Scammers are now targeting children online to steal parents’ data

Scammers and hackers are increasingly attacking children, including many too young to read, with a series of online games that trick them into installing malicious software onto computers.

Games that invite kids to nurture online kittens, allow them to paint pumpkins and witches, or “spot the differences” between two similar images, are being laced with malware that could give scammers access to the kids’ parents financial data or recruit the kids’ computers into international networks, or botnets, aimed at further criminal activity.

Some scams might raise suspicions of adults – particularly when they seek to install software on the computer or redirect computer users to suspicious web sites. So the scammers are going for easier targets. Kids are more easily tempted into clicking on that big green download button or flashing icon in hopes of having more fun. A four-year-old, obviously, isn’t worried about online banking vulnerabilities.

The problem is only set to grow as children spend more time on the internet and parents often neglect to supervise their online activity. An online survey shows that about 46.6 percent of children in the U.S. and the U.K. have their own social network accounts and that 24.7 percent of parents don’t monitor their kids’ online activity.

Of the 1,649 adults surveyed between April 12 and July 10, 44.3 percent said their children had accessed sites that they shouldn’t have.

Analysts in the past week have discovered more than half a dozen samples of eye-catching Flash games rigged with Trojans that could steer kids to web pages that install malicious software potentially capable of stealing financial information or injecting spyware onto the machines.

Games are not the only online threats for children. Sites with educational and entertaining materials for children have been used to lure young computer users.

A few malware discoveries include a site where children “adopt” and grow virtual pets. The “magic brush” application that changed the color of the pet was altered to route children toward malware. An Italian “online kids land” was also hacked and rigged to expose all visitors to malware and retail sites with stuffed animals have been rigged with malicious software.

In all cases, the malicious code was planted in a hacking attack on legitimate, high-traffic websites. But games are not the only online threats for children. Sites with educational and entertaining materials for children have been used to lure young computer users.

Consider the following steps to protect children:

  • Never let them use the computer while logged in as an administrator. Instead, create a limited account with the child’s name. This will prevent them from installing applications, modifying critical system settings or deleting system files that might damage the operating system
  • Use an antivirus: some pieces of malware have been designed to run even on limited accounts. In this case, a good antivirus may be the last line of defence.
  • Use parental control: not all hacks against children’s sites lead to malware. Sometimes, cyber-scammers redirect kids to pornography or violent content.
SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

As leader of the Bitdefender Online Threats Lab, Alexandru Catalin Cosoi's work sets the agenda for the development of new security threat countermeasures. Over the last 6 years, Alexandru has acquired a thorough understanding of key areas of technology.