We know there are dangerous sites on the internet. But most of us have never accessed the dark web, where visitors are anonymous and access to the unthinkable is possible. Recently I visited and discovered that kids and teens easily access it to purchase illegal goods such as fake ids and drugs. Find out what is on the dark web, how easy it is for kids to access it, and what you can do to prevent it in today’s GKIS article. Caution: this article contains graphic descriptions of illegal activities, sex, and violence.
What is the dark web?
The dark web is the part of the internet that is not visible to regular search engines (like Google or Chrome) and requires the use of a special browser named Tor. Once Tor is downloaded and opened, you have arrived at what many call “Onionland.” Tor uses the onion router hidden service protocol, meaning that the Tor servers derived from the onion router offer users complete anonymity. Also, every website ends with .onion instead of .com, .org, or .gov.
The dark web is a criminal underworld where bad actors online sell and purchase illegal goods like drugs, weapons, counterfeit money, bank accounts, passports and ID’s, and much more. Dark web online shops are set up with customer reviews very much like Amazon which gives users the confidence to purchase from specific vendors. There is even a darker side to the dark web which consists of images and videos of gore, pornography, child sexual abuse, bestiality, and even live murder shows called red rooms where paying customers can tell the person torturing the victim what to inflict on the victim next or how they would like to see the victim killed.
Clear Web Versus Deep Web
The clear web is the part of the internet that can be accessed from any browser. It’s the smallest part of the web, which is astonishing because it seems that the content there is infinite but in actuality, it only accounts for about 4% of the content on the web. Some browsers, like Google, will censor certain websites. The search engine used by Tor, Duck Duck Go, does not censor and will not save your search history.
Then there is the deep web which is not to be confused with the dark web. The deep web is the largest part of the web. It consists of all the content that is not indexed and will not appear on regular search engines. Many government and private company websites exist there, where you would need an exact address to access them. Accessing without permission is illegal.
Is it easy to access the Dark Web?
It is very easy to access the dark web. I’ve included the steps here so you can recognize them if you ever come across these searches on your child’s browser.
To access the dark web, all you have to do is:
Purchase a VPN for extra security and anonymity (optional)
Download Tor
Access Hidden Wiki Links
Use the links on Hidden Wiki to help guide you through the dark web
Create an anonymous email
Purchase bitcoin (which is an online currency)
Find an online store through the hidden wiki that carries the products or services you are looking for
Using the hidden wiki as a guide, you can follow the steps above by merely clicking links and it will guide you through. You can easily find the hidden wiki by typing “hidden wiki” on the search bar in the Tor app.
Dark Web Dangers
Fake IDs and Drugs
So, as a GKIS intern, how do I know that teens are accessing the dark web? I became interested when high school students that I worked with all had fake IDs and were getting into L.A. clubs. I asked how they got them, and they told me from the dark web using bitcoin. They also disclosed that they illegally purchase study drugs like Adderall and Modafinil as well as club drugs like cocaine and molly. I was shocked yet intrigued, so I followed these directions on how to get onto the dark web. I couldn’t believe how easy it was to access.
When I brought up my idea about writing about the dark web at our intern meeting, Dr. B worried we’d be publishing a how-to article. But I argued, and the other interns agreed, that there are plenty of YouTube videos showing the step-by-step process of accessing the dark web. Parents need to know about this!
It is mind-boggling how dangerous access to the dark web can be. As if purchasing illegal drugs from anonymous criminal vendors isn’t enough, consider that purity is not guaranteed. Drugs like cocaine and heroin have been known to be laced with fentanyl, an extremely powerful opiate that kills even the most severe addicts. And consider the risks teens take in 21-and-older clubs. Interaction with adults on the dark web can lead to any type of exploitive situation online and offline.
Violence and Pornography
Consider what watching violence and pornographic material can do to a child’s developing brain. For some kids, watching explicit material can lead to stress symptoms characteristic of clinical disorders such as acute stress disorder and PTSD. For others, they may become desensitized to shocking online content which may lead to craving and seeking increasingly dangerous content to experience that same rush. This type of explicit material can have a similar effect as addictive drugs due to the release of dopamine and endorphins.
Dopamine helps the brain recognize incentive salience. Incentive salience is the desiring attribute that includes a motivational component to a rewarding stimulus. In other words, dopamine is released when a reward is anticipated, and it motivates us to keep seeking that anticipated reward.
When shocking material is viewed, the opiate system in our brains begins to activate by releasing endorphins. Endorphins gives a sense of euphoria and eases pain, which is what heroin does. So, more and more shocking material may be craved due to dopamine released from the anticipation of viewing the shocking stimulus – and endorphins help ease the pain that the shocking stimulus caused. Endorphins are also what causes the “runners high” that people talk about after a good amount of cardiovascular exercise. So when we experience pain, endorphins are released to help ease the pain.
Hate Groups
An extremist group discussed in the media recently, the “Proud Boys,” is a group that is known for supporting President Trump and for their extremist chauvinist beliefs. If you search for their website on Google, you will likely not be able to find it. But if you use the search engine Duck Duck Go, it shows up right at the top.
Hate groups design their content to radicalize vulnerable adults and youth to their agenda. There have been many incidences where radical Islamic groups have radicalized western youth to fight for their cause. They do this on the clear web too. But when they need to be more discreet, they can use the deep web by creating a .onion site.
Facebook and other social media sites are on the deep web and their web address is www.facebookcorewwwi.onion. It is important to talk about these issues and set rules with your kids. because if they do not learn it from you they will learn from someone else who may not have the best intentions.
Without parent management tools, like those we recommend in our GKIS Screen Safety Toolkit, kids can spend hours over months interacting with extremists. These interactions can be moved offline and can result in child and teen trafficking as well as other crimes.
How You Can Keep Your Kids Safe From the Dark Web
If your kids have open access to the internet, GetKidsInternetSafe has an entire toolkit to get safety dialed in. Check out our GKIS Course Bundle in the plus and deluxe package options, which offers all of our GKIS courses plus bonuses for families with kids of all ages. Our course bundle option offers parent and teen education, communication tools, parenting tools, and tech tool recommendations. Our course summary page with the details can be found HERE.
Thanks to Andres Thunstrom for contributing to this GKIS article. Andres has been advised to never visit the dark web again. J
I’m the mom psychologist who will help you GetKidsInternetSafe.
In last week’s GKIS article, “How Teens Overshare,” we covered the ways kids intentionally and unintentionally share location information on social media and how to prevent this safety risk. In today’s article, we detail how cybercriminals victimize teens and offer more helpful information on how to get your kids internet safe.
Cyberstalkers
Cyberstalkers are predators who track online information to extort or harass, create cybercrimes like hacking or identity theft, or intercept a victim offline. Cyberstalkers can be complete strangers or people your teen may already be acquainted with.
Hackers
Hackers are predators who steal usernames, passwords, and personal information to gain access to a victim’s screen device. Once they can access, they can still further data, change or destroy information, install malware, and even take over the device’s camera.[1] Data can then be sold to other criminals on the dark web or be used for identity theft to take out loans and credit cards in your name.
Phishing
Phishing is a cybercrime in which a victim is contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data. Phishing can also occur through websites and social media.[2] Dr. Bennett notes in her book, Screen Time in the Mean Time that the sensitive information obtained by phishing is often used for online login information such as usernames and passwords, bank account and credit card information, and even identity theft.
The most common example of phishing is email phishing. To email phish, the cybercriminal creates a fake domain that looks trustworthy and legitimate, then sends emails to potential victims asking them to click a link, download an attachment, or “update” their passwords.
To prevent your child from falling victim to online phishing, encourage them to only open emails, online messages, and text messages from trusted individuals and advise them to never click on any links or download attachments from an unusual or suspicious-looking email or message.
Identity Theft
According to The United States Department of Justice, “Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.”[5]
Cybercriminals often target younger individuals because children do not have bad credit (which is great for cybercriminals) and it is easy to keep it from being noticed until the child is older. In Dr. Bennett’s book, Screen Time in the Mean Time, she writes about a couple of children who were victims of identity theft.
Here are a few ways to protect your child from identity theft:
Install cybersecurity safeguards on phones, laptops, iPads, and any other device that need protection
Have family conversations about being wary of posting or sharing personal information online
Set up a virtual private network (VPN) to ensure the safety of your device(s)
Update passwords at least once a year and be sure that the new password does not include any information that may already be public such as, your teen’s name, age, pet’s name, or anything that could be easily guessed
Social Media Quizzes
Cybercriminals can also phish for information through social media by reviewing posts, asking questions, or offering an online quiz with targeted questions. Quiz questions to avoid include any that ask for your (or your mother’s) maiden name, your favorite color, the street you grew up on, your pets’ names, the first car you owned, or your best friend’s name.
The answers to these questions are often security answers on websites. With security information, personal accounts can be accessed for malicious intent. To prevent cybercrimes, ask your teen to refrain from taking online quizzes or you can encourage them to only take online quizzes from a legitimate source. Teaching your teen to withhold sharing personal information that could pose a security risk is vital to ensure their online safety.
Cyber Blackmail
Once a cybercriminal obtains sensitive information, they may use it to coerce a victim further. According to the BBC, “Cyber-blackmail is the act of threatening to share information about a person to the public, their friends or family unless a demand is met or money is paid.”[3] Cyber blackmail can take many forms and the cybercriminals who commit this crime use different tactics to take advantage of their victims.
Cybercriminals may even say that they have explicit photographs, access to their victim’s phone and computer’s webcam, or even recordings of them from their personal devices. Some of those claims may be true or false, but either way, the cybercriminal uses fear and shame to get what they want.[4]
To help prevent your teen from becoming a victim of cyber-blackmail;
advise them to never share sexual images of themselves (the images can end up anywhere)
advise them to not accept friend requests from strangers
advise them to be wary of things they post, share, or message others online (what they say can very well be used against them in the future)
require your teen to have private social media accounts
For more information and safety tips, we highly recommend parents to purchase our Cybersecurity & Red Flags Supplement. Dr. B created this tool because parents in her clinical and coaching practices frequently asked her to teach their kids the red flags that may alert them to the tricks of online predators, hate groups, and cyberbullies. In this Supplement, she offers her clinical teaching list so you can educate your kids. Knowledge and assertiveness coaching are key elements of child resilience and good judgment online.
Also included in the supplement is Dr. B’s Online Safety Red Flags for Parents. This tool teaches parents what child behaviors to look for that may signal they are at risk – a tool she created from 25+ years of clinical practice. Being able to recognize behavioral red flags in your child may be the difference between stopping risk after one exposure versus not recognizing dangerous relationships and exposures until it’s too late.
Thanks to CSUCI intern, Remi Ali Khan for researching cybercrimes and cybersecurity for this article.
I’m the mom psychologist who will help you GetKidsInternetSafe.
Onward to More Awesome Parenting,
Tracy S. Bennett, Ph.D.
Mom, Clinical Psychologist, CSUCI Adjunct Faculty
Photo Credits
Photo by Gerd Altmann from Pixabay
Photo by B_A from Pixabay
Photo by Pixabay from Pexles
Photo by Tracy Leblanc
Works Cited
Bennett, T. (2017). Screen Time in the Mean Time: How to Get Kids and Teens Internet Safe.
Brant, E., & Butterly, A. (2013, September 20). Cyber-blackmail: How to keep safe and deal with it. BBC Newsbeat. http://www.bbc.co.uk/newsbeat/article/23724703/cyber-blackmail-how-to-keep-safe-and-deal-with-it.
Cyber Extortion: Ransomware vs Extortionware. Alpine Security. (2020, August 2). https://alpinesecurity.com/blog/cyber-extortion-ransomware-vs-extortionware/.
The Dangers of Hacking and What a Hacker. https://www.webroot.com/us/en/resources/tips-articles/computer-security-threats-hackers.
Identity Theft. The United States Department of Justice. (2017, February 7). https://www.justice.gov/criminal-fraud/identity-theft/identity-theft-and-identity-fraud.
KnowBe4. What Is Phishing? Phishing. https://www.phishing.org/what-is-phishing.
Kids are the number one target for identity theft due to the chances that the crime won’t be detected until the child reaches adulthood and seeks their first loan. This cybercrime involves the theft and fraudulent use of a child’s personal information (like name, social security number, address, and date of birth) to open lines of credit, take out loans, or access financial accounts. This scary issue is the drive behind developing our Cybersecurity and Red Flags Supplement, a comprehensive tool to detect online scams before the worst can happen. Find out more about cybercrime and what you can do to prevent it with this GKIS article.
Identity Theft
Identity theft can be used for many types of crimes, including:
taking out a loan
buying lines of credit
accessing the victim’s financial accounts
securing a driver’s license or employment or
seeking medical care.
Personal information can be stolen from virtual sources, like screen devices, websites, and email accounts, or in real life (IRL) from skimming information from your ATM card with a special device or stealing it from your home, wallet, trash, or mail.
Who is vulnerable?
Unsuspecting victims can be tricked into revealing private information by phishing scammers. These cybercriminals impersonate legitimate companies asking for passwords and credit information necessary to process a fake change of address form, application for credit, or to avoid an IRS tax lien or fake criminal charges.
Vulnerable populations include young people, the elderly, and immigrants or workers here on a visa.
Why is it important to check for identity theft?
Once discovered, it may take several costly months or even years to get credit and criminal records cleaned up and sorted out. Your child’s financial options may be blocked or delayed when deadlines, like college and employment, are most critical.
Can you imagine dealing with that in your overtasked, underfunded life? There are companies that offer cyber protective services and others that help you clean up the catastrophic results of cybercrime.
The Child Identity Theft Bill
In 2015, I received a phone call from Assemblymember Jacqui Irwin’s office asking for a statement about a Child Identity Theft bill (AB1553) that she is sponsoring. Asm. Irwin served as Chair of the Assembly Select Committee on Cybersecurity in Sacramento.
This bill served to “amend the Civil Code to require credit agencies to allow parents or guardians to create a new credit report for a minor child for the purpose of placing a security freeze on the child’s credit. Without a credit report to freeze, protection is difficult.” She was asking for my statement and support and wondering if I knew any child victims of identity theft.
After sending out an inquiry on my GetKidsInternetSafe Facebook page, it didn’t take long before I’d uncovered three victims who were willing to share their stories. Two involved child identity theft for financial cybercrime and the other involved identity theft on social media for cyberbullying. I’m sharing the financial theft stories to demonstrate how easy it is to become a victim and suggest steps you can take to protect your kids starting today.
Megan’s Story
My first respondent was a dad whose stepdaughter had recently graduated from nursing school. When the family went to their credit union in preparation for purchasing a car, they discovered that the stepdaughter’s credit report was pages and pages long with a sub-par (mid 5’s) credit rating.
It turned out that a criminal out of Phoenix had fraudulently opened several lines of credit with her social security number. From Sprint to multiple department stores, the crook had charged a debt of over $60,000. The family filed a police report to start the long process of calling creditors and clearing her name.
Although they had the criminal’s address, they elected not to press formal charges. When I spoke to the stepfather, he did not know whether the criminal was ever charged. He also said they never discovered how or when the fraud started, but it seemed to be a single party that may have gotten her personal information when she applied for a loan for nursing school.
The fraud seemed to stop once the credit agencies were notified, and an alert was placed on her account. Ultimately, it took the family over twenty hours of filing time plus another fifteen hours from a private credit fraud service to get her credit repaired. A year after the discovery, they had finally gotten her credit score back to the 700s with letters from the creditors with apologies. Nightmare!
Jose’s Story
The second identity fraud victim shared a truly tragic tale that has spanned over thirty years. Jose, who is 40 years old now, was 13 years old when he was first contacted by the IRS and told that he owed over $10,000 in back taxes. Despite all efforts to get clear of fraud, he still has issues like denied credit (including a first-time home buyer loan because it looked like he already owned properties) to two court-ordered paternity tests for mistaken-identity child support cases.
Jose also shared a story about being pulled over on an arrest warrant while he was on his way to becoming a priest. The officer said if it turned out he was lying about the fraud, he would arrest him and make him apologize directly to his lieutenant. He responded to the police officer that if HE was correct, the officer would have to go to church and apologize directly to his bishop. He laughed when he said the officer lived up to his promise.
Despite his resilient attitude, Jose has had to change phone numbers and bank accounts, can’t pay anything with checks, and has elected to put all property in his wife’s name. Considering the decades of victimization, he has had to endure, he goes to great lengths to protect his children’s personal information.
What can a parent do to avoid child identity theft?
Protect personal information at home with tools such as a locking mailbox, an in-home safe for storage, and a shredder for the disposal of personal documents.
Install cybersecurity safeguards on-screen media like passcodes and screensavers, firewalls, antivirus and encryption software, and secure passwords.
Educate your children about maintaining privacy and using discretion online. That means cautioning them about disclosing their name, address, school, date of birth, or any other personally identifying information in images (t-shirts with their school logo) or texting or posting. Geotagging on photos and social media should be turned off to hide location.
Setup up filtering and monitoring software and parent protection options like those from our Screen Safety Toolkit to block inappropriate contacts on the Internet and monitor your children’s activities, particularly in chat rooms, social media, texting, and instant messaging.
Teach your children about cybersecurity issues and skills to protect against hacking, phishing, and malware. Good habits include consistently downloading updates for security patches, using strong passwords and changing them often, and not clicking on embedded links or opening attachments from unknown sources.
If you are traveling…
Don’t post pictures that can reveal travel data, like boarding passes, passports, or travel or hotel vouchers. Not only can criminals benefit from knowing the details of your trip, but they may also read personal information from barcodes to steal your identity. The best option, wait until you’re home to post travel photos.
Avoid public WiFi. Hackers can access your private information using a man-in-the-middle attack (MITM). This means the criminal intercepts the link between your device and the server. This breach is like eavesdropping and can result in your private information being accessed and even altered. Malware can even be delivered to your device. A MITM attacker may set up a fake access point named similarly to the public network connection (called an “evil twin”) or engage in “packet sniffing” or “sidejacking,” which means using a tool to capture network traffic at the Ethernet frame level. Simple shoulder surfing at coffee shops or on airplanes can also result in privacy breaches. If you have to use public WiFi, practice situational awareness, and verify the WiFi name with staff at the public site. Avoid online tasks that involve private information like online banking or using private transaction information like date of birth, credit card numbers, tax IDs, or social security numbers. Always log out when using a hotspot to avoid the hacker continuing the session. Consider setting up a secure virtual private network (VPN) to encrypt inbound and outbound data. However, VPNs can decrease your bandwidth. Public WiFi may not be encrypted, but most major websites that use a password, like Amazon and PayPal, have encryption. If the URL has an “S” (for “secure”) at the end, as in HTTPS, then there’s some level of encryption.
Avoid using public computers for the same reasons it’s risky to use public WiFi. The software could be silently running in the background, thus capturing data from your online activities.
If your child is traveling with you, turn off location settings so criminals can’t intercept your location data and use it for targeted attacks. On Snapchat, this is called going “ghost mode.” Of course, if your child is on an independent walkabout, you may want to leave location services on so you can track them for safety.
Freeze your child’s credit.
Contact one of the three major credit card companies to see what kind of protection options they offer, like a credit freeze, which has been demonstrated to be one of the most effective strategies for preventing child identity theft. Each state has laws on how a credit freeze can be done. Remember, once a freeze has been implemented you must order a “thaw” on the account before applying for credit.
Equifax: This website explains what is needed to mail in the request. According to the person I spoke to there is no fee for minors.
Experian: This link explains what is needed to mail in the request. After 3 tries I gave up trying to upload the docs online. I couldn’t reach anybody, so I sent in a check for $10 plus 7.25% tax (Ventura County).
Transunion: I had better luck with Transunion when I called the number 888-909-8872. A polite and helpful representative informed me that neither of my minor children had credit files (a good start). He then offered the procedure necessary to get a free security freeze on my child’s account by mailing a letter with the following information:
Send in 2 pages: 1st page: Cover letter listing the minor info: full name, address, last four of social and file # (rep will give you) plus reason for security freeze (“Proactively protecting my child against fraud) plus requester info (parent): Full name, address, relationship. 2nd page: Official request in letter style format mentioning enclosure copy of minor’s social security card and birth certificate.
GetKidsInternetSafe was created to inform parents about proven preventative strategies before tragedy strikes. To get a head start today, check out my GKIS Connected Family Online Course.
Now is the age your kids are no longer looking to you for online material…they are ready to explore on their own. Don’t think for a second they are incapable of surfing right into trouble. Even if they’re not exploring now, they will soon and you’ll likely be the last to know. Be proactive with your setup rather than reactive. And by the way, if you need to review the GKIS Guidelines for 3-6 year olds, search guidelines on www.GetKidsInternetSafe/blog/. Congratulations for striving to do your best and dealing with this today. Your children’s Internet safety is important and you’re awesome for making it a priority!
GKIS Internet Safety Checklist (Staging)
Check to make sure all cybersecurity measures are online and updated.
At this age, it is reasonable to start a dialogue with your children about technology facts, such as malware, hacking, and phishing. As always, cater the sophistication of the discussion to your children’s developmental phase and interest. Be sure to specifically teach them not to share personal information (name, grade, school, city, etc.) online, nor to open emails with unknown attachments or offers for “free” programs which can make your computer vulnerable to malware.
Malware: any software that will attack or capture data on your computer; these include viruses, worms, Trojan horses (look like beneficial downloads but are actually malicious), spyware, adware, and other malicious programs.
Hacking: unauthorized computer access.
Phishing: a fraudulent attempt, usually through email, to gain personal information. Typically involves posing as a legitimate company or a distressed person in need of help.
Update parental controls on device operating systems, through your Internet service provider (ISP), from selected software programs and routers, and from kid-friendly browsers.
Ensure that you are the administrator on these systems and your children do not have your passwords or credit card information. It is essential that you authorize all system controls and new purchases.
Remember that television is screen media as well. Be sure the parent control features on your televisions block the channels that have mean-spirited, sexual, or violent programming. Co-viewing television and YouTube channels are an excellent way to set a baseline for good taste.
Provide commentary that includes your disapproval of cruel or violent solutions and challenge your children to identify or create prosocial problem-solving alternatives to increase their knowledge and overall resilience.
Update and check your home staging strategies such as screens in visible family areas only (never behind closed doors), timed routers, and family docking stations at night.
Make a list of devices, apps, and games then schedule a weekly check-in to confirm consistent monitoring.
Inform your kids about these checks, even if you don’t tell them the exact dates and times. Maintaining a healthy relationship with trust and respect is critical while you fulfill your parental responsibilities of staying informed.
Do not allow personal ownership of hand-held medias with Internet access smaller than a tablet yet.
Why? Because even if you think you’ll monitor consistently, you probably won’t based on survey statistics. The average age for cell phone ownership is now eight years old; too young in my clinical opinion. But if there’s clear justification for phone ownership that young, at least limit Internet access. Even young children will explore sexual themes and the Internet is not a safe place for sexual education.
Encourage gaming.
Yay! Today you’re the good guy! Video games tend to get a bad rap, but the ones that spur kids to make cities out of virtual blocks, like Minecraft, are great for building spatial and engineering skills, creativity, and online social interaction in a moderated setting. (My kids sometimes play together as cooperative allies and other times sabotaging enemies. It’s really fun to watch them interact and get excited with their creations and accomplishments.)
Make sure you assess game ratings and moderator/reporting features prior to purchase.
If you can’t find your answers online, go to a specialized gaming system store and ask questions.
Remind your children that the first several weeks of game or device ownership are probationary.
In other words, make sure your children understand that if any complications arise, you may choose to temporarily or permanently retire the new item.
Griefing is when a player in a multiplayer video game harasses other players as a gaming strategy. This can take the form of name-calling or actively sabotaging game play (through blocking, destroying or stealing virtual creations and property, or maiming or killing the player for example).Limit whom your children game with and keep checking. At what age are you going to cut them loose to play with the public and under what conditions (headset? text only?)? Hopefully not elementary school age where kids frequently fall victim to cyberbullying.
Trollingis when an individual intentionally provokes discord online by being tangential, argumentative, or inflammatory.
Do not allow Instant Messaging, chat rooms/forums, texting, or emailing with anyone other than adult family members.
Children 7-11 years old simply don’t yet have the complex reasoning abilities necessary to make appropriate choices or anticipate consequences. They’re still impulsive and easily influenced. Don’t overestimate their social reasoning. They still need your supervision and guidance.
Although none of us are perfect parents, our love for and commitment to our children inspire us to constantly grow and be our best. I hope today’s article provides fresh ideas and inspires you to tighten up on the strategies you already have in place. A few minutes of focused effort here and there can really make the difference.
I’m the mom psychologist who will help you GetYourKidsInternetSafe.
