Avast Risk Report: Digital Citizens had a 30% Chance of Encountering a Threat in 2021


Avast (LSE:AVST), a global leader in digital security and privacy, today released its latest Global PC Risk Report. The 2021 report provides insights into the digital threats home and business Windows users faced throughout the year 2021. On average, home users around the world had a 29.25% chance of encountering a threat, and in the US, home users had a 24.61% chance of encountering a threat.

“The threats we protect our customers from are designed to go after their personal information and money, putting them at risk. The risks they encounter threaten their right to use the internet safely and confidently,” said Jakub Kroustek, Avast Malware Research Director at Avast.

The countries in which home users are most at risk of encountering threats are:

  1. Kosovo (53.71%)
  2. China (48.11%)
  3. Afghanistan (46.43%)
  4. Yemen (46.21%)
  5. Angola (44.65%)
  6. Rwanda (44.61%)
  7. Egypt (44.39%)
  8. Madagascar (44.13%)
  9. Algeria (44.05%)
  10. Macao (44.01%)

The ten countries with the lowest risk of encountering threats are:

  1. Puerto Rico (21.64 %)
  2. South Korea (22.81%)
  3. United Kingdom (23.55%)
  4. Martinique (23.80%)
  5. Guadeloupe (23.83%)
  6. Ireland (24.11%)
  7. Finland (24.21%)
  8. Switzerland (24.23%)
  9. Netherlands (24.27%)
  10. Denmark (24.39%)

For the most part, the countries with the highest risk ratio are those with more unstable socio-political situations (Middle EastAsiaAfrica, and Eastern Europe). The reason for this heightened risk ratio could be explained by these users having limited access to content, therefore forcing them to resort to accessing blocked content via unsafe channels. The digital infrastructure in these countries tend to have lower levels of security, for example, ISP or local webmail providers might not effectively detect and block threats before they reach endpoints, and thus the risk ratio is higher. Finally, a lower level of education in terms of cybersecurity best practices among computer users in these regions could explain the higher risk ratios.

The top ten types of malware consumers faced, globally, in 2021 were:

  • Trojans (30.73%)
  • File infectors (24.21%)
  • Adware (12.69%)
  • Worms (7.79%)
  • Droppers (6.97%)
  • Password stealers (3.99%)
  • Coinminers (2.42%)
  • RATs (2.34%)
  • Scams (2.33%)
  • Bots (1.74%)

The top ten types of malware American consumers faced in 2021 were:

  • Trojans (32.26%)
  • Adware (25.54%)
  • File infectors (9.82%)
  • Droppers (8.57%)
  • Scams (7.15%)
  • Worms (3.39%)
  • Password stealer malware (2.83%)
  • Coinminers (2.79%)
  • RATs (2.25%)
  • Hacktools (1.33%)

“In the past, malware was typically designed to perform one malicious action. Today malware are like swiss army knives, capable of performing more than one malicious action and often designed to deliver more malware, which can cause further damage,” continued Jakub Kroustek. “While ransomware attacks persisted in 2021, ransomware doesn’t belong to the top digital threats home users face. Ransomware is just the tip of the iceberg of the overall threats home users and businesses face worldwide. If ransomware hits, however, it can cause significant damage, which is why it is discussed and feared so widely, despite its relatively low overall share among threats.”

Avast’s 2021 Global PC Risk Report, including regional breakdowns can be found here:  https://press.avast.com/2021-avast-global-pc-risk-report

The data included in this report is collected from Avast’s threat detection network, and represents the average ratio of Avast users protected from at least one threat divided by the total number of active Avast users from January 1, 2021 – December 31, 2021. In order to provide statistically relevant data, this report includes data from countries and territories with a sample size of at least 10,000 computers belonging to home users that encountered threats during the months the data was collected, and at least 1,000 computers used by businesses. The regional breakdowns included in this report includes data from regions with a sample size of at least 1,000 computers belonging to home users that encountered threats during the months the data was collected and at least 100 computers used by businesses.

With hundreds of millions of users worldwide, Avast has one of the largest threat detection networks in the cybersecurity industry. The attacks on these devices provide valuable insights and knowledge of the most prevalent threats and those who have been most affected by them.


Avast Q4/2021 Threat Report: Log4j opening doors for new attacks while ransomware and RAT attacks on decline


Avast (LSE:AVST), a global leader in digital security and privacy released its Q4/2021 threat report today, revealing an immediate exploitation of the Log4j vulnerability by coinminers, RATs, botnets, ransomware, and APTs, in December putting CISO departments under pressure. Furthermore, Avast’s threat researchers observed the revival of the Emotet botnet, and a 40% rise in coinminers, posing risks for consumers and businesses alike. The Q4 findings likewise show an increase in adware, technical support scams on desktop, and subscription scams and spyware on Android devices, targeting consumers. At the same time, Avast saw less ransomware and remote access trojan (RAT) activity.

“Towards the end of the year, the extremely dangerous, ubiquitous, and easy to abuse Log4j vulnerability made CISO departments sweat, and rightly so, as it was weaponized by attackers spreading everything from coinminers to bots to ransomware,” said Jakub Kroustek, Avast Malware Research Director.

“On the other hand, we are happy to report decreases in RAT, information stealer, and ransomware attacks. RAT activity died down thanks to the holidays, with bad actors even going as far as copying the DcRat remote access trojan and renaming it ‘SantaRat’. We saw a slight decrease in information stealer activity, likely due to a significant decrease in infections through password and information stealer Fareit, which dropped by 61% vs. the previous quarter,” noted Jakub Kroustek. “The havoc ransomware caused in the first three quarters of 2021 triggered a coordinated cooperation of nations, government agencies, and security vendors to hunt down ransomware authors and operators, and we believe all of this resulted in a significant decrease in ransomware attacks in Q4/2021. The ransomware risk ratio decreased by an impressive 28% compared to Q3/2021. We hope to see a continuation of this trend in Q1/2022, but we are also prepared for the opposite.”

Cybercriminals attacking businesses via Log4j vulnerability and via RATs abusing Azure and AWS 
The vulnerability in Log4j, a Java logging library, proved extremely dangerous for businesses because of the ubiquity of the library and the ease of exploitation. Avast researchers observed coinminers, RATs, bots, ransomware, and APT groups abusing the vulnerability. Various botnets abused the vulnerability, including the infamous Mirai botnet. Most bot attacks were just probes testing the vulnerability, but Avast also noticed numerous attempts to load potentially malicious code. For instance, some RATs were spread using the vulnerability, the most prevalent of which were NanoCore, AsyncRat and Orcus. A low-quality ransomware, called Khonsari, was the first ransomware the researchers saw exploiting the vulnerability.

In addition to exploiting the Log4j vulnerability to spread RATs, cybercriminals exploited the CVE-2021-40449 vulnerability, which was used to elevate permissions of malicious processes by exploiting the Windows kernel driver. Attackers used this vulnerability to download and launch the MistarySnail RAT. Moreover, a very important cause of high NanoCore and AsyncRat detections was caused by a malicious campaign abusing the cloud providers, Microsoft Azure and Amazon Web Service (AWS). In this campaign malware attackers used Azure and AWS as download servers for their malicious payloads to attack businesses.

Moreover, Avast researchers saw the bad actors behind Emotet rewrite several of its parts, reviving their machinery, and taking the botnet market back with the latest Emotet reincarnation.

Adware, Coinminers, and Tech Support Scams Targeting Consumers
Desktop adware and rootkit activity increased in Q4/2021. Avast researchers believe these trends are related to the Cerbu rootkit, which can hijack browser homepages and redirect site URLs according to the rootkit configuration. Cerbu can therefore easily be deployed and configured for adware, annoying victims with unwanted ads and capable of adding a backdoor to victims’ machines.

While the Bitcoin price increased at the end of 2021, the number of coinminers spreading increased by 40%, often via infected web pages and pirated software. CoinHelper was one of the prevalent coinminers very active throughout Q4/2021, mostly targeting users in Russia and the Ukraine. Coinminers stealthily abuse a user’s computing power to mine crypto currencies, which can cause high electricity bills and impact the lifespan of the user’s hardware. Additionally, CoinHelper harvests various information about its victims including their geolocation, antivirus solution they have installed, and hardware they are using. Despite observing multiple crypto currencies configured to be mined, including Ethereum and Bitcoin, Monero stood out to Avast researchers in particular. Monero is designed to be anonymous, however, the wrong usage of addresses and the mechanics of how mining pools work, enabled the researchers to gain deeper insights into the malware authors’ Monero mining operation. They found that the total monetary gain from the CoinHelper coinminer was 339,694.86 USD as of November, 29, 2021. In the month of December, it mined an additional ~15.162 XMR, ~3,446.03 USD. CoinHelper is still actively spreading, with the ability to mine ~0.474 XMR every day.

The Avast threat researchers also observed a spike of tech support scams, tricking the user into believing they have a technical problem, and scamming them into calling a hotline where they will be scammed to pay high support fees or grant remote access to their system.

Premium SMS Subscription Scams and Spyware Stealing Facebook Credentials Spreading on Mobile Devices
The Avast Threat Labs noted two mobile threats in the report: Ultima SMS and Facestealer. Ultima SMS, a premium SMS subscription scam resurfaced in the last few months. In October, Ultima SMS apps were available on the Play Store, mimicking legitimate applications and games, often featuring catchy adverts. Once downloaded, they prompted users to enter their phone number to access the app. Subsequently, users were subscribed to a premium SMS service that can cost up to $10 per week. The actors behind UltimaSMS extensively used social media to advertise their applications and accrued over 10M downloads as a result.

Facestealer, spyware designed to steal Facebook credentials, resurfaced on multiple occasions in Q4/2021. The malware masquerades as photo editors, horoscopes, fitness apps and others. After using the app for a period of time, it prompts the user to sign in to Facebook to continue using the app, without adverts.

For more detailed information visit the full report: https://decoded.avast.io/threatresearch/avast-q4-21-threat-report/


Avast Launches New Premium Browser for PCs With a Built-in Virtual Private Network


Avast (LSE:AVST), a global leader in digital security and privacy, has launched a premium version of its free secure and private browser. Avast Secure Browser PRO*, a Chromium-based browser for Windows PCs, includes an integrated Virtual Private Network (VPN) and advanced Adblock technology for people who need a lightweight but comprehensive suite of security, privacy and performance services to tackle today’s most pressing web-based threats. The built-in VPN, which provides access to 30 locations worldwide covering every continent except Antarctica, helps to ensure the highest levels of privacy protection by encrypting all inbound and outbound connections.

Avast Secure Browser PRO for Windows provides people with seamless, high-performing digital protection, no matter their level of technical confidence, and ensures that privacy choice is available to everyone when browsing the web. In 2020, Avast added built-in VPNs to the premium version of its mobile browser for Android and iOS; now including them also in the premium version of Avast Secure Browser on PC signals the next step in Avast’s mission to deliver a safer, more private and faster browsing experience across devices and operating systems, and aligns with the broader company goal to enable personal control of privacy for all.

“The browser is the modern day operating system, and with browser-based web threats one of the most common avenues of attack, we have a responsibility to protect our customers online by keeping their internet connections secure and private,” said Fiona Cliffe, Director of Browser Product at Avast. “We’ve built our browser around a Security & Privacy Center to provide this in a way that is frictionless for the user and based on the belief that in order to preserve people’s digital freedom, security and privacy needs to be simplified and demystified.”

Avast has also added accompanying privacy and compatibility features in Avast Secure Browser PRO alongside its existing Anti-Phishing technology, Anti-Tracking, Bank Mode and Password Manager services. These include:

  • Advanced Adblock: set with ‘Strict Mode’ as the default option so that ads and trackers are blocked automatically. Other options include ‘Essential Mode’ and ‘Balanced Mode’ (recommended), which block all ads that violate the Acceptable Ads Standard, including pop-ups and auto-playing videos. Balanced Mode also blocks other non-intrusive ads to improve the speed and safety of browsing sessions.
  • Built-in VPN: no buffering, no throttling and no encrypted bandwidth limits for a smoother, faster, unrestricted online experience.
  • Connection for up to five devices: on both mobile and desktop.

Avast Secure Browser PRO is compatible with Windows 10, iOS and Android, with support for Mac coming soon. The subscription service has three tiers and includes a seven-day free trial. The monthly subscription is priced at $5.99 per month; the year-long subscription at $4.17 per month; and the two-year offering at $2.92 per month. Avast Secure Browser PRO is available to download at www.avast.com/secure-browser.

*In order to activate Avast Secure Browser PRO, users have to install the free version of the browser available at https://avast.com/secure-browser, and follow the upgrade steps. Users can choose between immediate upgrade to the PRO feature set (payment required) or take advantage of the seven-day trial (no payment details required).


Hidden Home Dangers: Avast and Refuge List the Ten Connected Devices Most Commonly Reported by Women Who Experience Domestic Abuse


Avast (LSE:AVST), a global leader in digital security and privacy, and Refuge, the national domestic abuse charity, have outlined the top ten internet-connected (IoT) devices that are most commonly reported by victims of domestic abuse as being used against them. For most people, smart devices offer convenience in the home and while manufacturers such as Amazon, Google and Apple take precautions to mitigate abuse, in the wrong hands, internet-connected devices can be used by abusers to harm and exert control over their partners. Refuge has experienced increased reports from women seeking guidance on how to secure their technology, and support with the most common devices reported to Refuge as follows:

  • RING doorbells
  • Amazon Alexa & Amazon Echo
  • Google Home Hub
  • Nest systems and smart thermostats
  • Smart TVs
  • Smart Plugs
  • Fitness trackers and Smartwatches (Apple Watch)
  • Wireless systems
  • Smart locks
  • CCTV Cameras

Despite the reports Refuge has received, wider research of 2,000 women in the UK carried out by Avast and Refuge found that nearly half (48%) were unable to name a single device they believed could be vulnerable to abuse, increasing to 60% for those over the age of 55. Further to this, 66% of women did not know where to get information to help secure the devices in their home if they felt they had been compromised by an abuser– rising to 79% for those aged 45 and over.

The research also illustrates how such technology is used in abuse scenarios: just over half (64%) of women in the UK have admin control over the IoT devices in their own homes; one in four (27%) stated that admin access for these devices has not been shared equally or with transparency in their household; and 18% of women said they have no control over the Wi-Fi settings in their home, but their partner or family member does. Furthermore, 41% of women in the UK stated that a partner or family member knows the password to their personal devices – with 28% of these women saying that they did not give this password willingly.

Ruth Davison, CEO of Refuge, said, “While the findings from this research are deeply concerning, we believe they only scratch the surface of a much harsher reality. Many women might not be able to spot the signs that they have been coerced into giving their password to an abusive partner or unaware that an abusive member of their household is spying on them through their Wi-Fi. The reality is one in four women will experience some form of domestic abuse in their lifetime, and tech abuse is increasingly part of that problem, which is why Refuge teamed up with Avast. Not only are we trying to raise awareness of this issue, but we want to equip women to mitigate against the potential dangers of these devices in the wrong hands.”

To help women regain control of their digital devices and environment, Avast and Refuge have joined forces to launch an IoT home safety tool: https://refugetechsafety.org/hometech. This interactive tool is designed to highlight the ways smart home devices can be misused and help women keep their devices safe and free from abuse.

The interactive tool [pictured below] replicates a typical home setting, highlighting these devices in situ. When each device is clicked on, it will provide women with easily actionable steps to secure the device.

Jaya Baloo, CISO at Avast, said, “The United Nations called domestic abuse and violence against women at the height of the Covid-19 crisis a ‘shadow pandemic’ and tech abuse plays a large part in this growing problem. Our threat researchers found that there has been a 93% increase in the use of spyware and stalkerware apps in the UK since lockdown measures were introduced, and we stress-tested these ten devices reported to Refuge. They are all extremely popular and common, so we have focused on providing clear and actionable advice for women on how to keep their devices secured from misuse.”

Louise’s Story of Tech Abuse
Louise*, a tech abuse survivor supported by Refuge, said:

“My abuser works in tech and had control over our home Wi-fi. He would tell me I was too stupid to understand it. During the lockdown, his abuse escalated, and I needed to take steps to protect myself. I set up some smart home devices to record the abuse.

It never occurred to me that my abusive partner would be able to hack these devices and use them against me, to spy on me, to listen to my calls, to watch me. When I left the house to go out, I’d come back to my things soiled or missing. But when I’d check the logs on my home cameras, the recordings of those times weren’t there.

I couldn’t understand it. I continually doubted myself. My abuser would deny ever having touched anything but would drop hints to let me know he knew the contents of my private conversations. It was terrifying, confusing and traumatic. I didn’t know where to turn for help, but I found Refuge and contacted them for support. They helped me to recognise my experiences as tech abuse and helped me slowly regain control of my devices. Although he no longer lives in my home, I still find it hard to fully relax around my tech. It never leaves the back of my mind that he could still be listening and watching. You’re never free of it.”

*Name has been changed

The IoT Home Safety tool can be found here: https://refugetechsafety.org/hometech


Avast Bolsters Expertise in Identity and M&A with Two New Appointments


Avast (LSE:AVST), a global leader in digital security and privacy, today announced the creation of two new roles key to advancing its business strategy in Identity and Corporate Development. Charles Walton joins Avast to lead the development of Avast’s identity strategy in the role of Senior Vice President & General Manager, Identity. Paul Carter has been appointed to the role of Global Head of Corporate Development and will join the Company on July 1.

“In the last year, the way we use the internet has changed dramatically – and there is no going back. Our digital lives are more intertwined than ever with our personal and professional lives, which accelerates the security and privacy risks that keep people from exploring the online world with confidence. Our goal is to remove those obstacles,” said Ondrej Vlcek, CEO, Avast. “Smoothing access to online services and facilitating private and safe interactions are now critical to the future stability and success of the digital economy. These new appointments show our deep focus and commitment in this area and demonstrate our belief that identity-protecting solutions are central to the current and future needs of our customers.”

Charles Walton will lead Digital Identity Products

Walton, formerly Senior Vice President, Digital Identity Products, at Mastercard, has over 25 years’ experience in privacy, security and identity and will be developing Avast’s identity strategy as the company expands its expertise and innovation in privacy and identity products. In the role, he will define product strategy, research and development, and the distribution model.

At Mastercard, Walton was responsible for the ID Service, a key global business focused on digital identity services. He also drove the strategy and partnerships for Mastercard’s health pass, activities, which included the development of an approach to an interoperable digital health pass. Additionally, he co-founded and was on the steering board of both the Trust over IP Foundation and the Good Health Pass Collaborative. Previously, he held roles in other organizations with a focus on identity and privacy including Vice President, Business Development, at Idemia, where he was involved with UK Verify government services, and CEO at SecureKey where he drove the pivot to digital identity and the roll-out of a national federated authentication service in Canada.

“As individuals and consumers, we have never been more acutely aware of our personal privacy when using digital services,” said Walton. “It’s imperative that we are able to access online services safely and that any information we share remains private and yet privacy-preserving technology is still fairly nascent. By providing a mature approach to managing one’s identity online, we will enable people to confidently take advantage of the rapidly evolving ecosystem of online services.”

Paul Carter will lead Avast’s M&A practice

Carter joins Avast’s corporate development team in the role of Global Head of Corporate Development, bringing over two decades of experience building and leading corporate development teams at FTSE 100 and Fortune 500 companies in the financial services, data, technology, and business services sectors. His key focus will be to develop and execute Avast’s long-term identity strategy, including acquisitions and partnerships in alignment with Mr. Walton.

“Avast is very well positioned within the dynamic digital privacy and security sector, and I am very excited to be joining the team to help deliver its growth agenda,” said Carter. “My focus will be on guiding our business development in areas where our customers will get most value and which meet their changing needs online.”

Formerly Group Head of Corporate Development at London Stock Exchange Group, Carter spent the last six years leading the M&A and strategy functions including the structuring and negotiation of LSEG’s transformational Refinitiv acquisition. Prior to this, he held senior corporate development roles at Experian and Dun & Bradstreet.


Use of Stalkerware and Spyware Apps Increase by 93% since Lockdown Began in the UK


Avast (LSE: AVST), a global leader in digital security and privacy products, reveals there has been a 93% increase in the use of spyware and stalkerware apps1 in the UK since lockdown measures were first introduced. In the past year, Avast has protected over 4,585 users in the UK from apps capable of spying, and 165,049 users across the globe. The volume of stalkerware and spyware apps in January and February of this year is a 93% increase on the same time last year before COVID restrictions were introduced.

This National Stalking Awareness Week, Avast continues to draw attention to the rise of stalkerware – unethical software that allows people to track someone’s location, without the victim’s knowledge or consent. Stalkerware gives the perpetrator access to a victim’s personal photos, videos, emails, texts and app communications such as WhatsApp and Facebook, as well as eavesdrop on phone calls and make covert recordings of conversations over the internet.

Jaya Baloo, Chief Information Security Officer, Avast, said, “The growth in stalkerware and spyware poses a huge concern. Stalkerware is a form of tech abuse, an increasing threat which takes away the physical and online freedom of the victim. Usually installed secretly on mobile phones by so-called friends, jealous spouses and ex-partners, stalkerware tracks the physical location of the victim, monitors sites visited, phone calls and text messages, undermining a person’s online freedom and individual liberty.”

Alarmingly, the growth in stalkerware seems to echo the increase in domestic abuse cases across the UK since lockdown measures came into force. Refuge, a national charity in England providing specialist support for women and children experiencing domestic abuse reported that calls to its helpline increased by two-thirds (66%) in the first three months of lockdown, with visits to its website increasing by 950%. Latest figures from the NHS,2 also reveal there has been a 350% increase in the number of people searching online for domestic abuse support during lockdown compared to the previous year.

Jane Keeper, Director of Operations, Refuge, added: “This technology gives abusers another way to exert control over their victims whether we are in lockdown or not. Unfortunately, whilst Avast’s figures are concerning, we fear they are just the tip of the iceberg – many cases will go undetected. This is why Refuge is partnering with Avast, to help tackle this disturbing trend head on.”

Avast is committed to identifying and removing the threat of stalkerware. In 2019, Avast mobile threat researchers identified and worked to remove 8 stalkerware apps from the Google Play Store. Refuge and Avast are both members of the Coalition Against Stalkerware, a cross-industry organisation committed to fighting domestic abuse, stalking, and harassment by addressing the use of stalkerware and raising public awareness about this issue.

Jaya Baloo, CISO, Avast adds: “We’re proud to be working with members of the Coalition, to raise awareness of tech abuse, educate people on how to address it, and constantly to improve ways to prevent this threat.”

Here are  some simple steps to help people identify the signs of potential stalkerware and spyware on their devices and what they can do to protect themselves:

How to prevent stalkerware if you think you are at risk:

  • Secure your phone against all unauthorised physical access: ensure your phone or device uses two factor authentication such as a pin code and a second form of identity confirmation such as an email backup or thumbprint.
  • Install a reliable antivirus product on your mobile phone: a good mobile antivirus will treat stalkerware as a PUP (potentially unwanted programme) and give you the option to remove it.

How to spot the signs:

  • You notice your device’s performance is suddenly and unexpectedly worse: you may notice slow-downs or more frequent crashes or freezes.
  • Your settings have changed without your consent: if you suddenly have a new browser homepage, new icons on your desktop, a different default search engine, or other changes that you didn’t make, it might be due to stalkerware.
  • You get odd messages: a sudden flood of pop-ups or error messages from programmes that always worked fine before may indicate spyware.
  • You have unexplained calls on your bill.
  • The abuser has had physical access to your device.
  • The abuser knows things about what you’re doing, where you’re going and who you’ve been communicating with.

How to manually remove stalkerware from your phone:

  • Reboot your phone into safe-mode: hold down your phone’s power button to see your Power off and Restart options. Long-press the Power off option and the Reboot to safe-mode option will appear. Tap OK.
  • Remove any suspicious apps: once rebooted in safe mode, open up your Settings and tap Apps or Apps & notifications. Sort through your apps and look for anything you don’t recognise.
  • Remove any Malicious Apps: tap Uninstall to remove it from your device. If you’re not sure if an app is malicious, search for the name of the app on the internet to see if other people have shared any issues with it.

9 Tips to Remind Kids about Online Safety


At today’s Safer Internet Day, Avast (LSE:AVST), a global leader in digital security and privacy products, publishes tips for parents on how to empower their children to stay safe when learning and playing online.

“Our children are growing up in a world where the internet is a basic essential of life. They do not view the online world as new technology like some of us do – to children it has always existed,” said Luis Corrons, security evangelist at Avast. “Therefore, they don’t approach their interaction online with the caution that we might. They only see a screen that reacts to their button taps, innocently unaware of the invisible risks at play.”

That’s not to say we should scare them, but we do need to remind kids how to use the internet and ensure they use the internet safely and confidently and empower them to protect themselves.

Avast has the following nine online safety tips for parents to talk to their children about:

  1. Avoid posting any personal information online. This includes your full name, home address, email address, and phone number.
  2. Learn where the privacy settings are on each website you use and adjust them all to their highest settings. Get in the practice of always doing this.
  3. Remember that everything you post online lives there forever, so think twice before uploading pictures and videos of yourself (or family or friends) or posting comments you may regret later.
  4. Keep your passwords secret from everyone except your parents. If anyone asks you for your passwords online definitely do not give it to them and tell your parents right away.
  5. Add an extra layer of security. Two-factor authentication means that there is an extra layer of security to access your accounts, for example apart from your password, you will also have to authenticate via a code sent to or scanned by a second device, like your phone. On social media this is an important option to turn on in the settings to ensure that your account remains yours but also so your parents can see where and when you are logging in.
  6. Remember that not everyone is who they say they are online. It’s too easy to pretend you’re someone else. For that reason, shy away from befriending any strangers online, and never make plans to meet with someone you don’t know.
  7. Speak frankly about cyberbullying. If you suspect that you are being cyberbullied notify a responsible adult. You should also talk with a grown-up if you think a friend is being bullied online. It’s useful to be aware of the signs of cyberbullying on social media.
  8. Respect other people’s views. Everyone is entitled to their own opinions, including you. Always feel free to state what you believe but do so without being rude or mean!
  9. How do you feel? If you see or hear anything online that makes you uncomfortable, stop interacting with the app or website, and speak to a trusted adult about it right away.

“These topics should be ongoing conversations with your children. Parents should check in on their children’s digital life as they check in on their school days and other aspects of their lives. They should show them this is an area of serious concern, but one that can be easily managed with proper online habits, smart choices, and good communication. Also, it almost goes without saying, but if you add a digital device to your list of back-to-school supplies, add a reputable antivirus too so you can protect them from any potential threats that they wouldn’t be aware of,” Luis Corrons adds.