Are Parents Feeding Kids’ Data To Threat Actors? Expert Comments

By   ISBuzz Staff
Editorial Team , Information Security Buzz | Dec 06, 2022 10:10 am PST


The Wall Street Journal ran a great reminder on the dangers of what has been referred to as “sharenting”, posting every significant moment of our kids’ lives online. Starting before birth and hitting every milestone, children’s names, birth date, place of birth, schools and hobbies are all posted online and “tagged”, along with family and friends. An intimate list of PII laid out online for future threat actors. In addition, the story said that “by the age of 13, when children are allowed to use social-media sites themselves, there could already be almost 4,000 photos depicting them online.”

One can just imagine how easy it would be to scrape that data for future abuse. Since we’ve been doing this since the 90’s, that future is now.

Subscribe
Notify of
guest
3 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Baber Amin
Baber Amin , COO
InfoSec Expert
December 6, 2022 6:12 pm

“The dangers of “sharenting” go beyond the holiday season. Online presence is a double-edged sword. It is great that geographically distant relatives and friends can stay informed about what is going on with the grandkids, nieces, nephews, cousins, friends, but so can complete strangers including bad actors. It is difficult for most people to understand how wide a circle they are sharing with, or how to set appropriate share controls to limit downstream sharing. Social networks operate on the principal of network effect which is the phenomenon where a product or service becomes more valuable when more people use it. It is a positive feedback loop in which more users lead to more value for all users. Thus, it is in the interest of social media to put more eyeballs on each piece of content, and not make it simple for everyday folks to understand the sharing setting.
 
Some things to consider for all of us before we share our lives or our children’s lives online:
 

  1. Take the time to understand the share settings of the platform you are using. If possible, limit all sharing to only one level, one group.
  2. Stop all public sharing and do not allow resharing without permission.
  3. Understand that oversharing could result in an unintentional invasion of privacy, which could put children at risk of identity theft and potential online exploitation.
  4. Oversharing information can result in taking away a child’s sense of autonomy and sense of control over their own life.
  5. Some personal information can make a child vulnerable to cyberbullying.
  6. If you post your child’s accomplishments because you are proud of them, it can have an unintended effect of putting undue pressure on your child to constantly perform better, which can lead to feelings of inadequacy and a lowered self-esteem.
Last edited 1 month ago by Baber Amin
Melissa.bischoping
Melissa.bischoping , Endpoint Security Research Specialist
InfoSec Expert
December 6, 2022 6:11 pm

 “While it’s up to parents to make the choices for their children, those children will eventually be independent adults who may face consequences of their parents’ privacy choices. They may grow up only to discover they were the victim of identity theft years before they were a legal adult, and potentially face the costly, frustrating processes to undo the damage.
 
  “Hackers and identity thieves aren’t the only ones who could use social media information maliciously. Stalkers, cyber-bullies, and child predators also pose a safety risk by abusing this information.
 
  “The best course of action is to not share any personally identifiable information (PII) on social media. If you choose to share details, regularly review your privacy settings, be mindful of who you add as friends or followers, and obscure sensitive data from photos.
 
  “As a bonus tip on social media privacy during the holidays, avoid posting travel details like plane tickets or itineraries on social media during. Barcodes and travel itineraries can contain PII such as date of birth and reveals when you’ll be away from home.”

Last edited 1 month ago by melissa.bischoping
David.maynor
David.maynor , Senior Director of Threat Intelligence
InfoSec Expert
December 6, 2022 6:11 pm

Operational Security or OPSEC is what infosec professionals call the data that can help determine a risk of threat to a person or organization. Parents today are committing OPSEC violations involving their children since their birth. While we can teach an OPSEC course, you cannot put a genie back in a bottle.

Last edited 1 month ago by david.maynor

Recent Posts

3
0
Would love your thoughts, please comment.x
()
x