Kids Rules for Online Safety
Printable Version (PDF 145KB)
- I will not give out personal information such as my address, telephone number, parents’ work address/telephone number, or the name and location of my school without my parents’ permission.
- I will tell my parents right away if I come across any information that makes me feel uncomfortable.
- I will never agree to get together with someone I "meet" online without first checking with my parents. If my parents agree to the meeting, I will be sure that it is in a public place and bring my mother or father along.
- I will never send a person my picture or anything else without first checking with my parents.
- I will not respond to any messages that are mean or in any way make me feel uncomfortable. It is not my fault if I get a message like that. If I do I will tell my parents right away so that they can contact the service provider.
- I will talk with my parents so that we can set up rules for going online. We will decide upon the time of day that I can be online, the length of time I can be online and appropriate areas for me to visit. I will not access other areas or break these rules without their permission.
- I will not give out my Internet password to anyone (even my best friends) other than my parents.
- I will check with my parents before downloading or installing software or doing anything that could possibly hurt our computer or jeopardize my family’s privacy
- I will be a good online citizen and not do anything that hurts other people or is against the law.
- I will help my parents understand how to have fun and learn things online and teach them things about the Internet, computers and other technology.
Protect your personal information. It's valuable.
Why? To an identity thief, it can provide instant access to your financial accounts, your credit record, and your other personal assets.
If you think no one would be interested in your personal information, think again. The reality is that anyone can be a victim of identity theft. In fact, according to a Federal Trade Commission survey, there are almost 10 million victims every year. It's often difficult to know how thieves obtained their victims' personal information, and while it definitely can happen offline, some cases start when online data is stolen. Visit http://consumer.gov/ncpw/category/identity-theft-privacy/ to learn what to do if your identity is stolen.
Unfortunately, when it comes to crimes like identity theft, you can't entirely control whether you will become a victim. But following these tips can help minimize your risk while you're online:
- If you're asked for your personal information – your name, email or home address, phone number, account numbers, or Social Security number – learn how it's going to be used, and how it will be protected, before you share it.
- Don't open unsolicited or unknown email messages. If you do get an email or pop-up message asking for personal information, don't reply or click on the link in the message. To avoid opening such messages, you can turn off the "Preview Pane" functionality in email programs, and you can set your default options to view opened emails as plain text to avoid active links or pop-ups in the messages. Most importantly, do not to respond to solicitations for your personal or financial information. If you believe there may be a need for such information by a company with whom you have an account or placed an order, contact that company directly in a way you know to be genuine. Never send your personal information via email because email is not a secure transmission method.
- Most email programs have email filters built-in to the application. The links on the left hand side of this web page contain video tutorials that'll show you how to set your email filters, so you can limit the amount of unsolicited email you receive.
- If you are shopping online, be careful about providing your personal or financial information through a company's web site without taking measures to reduce the risk. There are some indicators that show vendors have taken measures to secure their sites such as a lit lock icon on the browser's status bar or a web site URL that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some scammers have forged security icons.
Know who you're dealing with online.
And know what you're getting into. There are dishonest people in the bricks and mortar world and on the Internet. But online, you can't judge an operator's trustworthiness with a gut-affirming look in the eye. It's remarkably simple for online scammers to impersonate a legitimate business, so you need to know whom you're dealing with. If you're shopping online, check out the seller before you buy. A legitimate business or individual seller should give you a physical address and a working telephone number at which they can be contacted in case you have problems.
Phishing — bait or prey?
"Phishers" send SPAM or pop-up messages claiming to be from a business or organization that you might deal with for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to "update" or "validate" your account information. It might threaten some dire consequence if you don't respond. The message directs you to a web site that looks just like a legitimate organization's, but isn't. What is the purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
Don't take the bait: don't open unsolicited or unknown email messages; don't open attachments from people you don't know or don't expect; and never reply to or click on links in email or pop-ups that ask for personal information. Legitimate companies don't ask for this information via email. If you are directed to a web site to update your information, verify that the site is legitimate by calling the company directly, using contact information from your account statements. Or open a new browser window and type the URL into the address field, watching that the actual URL of the site you visit doesn't change and is still the one you intended to visit. Forward SPAM that is phishing for information to "email@example.com" and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their web sites about where to report problems.
To ensure you're not being victimized and to detect unauthorized purchases, use the same practices as you do in the offline world. Check your credit card bill at least every month, and consider using services that inform you if someone has requested credit in your name.
Click here to learn more tips on phishing and pharming.
Free Software and File-Sharing — worth the hidden costs?
Every day, millions of computer users share files online. File-sharing can give people access to a wealth of information, including music, games, and software. How does it work? You download special software that connects your computer to an informal network of other computers running the same software. Millions of users could be connected to each other through this software at one time. Often the software is free and easily accessible.
But file-sharing can have a number of risks. If you don't check the proper settings, you could allow access not just to the files you intend to share, but also to other information on your hard drive, like your tax returns, email messages, medical records, photos, or other personal documents.
In addition, you may unwittingly download pornography labeled as something else. Or you may download material that is protected by the copyright laws, which would mean you could be breaking the law.
Therefore, downloading file-sharing software is not advisable and could place your personal information and computer at risk. If you do decide to use file-sharing software, set it up very carefully. Take the time to read the End User License Agreement to be sure that you're sharing files legally and that you understand the potentially high risk of any free downloads. For example, some license agreements include an agreement to allow spyware to be installed on your machine.
Many free downloads whether from peers or businesses come with potentially undesirable side effects. Spyware is software installed without your knowledge or consent that adversely affects your ability to use your computer, sometimes by monitoring or controlling how you use it. Not only can spyware programs affect your computer use and access your personal information, but in some cases they can also use your computer to access or launch attacks against others. To avoid spyware, resist the urge to install any software unless you know exactly what it is. Your anti-virus software may include anti-spyware capability that you can activate, but if it doesn't, you can install separate anti-spyware software, and then use it regularly to scan for and delete any spyware programs that may sneak onto your computer.
Email Attachments and Links — legitimate or virus-laden?
Many viruses sent over email or Instant Messenger won't damage your computer without your participation. For example, you would have to open an email or attachment that includes a virus or follow a link to a site that is programmed to infect your computer. So, don't open an email attachment even if it appears to be from a friend or coworker unless you are expecting it or know what it contains. You can help others trust your attachments by including a message in your text explaining what you're attaching.
Hackers often lie to get you to open the email attachment or click on a link. Some virus-laden emails appear to come from a friend or colleague; some have an appealing file name, like "Fwd: FUNNY" or "Per your request!"; others promise to clean a virus off your computer if you open it or follow the link.
Use anti-virus software, a firewall, and anti-spyware
software to help keep your computer safe and secure.
Dealing with anti-virus and firewall protection may sound about as exciting as flossing your teeth, but it's just as important as a preventive measure. Having intense dental treatment is never fun; neither is dealing with the effects of a preventable computer virus.
Anti-virus software protects your computer from viruses that can destroy your data, slow your computer's performance, cause a crash, or even allow spammers to send email through your account. It works by scanning your computer and your incoming email for viruses, and then deleting them.
To be effective, your anti-virus software should update routinely with antidotes to the latest "bugs" circulating through the Internet. Most commercial anti-virus software includes a feature to download updates automatically when you are on the Internet.
Anti-Virus Software- What to Look For and Where to Get It
While your odds at getting a computer Virus is about "1 in 1,000,000" — You odds of getting a computer Spy is about "1 in 3" At the time of this writing, I would recommend Webroot's Spysweeper/Anti-Virus/Firewall Suite. It's about $40 a year and you can legally put it on 3 computers. ( ). It is hands down the best anti-spy program out there and ranks #2 in anti virus protection. ( ). You really only want to run a single solution, so that every time you access a file, you don't have 2 programs trying to check it out at the same time. This slows your computer down significantly.
You can download anti-virus software from the web sites of software companies or buy it in retail stores. Look for anti-virus software that:
- recognizes current viruses, as well as older ones
- effectively reverses the damage
- updates automatically.
Let me start by putting a concept in your mind. The firewall is a method of keeping other people out of your system. A good analogy would be putting a burglar alarm on your home. Someone tampers with a door or window, the alarm goes off, maybe even calls the police but, ultimately it's designed to keep people out. A firewall does the same thing.
There are basically 3 kinds of what is normally considered a firewall. Hardware (real) firewall's, software firewall's and packet filters.
Software Firewall's — 95% of home internet users use a software firewall such as MS Windows™ Firewall, McAfee Firewall™, Webroot's Firewall™, Norton's Firewall™, etc. All of these are pretty good products, however, they allow hackers to actually get on your computer and then they are (hopefully) fended off. You wouldn't invite a burglar into your home and once in, try to get him to leave would you ? You'd really prefer stopping him BEFORE he gets in. This is what you are doing with a software firewall.
Packet Filters — Are hardware devices such as LinkSys™, Netgear™, etc that do a cursorary inspection of the packets before that can hit your computer. This isn't a horrible solution but they don't have real hacker protection, deep packet inspection, anti-spoofing protection or Denial of Service Protection, etc.
Firewall's — If you can afford one, buy one, you'll sleep easy at night. Two of the best for home users are Sonicwall™ TZ Series and Cisco PIX 506™. They both run around $300-$400 but are worth every penny. Nothing will get in and compromise your network/computer. The Sonicwall Series is MUCH easier for the average user to configure than the Cisco Pix.
OK, since after reading the blurb above 94% of you will still trust a software firewall.....
Don't be put off by the word "firewall." It's not necessary to fully understand how it works; it's enough to know what it does and why you need it. Firewall's help keep hackers from using your computer to send out your personal information without your permission. While anti-virus software scans incoming email and files, a firewall is like a guard, watching for outside attempts to access your system and blocking communications from and to sources you don't permit.
Some operating systems and hardware devices come with a built-in firewall that may be shipped in the "off" mode. Make sure you turn it on. For your firewall to be effective, it needs to be set up properly and updated regularly. Check your online "Help" feature for specific instructions.
Oh and speaking of burglar systems, don't wait until AFTER you've been robbed before you buy one and put it in place. Identity theft is really a hard process to reverse. Buy A Firewall!
See Anti-Virus software above.
Anti-spyware software helps protect your computer from malicious spyware that monitors your online activities and collects personal information while you surf the web. It works by periodically scanning your computer for spyware programs, and then giving you the opportunity to remove any harmful surveillance software found on your computer. Some anti-virus software contains anti-spyware capability. Given the increasing sophistication of spyware programs, consider using two different anti-spyware program search one looks for slightly different sets of threats, and together they may offer increased protection.
Some spammers search the Internet for unprotected computers they can control and use anonymously to send unwanted SPAM emails. If you don't have up-to-date anti-virus protection and a firewall, spammers may try to install software that lets them route email through your computer, often to thousands of recipients, so that it appears to have come from your account. If this happens, you may receive an overwhelming number of complaints from recipients, and your email account could be shut down by your Internet Service Provider (ISP).
Be sure to set up your operating system and
Web browser software properly, and update them regularly.
Hackers also take advantage of unsecured Web browsers (like Internet Explorer or Netscape) and operating system software (like Windows or Linux). Lessen your risk by changing the settings in your browser or operating system and increasing your online security. Check the "Tools" or "Options" menus for built-in security features. If you need help understanding your choices, use your "Help" function.
Your operating system also may offer free software patches that close holes in the system that hackers could exploit. In fact, some common operating systems can be set to automatically retrieve and install patches for you. If your system does not do this, bookmark the web site for your system's manufacturer so you can regularly visit and update your system with defenses against the latest attacks. Updating can be as simple as one click. Your email software may help you avoid viruses by giving you the ability to filter certain types of spam. It's up to you to activate the filter. In addition, consider using operating systems that allow automatic updates.
If you use ANYTHING with the label "Microsoft™" on it, make sure you update security patches at every opportunity, they are far and away the most vulnerable software on the market today.
Use strong passwords
Keep your passwords in a secure place, and out of plain view. Don't share your passwords on the Internet, over email, or on the phone. Your Internet Service Provider (ISP) should never ask for your password.
In addition, without your knowledge, hackers may try to figure out your passwords to gain access to your computer. You can make it tougher for them by:
- Using passwords that have at least eight characters and include numerals and symbols.
- Avoiding common words: some hackers use programs that can try every word in the dictionary.
- Not using your personal information, your login name, or adjacent keys on the keyboard as passwords.
- Changing your passwords regularly (at minimum, every 90 days).
- Don't use ANY part of your name or any your families names in the password.
- Using a different password for each online account you access (or at least a variety of passwords with difficulty based on the value of the information contained in each.
One way to create a strong password is to think of a memorable phrase and use the first letter of each word as your password, converting some letters into numbers that resemble letters. For example, "The Boy Scout Motto, Do a Good Turn Daily" would become TbSm,D@gTd.
The computer keyboard contains 4 different sets of characters to use:
- Uppercase Letters
- Lowercase Letters
- Special Characters (!@#$%^&*()_+~/?":)
You password should be at least 8 characters in length and contain elements from at least 3 of the above sets of characters. Don't use quotes of any kind unless you know the system you're entering a password in properly handles them.
To further increase the security of your online identity and to help protect you from account hi-jacking, take advantage of stronger authentication tools wherever available. This may take the form of two-factor authentication – the combination of a password or PIN number (something you know) with a token, smart card, or even a biometric device (something you have). Stronger authentication can also come from a behind-the-scenes identity-verification process, which uses various data to establish whether or not a user is genuine. Ask your bank, your regular online retailers, and your Internet Service Provider (ISP) if they offer stronger authentication tools for more secure transactions.
Back up important files
No system is completely secure. If you have important files stored on your computer, copy them onto a removable disc, and store them in a secure place in a different building than your computer. If a different location isn't practical, consider encryption software. Encryption software scrambles a message or a file in a way that can be reversed only with a specific password. Also, make sure you keep your original software start-up disks handy and accessible for use in the event of a system crash.
This reminds me. Power. That surge protection strip you have on your computer system is probably useless. Generally speaking the only handle minor surges. If your going to use a surge protector, make sure it can handle 8 Joules or better protection to handle lightning issues. I would recommend using a Uninterruptible Power System (UPS) instead if you can afford one. A good surge protector starts at about $50 and goes up from there. A decent UPS starts at about $150 and carries insurance usually up to $50,000 if it doesn't work.
Check out Tripplite™ and APC™, they provide the best on the market for a home user.
OK, a funny story...Well maybe only funny to me. I'm at a friends house and a major storm is approaching, lighting, wind, rain, the works. My fiends tells his kids to run around and shut everything off because of the lighting. Just as he says this I picture two lightning bolts coming down from the sky and when they get to his house, one says to the other, "Crap he shut everything off, we'll have to skip this house". Lightning doesn't care if your appliances are off or on, if they're plugged in and you get a strike without protection those appliances are done for.
People who protect their systems normally only protect their "power sources" from lightning. You have a much better chance of taking a "hit" over you phone lines and cable lines than you do over getting hit on your power lines. So whatever you buy, make sure it protects everything. Lightning doesn't care what it goes across, if it conducts electricity, lightning will use it!
Learn what to do if something goes wrong
Unfortunately, there is no particular way to identify that your computer has been infected with malicious code. Some infections may completely destroy files and shut down your computer, while others may only subtly affect your computer's normal operations. Be aware of any unusual or unexpected behaviors.
Hacking or Computer Virus
If your computer gets hacked or infected by a virus:
- immediately unplug the phone or cable line from your machine. Then scan your entire computer with fully updated anti-virus software, and update your firewall.
- take steps to minimize the chances of another incident
- alert the appropriate authorities by contacting:
- Your ISP and the hacker's ISP (if you can tell what it is). Often the ISP's email address is firstname.lastname@example.org or email@example.com. You can probably confirm it by looking at the ISP's web site Include information on the incident from your firewall's log file. By alerting the ISP to the problem on its system, you can help it prevent similar problems in the future.
- The FBI at http://www.fbi.gov/cyberinvest/cyberhome.htm. To fight computer criminals, they need to hear from you.
If a scammer takes advantage of you through an Internet auction, when you're shopping online, or in any other way, report it to the Federal Trade Commission, at http://www.ftc.gov. The FTC enters Internet, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
If you get deceptive spam, including email phishing for your information, forward it to firstname.lastname@example.org. Be sure to include the full Internet header of the email. In many email programs, the full "Internet header" is not automatically included in forwarded email messages, so you may need to take additional measures to include the full information needed to detect deceptive spam. For further information, go to http://getnetwise.org/action/header.
Divulged Personal Information
If you believe you have mistakenly given your information to a fraudster, file a complaint at ftc.gov, and then visit the Federal Trade Commission's Identity Theft web site at http://consumer.gov/ncpw/category/identity-theft-privacy/ to learn how to minimize your risk of damage from a potential theft of your identity.
Protect your children online
Children present unique security risks when they use a computer — not only do you have to keep them safe, but you have to protect their data on your computer. By taking some simple steps, you can dramatically reduce the threats.
- Keep your computer in a central and open location in your home and be aware of other computers your child may be using.
- Discuss and set guidelines/rules for computer use with your children. Post these rules by the computer as a reminder.
- Use the Internet with your children. Familiarize yourself with your children's online activities and maintain a dialogue with your child about what applications they are using.
- Implement parental control tools that are provided by some ISPs and available for purchase as separate software packages. Remember - No program is a substitute for parental supervision. Also, you may be able to set some parental controls within your browser. Internet Explorer allows you to restrict or allow certain web sites to be viewed on your computer, and you can protect these settings with a password. To find those options, click Tools on your menu bar, select Internet Options, choose the Content tab, and click the Enable button under Content Advisor. This will only allow them to go to "safe" sites.
- This Web Site (www.bsatroop780.org) is certified family safe for all ages from the Family Online Safety Institute which follow the rules of The Internet Content Rating Association (ICRA). They also provide a custom Google™ Search Engine which ONLY has safe sites in it.
- This Web Site (www.bsatroop780.org) is certified family safe for all ages from SafeSurf™
- This Web Site (www.bsatroop780.org) also follows ALL the standards set forth by the "Children's Online Privacy Protection Act" (COPPA)
- This Web Site (www.bsatroop780.org) is certified family safe for all ages from the Family Online Safety Institute which follow the rules of The Internet Content Rating Association (ICRA). They also provide a custom Google™ Search Engine which ONLY has safe sites in it.
- Consider software that allows you to monitor your children's email and web traffic. Basically the "Spies" you try to prevent from getting into your system, work really well in monitoring your kids. SPy programs allow "exceptions" so you can run these types of programs. Remember, your their parent, not their friend.
- Consider partitioning your computer into separate accounts - Most operating systems (including Windows XP, Mac OS X, and Linux) give you the option of creating a different user account for each user. If you're worried that your child may accidentally access, modify, and/or delete your files, you can give him/her a separate account and decrease the amount of access and number of privileges he/she has.
- Know who your children's online friends are and supervise their chat areas.
- Teach your children never to give out personal information to people they meet online such as in chat rooms or bulletin boards.
- Know who to contact if you believe your child is in danger.
If you know of a child in immediate risk or danger, call law enforcement immediately. Please report instances of online child exploitation to the National Center For Missing and Exploited Children's Cyber Tipline .
Even though children may have better technical skills, don't be intimidated by their knowledge. Children still need advice, guidance, and protection. Keep the lines of communication open and let your child know that you can be approached with any questions they may have about behaviors or problems encountered on the computer.