SafeHome.org may receive compensation from some providers listed on this page. Learn More
We may receive compensation from some providers listed on this page. Learn More
Imagine a place where you could exchange information completely anonymously. I mean, no one could trace you. Not Google. Not Apple. Not the U.S. government. Your digital footprint wouldn’t even vanish because it never existed to begin with.
That’s what engineers at MIT and Stanford had in mind back in 1971 when they created the “dark web.”1 Nothing creepy or dangerous; just a few hidden computers on the fledgling internet, aka ARPANET, that could access the web, but couldn’t be seen or traced by it.
This is all hunky-dory if you’re an MIT engineer or whistleblower. But what would happen if you gave the same tools to the slimiest scoundrels and cyber predators this side of the Star Wars Cantina so they could peddle more drugs, weapons, child pornography, and stolen data?
Parents, welcome to the dark web, which is now a full-fledged economy that victimizes 1 out of every 2 internet users in the U.S., according to recent research by Surfshark VPN.2
Did You Know? The searchable internet (or surface web) is about 10 percent of what exists online.3 The rest — aka the deep web — doesn’t show up in searches. It could be anything from secure pages on a banking website to a government intranet or Gmail. The dark web — the scary neighborhoods inside the deep web — is just a fraction of the deep web.
A lot of bad things can happen to children when they’re not careful on the web. Crossing paths with a data thief is one of the worst.
Data thieves that target children aren’t sloppy prowlers. They have a very specific goal in mind: to get their hands on Social Security numbers attached to virgin credit reports. They shop for these numbers on the dark web, the Walmart of stolen data. How our kids’ details end up there is another story, but it’s usually through a data breach or our own carelessness.
Once a cybercriminal swipes a child’s number, that’s when they start inflicting the real damage. The fraudsters apply for (and default on) loans, racking up huge debts in our children’s names. The saddest thing about the situation is that it usually happens over years because, well, what parent in their right mind would be on the lookout for a fraudulent mortgage application signed by their 4-year-old?
The upshot is almost always the same. Child data theft victims don’t find out until they’re adults and trying to do “adult things,” like sign on their first apartment lease. By then their credit is already in the toilet.
Not comforting for parents to hear, I know, but as GI Joe used to say, “Knowing is half the battle.” In the case of child dark web data theft, “knowing” means versing yourself in darknet data theft basics (you can check that one off your list!) and taking a few fairly simple precautions to keep the prowlers off your kids’ devices.
Pro Tip: If you suspect your child has fallen victim to identity theft or an online scam, don’t put it down on your rainy day checklist. Report the fraud to the Federal Trade Commission (FTC) immediately.4 The sooner you set the wheels of justice in motion, the likelier you are to nip the thieves in the bud.
Note: We’ve numbered this list, but there’s really no order of priority here. To fully shield your kids’ data from grifters, taking these steps hand in hand works best.
Instead of quoting you a ton of stats and figures, I’m going to tell you something that happened to me last weekend that blew my mind.
It’s 9 o’clock Friday night and I get a call from my 9-year-old daughter who’s staying at grandma’s. My mind shifts immediately into daddy emergency mode. Something bad must have happened. But, no, she just wants to tell me that she got a suspicious email on her iPad — something about a failed delivery.
Can I say that I almost cried tears of digital safety joy right there in the middle of date night? Who would have thought that all my “scammers and predators” talks would eventually pay off? But they did, folks. Educating your kids on digital safety early actually works.
Here the red flag was “failed delivery.” (It turned out to be a mailer daemon, not a UPS scam, but better safe than sorry.) The point is that our kids need to be savvy clickers. If that message from Google had been a phishing scam and my daughter had taken the bait, everything on her device could have ended up in the hands of a dark web thief. The only way our children can identify those red flags is if someone (you) teaches them.
FYI: Phishing isn’t the only way our kids’ data can end up on a dark web auction block. Review the top online security risks for kids — and how you can stay clear of them — in our digital safety best practices checklist for children.
Let’s go back in time to the moment you helped your child create the password for their first Gmail account. Did you just drop in some placeholder text like Brad1234 to get them started? And did they keep using Brad1234 for every other login they created in their lives: TikTok, YouTube, Instagram … socialsecurity.gov?
I understand the logic behind incredibly simple passwords. They’re easy to remember, which is really important when you’ve got multiple kids logging into multiple apps and websites. But they’re also really easy for hackers to crack.
Here’s a password solution that’s just as easy to implement, but will protect your kids from data thieves. Use passphrases (3-5 words will do). Make sure you put one number in there and try to separate the individual words with a special character like an “-” or an “*.” (That will make your passwords exponentially more difficult to crack.)
A simple-looking password like “Footage-Glorified-Refusal-Curliness8,” for example, would take a hacker 64 quindecillion years to crack. (I have no clue how long a period of time that is, but safe to say I won’t be around to suffer the consequences. “Brad1234” would take about an hour, by comparison.)
App stores aren’t as safe as you’d think. Hence, all the warnings you get when you’re about to install or download a third-party app that basically say it’s not the fault of Firefox, Google, or Apple if it ends up being riddled with malware. Those warnings are for adults, by the way, who still manage to end up getting scammed all the time. Imagine how much more risky it is for kids!
But don’t worry. There’s a pretty simple fix for all of this. It’s called parental controls. I say “pretty simple” because setting up Apple’s version of parental controls is a bit tricky — with costly consequences for parents who don’t get it just right.
But as far as downloads go, the gist of parental controls is setting up a system where you’re notified any time your child tries to purchase or put an app on their devices. If you set the controls up right, they’ll need your approval every time.
Granted, you’re going to have to be paying attention when that app request notice dings on your phone. (You’ll need to take a moment to determine if it’s actually safe or not.) But that’s a small price to pay for keeping your child’s sensitive details off the dark web.
Pro Tip: Wondering how much screen time your kids should be getting and what happens when they get too much? You’ll probably be surprised.
The best virtual private networks (VPNs) do a few important things to keep our kids safe from dark web threats. Most have content filters (to control the kinds of content our kids are exposed to), and malware blockers (to keep shady players and their booby traps off their devices).
But a VPN’s main function is to encrypt and ensheath our online communication so that no one can decode or intercept it when it’s en route from server to server.
Combined with savvy clicking (on your kids’ end) and parental controls (on your end), investing in a family VPN will make it virtually impossible for thugs to swipe your kids’ data. If you’re into this degree of privacy on a budget, check out a NordVPN subscription.
FYI: One of the slimiest (and, sadly, most common) ways for cyber predators to latch onto our kids is by sending direct messages via online gaming platforms. Setting content restrictions (see above) will cut that risk down substantially by giving you control over who your kids message while they’re playing their favorite online games.
We already know that when our kids’ data is stolen, the damage is unusually catastrophic because no one’s keeping tabs on their credit and the fraud often goes undetected for years.
That’s why acting the second a grifter tampers with our kids’ credit, bank accounts, or personally identifiable information (PII) is so important for us parents. The only way you can really do this is by watching their sensitive information like a hawk.
You can do this alone. You’d need to keep tabs on everyone’s credit at the three main bureaus (Equifax, TransUnion, and Experian) a few times a year, and regularly check for data breaches.
The problem is, those reports aren’t free after the first one. They can set you back up to $13.50 per person — or $54 per month for a four-person family. I can also assure you that checking for breaches of my family’s 400-plus passwords isn’t something I want to spend my Sundays doing.
The other (safer and cheaper) route is to place your family’s data under the wing of a credible ID theft protection service that will do the watching for you. To put those costs into perspective, even the most comprehensive family ID theft protection won’t run you more than $25 per month. Some cheaper ID theft plans cost less than $10 per month.
But the real edge ID theft providers give you in the battle against child data theft is that they trawl the dark web 24/7 for your leaked data. If your sensitive details ever end up there, you’ll get an instant alert. Even the most vigilant parent can’t compete with that kind of protection.
Did You Know? According to the latest stats from the FTC, identity theft involving bank accounts has risen by 64 percent.5
The dark web began in 1971 as an experiment in privacy. Today, the vast majority of its 2 million daily users prefer it for that reason. However, the bad actors who do haunt the dark web inflict outsize damage and cast a pretty wide net. Even if they’re not legion, their breaches and scams are.
Our kids are particularly vulnerable here. That’s because they’re not very good at identifying digital threats like data thieves all by themselves. If that sounds like a battle we parents can’t win, it’s not. We actually have powerful tools to combat child data theft.
Common sense precautions like digital safety awareness and parental monitoring will really go a long way here. But if you want complete protection, consider a little extra outside help from a quality VPN or ID theft protection service.
HackerNoon. (2021, Jul 19). Facts You Probably Didn't Know About The Dark Web.
Surfshark. (2021, Jul 19). Cybercrime statistics.
Kaspersky. (2022). What is the Deep and Dark Web?
Federal Trade Commission. (2022). Report to help fight fraud!
Tableau. (2022, Nov 3). Consumer Sentinel.