification. This drastically lowers someone’s ability to get into your device, even if they know one of two passwords.
- Keeping your apps updated: It is incredibly important to keep your apps updated. App updates often also include security updates within software patches. If you do not keep your apps up to date, hackers may be able to exploit old security vulnerabilities to get into your accounts.
- Only giving personal information to secure sites: You can tell whether a website is secure by looking at the URL. If a site starts with “HTTPS”, the “S” stands for secure. If this “S” is not present, you will want to refrain from entering sensitive information such as credit card numbers or addresses.
Keep your email accounts safe
Your email account can hold important documents during both your education and professional career. This is why it’s important to keep your personal and school emails protected. You can enhance security by enabling two-factor authentication, and installing encryption software, as we have mentioned before.
Another way you can enhance security for your email account is by limiting the number of devices you access it on. Accessing an account on a public computer can leave your account vulnerable. Only access your email accounts on personal devices such as your phone and personal laptop.
Know how to combat the dangers of social media
Social media can be a great outlet for creativity, social fulfillment, and general day-to-day entertainment. Most teens and young adults today have not known a world without some form of social media. However, it’s important to be cautious when using social media, and putting your face and location online can pose particular risks for young people. Three ways to help avoid these risks:
- Turn off automatic location sharing: Turning off automatic location sharing can help keep your physical location hidden. This can not only help keep you physically safe, but it can stop hackers from being able to use your location data.
- Turn your profile to private: Having a private profile gives you more control over who can see your posts, as well as who can directly message you.
- Don’t open links from accounts you don’t know: If your account is public, be careful about the messages you open. Links can host malware, which can destroy your device or mine your personal data. As the IT experts at Jolera suggest, look for the “https” in the URL, or run the link through a virus checker before opening it in a browser.
When it comes to social media, it is just as important to look out for your mental wellbeing as it is your data security. Research aggregated by the Newport Academy shows how depression and social media use in teens are closely linked. The National Alliance on Mental Illness (NAMI) suggests how you can create a healthier relationship with social media by limiting your daily usage, or only following accounts from people you know.
Be wary of phishing
Phishing is the fraudulent practice of sending messages pretending to be someone or something that you are not. E-mail phishing is a great example of this — someone might send you an email pretending to be your boss, trying to get your email log-in credentials. If they succeed, they now have access to all kinds of information. Phishing can happen on public servers with messaging capabilities, including social media, dating apps, and emails. Learning how to spot phishing can help you keep your information safe online. Here are some common phishing scams:
- The message sender claims to be a company you do business with that is having issues with your account. They ask you to click on a link in the email and login, but the email looks like a format you have not seen before, or it is a company you have not done business with in a long time.
- The message sender claims to be someone you know, but is sending correspondence from an unfamiliar channel.
- The message sender claims to have a prize or opportunity for you, and will give it to you when you send them personal information.
When in doubt, do not take action within the emails. If you received an email from a company about something wrong with your account, for example, login to your account in a different browser using a link to the site you find through Google search. If you do not have an account, simply delete that email. If you receive an email from someone that appears to be spoofing the sender, send a different follow-up email to that person, using the email address for them that you have in your address book, or that you find in a public directory. And never send personal information in an email to anyone you do not know, no matter how many prizes are offered. If you did really win something, go online to search for the company and the contest.
Types of cyberattacks
There are many types of cyberattacks. As CRN magazine has documented, you can even be the victim of cybercrime without your device being compromised, in the form of security issues from companies you work with. For potential attacks on your personal devices and data, these are some of the most common:
- Denial-of-service and distributed denial-of-service attacks: This attack is when a cybercriminal uses botnets to overload a server, temporarily or completely shutting it down to the intended users. This can cause slow-downs or complete halts of work, which can have big consequences.
- Man-in-the-middle attack: This attack occurs when the perpetrator secretly intercepts a data transfer, connection, or conversation. You may not be aware that a man-in-the-middle-attack is happening, but it can have dire consequences for your data.
- Drive-by download attack: This attack occurs when the perpetrator subtly starts a download of malware or a virus on your computer and then leaves you with your infected device. You may not be aware that this attack is happening, which is what makes it one of the most subtle cybersecurity attacks.
- Social engineering: Perpetrators of social engineering attacks use psychology to make people act. This could be buying a fraudulent product to get credit card information, or divulging sensitive personal information on a non-secure site.
Awareness of how cyberattacks work is the first step in being able to intercept or disable them. By using cybersecurity tools and best practices, you can reduce the access points that cybercriminals have to your devices and data.
Do not put up with cyberbullying
Just because it is online and virtual does not mean it is not serious. Cyberbullying is no joke. According to Do Something, 37 percent of young people from ages 12 to 17 have experienced a form of cyberbullying. Cyberbullying is any use of the internet to bully, threaten, or demean another person. If you are experiencing cyberbullying, you should immediately block and report the account. If this does not stop the problem, then reach out to the customer service line of the platform to pursue further action.
The worst thing that you can do is ignore cyberbullying. This will not stop the problem from recurring and can increase feelings of depression and isolation. Stopbullying.gov has a list of resources for children, teens, and adults who need help to stop or deal with cyberbullying.
Cybersecurity resources
For each point below you will find articles and reviews discussing cybersecurity practices, currently available software, and trends within the cybersecurity community.