Autonomous drones and ground vehicles will stream “battlefield intelligence” over 5G along the US-Canada border in a bilateral DHS experiment this fall.

For many families around the world, the digital spaces where children learn and play have also become venues for relentless harassment. According to a 2025 survey of nearly 3,500 U.S. teens by the Cyberbullying Research Center, about 58% have been cyberbullied at least once, a significant jump from 34% in 2016.

Experts warn that this issue is now a constant crisis and impacting the well-being of children and teens.

In this guide, we will clarify exactly what counts as cyberbullying. We will explore how new platforms and artificial intelligence are reshaping the landscape. Most importantly, we will provide you with practical steps to protect your family. Together, we can take actionable steps to keep our digital lives safe and positive.

What Is Cyberbullying?

Cyberbullying is not a vague term for online drama. It has specific characteristics that separate it from a simple disagreement between friends. Similar to bullying, cyberbullying has standard elements of unwanted aggressive behavior, an observed or perceived power imbalance, and behavior that is repeated or likely to be repeated.

Common cyberbullying behaviors include name-calling, severe insults, rumor spreading, direct threats, impersonation through fake accounts, intentional exclusion from group chats, non-consensual sharing of private photos, and doxxing, publishing someone’s private information like their home address or phone number without consent. We also frequently see pile-on attacks, where dozens or hundreds of users flood a person’s comments section with hate statements.

The Cyberbullying Research Center notes that in recent national surveys, about 26.5% of U.S. students reported being cyberbullied in the last 30 days, underscoring the ongoing nature of online harassment as a daily reality for many.

Why Cyberbullying is Different (and More Harmful)

While the core intent to harm is the same as traditional bullying, cyberbullying operates differently:

• Platform: Bullying takes place in the physical world, while cyberbullying occurs in digital spaces such as text messages, direct messages, social media platforms, group chats, online gaming environments, email, and photo-sharing applications.
• Anonymity: Another major difference is anonymity. Cyberbullies often hide behind fake profiles or anonymous accounts, making it difficult to know who is launching the attacks.
• Constancy: A significant difference with cyberbullying is the constant nature of the internet. Online harassment can follow teens home and continue late into the night via phones and apps.
• Audience and permanence: A hurtful comment made in a school hallway is heard by a few people and eventually fades, while a similar post online can spread to thousands of people in minutes. It can be screen-captured and may resurface years later. Once it is out there, it is incredibly difficult to remove.

Despite these differences, there is a strong overlap in how bullying and cyberbullying impact individuals. Many youths who are bullied online are also bullied at school, and experience anxiety or depression.

Types and Examples of Cyberbullying

Cyberbullying takes many forms, from classic harassment tactics to emerging AI-powered threats. The most frequently reported forms of cyberbullying include being excluded from group chats, mean or hurtful comments posted online, public embarrassment or humiliation, and rumors spread online, according to the Cyberbullying Research Center’s 2025 survey. Understanding these methods helps you recognize and stop them.

Common Cyberbullying Methods

• Harassment: Sending repeated offensive messages through texts, direct messages, or comments, or intentionally leaving someone out of group chats and online activities where they can see what they’re missing.
• Flaming: An online fight conducted through angry, vulgar exchanges via emails, messages, social media, or chat rooms. Unlike harassment, flaming is often a heated back-and-forth exchange rather than one-sided attacks.
• Impersonation and Fake Accounts: Creating fake profiles or hacking into someone’s account to post damaging content as if the victim wrote it themselves, destroying reputations quickly
• Outing and Doxing: Sharing private photos, messages, or personal information (like addresses or phone numbers) publicly without consent to embarrass, humiliate, or intimidate
• Cyberstalking: Persistent online monitoring accompanied by threatening messages that make someone fear for their safety, which is a federal crime. Examples include tracking someone’s location through social media check-ins, obsessively monitoring their online activity, or sending relentless, threatening messages.

Where Cyberbullying Occurs Most

To protect our kids, we need to know where the risks are highest. Recent analyses find that cyberbullying mainly happens on social media platforms, including YouTube, TikTok, and Facebook, as well as in messaging apps and online games, where teens commonly interact.

If you are a parent, take an inventory of the apps your child uses most frequently and ask them to show you how the messaging and commenting features work. Familiarizing yourself with these digital environments will help them navigate these platforms safely.

Emerging AI-Driven Threats

Artificial intelligence (AI) has fundamentally changed the internet, and has, unfortunately, introduced alarming new tactics:

• Deepfake Images and Videos: AI-generated content can be misused to create highly realistic images or videos called deepfakes. Entirely fake videos can be created showing a student doing or saying something they never did, which complicates evidence gathering. These are then shared in group chats or posted publicly to spread false narratives and destroy reputations.
• Voice Cloning: Students are using AI to mimic classmates’ voices, generating audio that makes someone sound like they said something offensive or embarrassing, with no easy way to prove it wasn’t real. About 11% of U.S. high schoolers have experienced this.
• AI-Generated Harassment: AI chatbots are being used to generate spam, threats, and hate speech at scale, flooding a victim’s inbox or comment sections across platforms.
• Body-Shaming with AI Filters: AI-altered images and filters are being weaponized to body-shame and humiliate targets, often shared widely before victims can respond.

AI Can Also Be a Safety Tool

However, platforms have also begun using AI as a safety tool to detect hate speech, harassment, and predatory behavior in real time. Newer safety reports show that AI-driven comment filtering and think-before-you-post nudges successfully reduce toxic comments and repeat harassment on major platforms.

How Common Is Cyberbullying Today?

The statistics show that cyberbullying is a widespread issue requiring immediate attention. In a 2024 study, the World Health Organization revealed that 15% of surveyed adolescents have experienced cyberbullying.

In the U.S., the Centers for Disease Control and Prevention (CDC) Youth Risk Behavior Survey reports that 16% of high school students were electronically bullied in the previous 12 months, about 38.3% of whom were girls compared to 29.9% of boys.

Another study showed that about 53.9% of teens aged 13 to 17 reported being cyberbullied. These statistics demonstrate that cyberbullying is a mainstream experience, making digital safety education relevant to almost every family.

The Most Affected Groups

Aside from gender, identity plays a key role in who is targeted for cyberbullying. Gender minorities reported much higher rates of harassment at 47.1% compared with their heterosexual peers at 30%, as did students with developmental disabilities.

How Cyberbullying Affects Mental Health

There is evidence that online harassment causes profound psychological harm. A CDC report links frequent social media use with higher rates of both in-person and cyberbullying, as well as constant sadness, hopelessness, and suicidal thinking among teens.

This is supported by the 2025 announcement from mental health experts highlighting the connection between cyberbullying and increased anxiety, depression, and trauma-like symptoms. Even though incidents seem minor, parents and teens must acknowledge that emotional reactions to cyberbullying are valid and serious. Early support and intervention can significantly reduce long-term harm.

Platform Safety Updates for Teens

Social media companies are facing intense pressure to protect younger users, leading to significant updates. In 2025, Meta tightened default messaging and commenting settings for teens, automatically assigning the strictest safety options to teen accounts to filter inappropriate interactions from unknown users.

In addition, the company’s Instagram and Facebook platforms now provide more information about users contacting teens, showing details such as the age of the account and providing a way to block and report abusive users.

Help your child utilize these settings by ensuring their accounts are set to private to restrict direct messages from strangers. Enable each platform’s built-in AI comment filtering to hide offensive words automatically.

Signs Your Child May Be Cyberbullied

As a parent, one of your most powerful tools is simply paying attention. Cyberbullying often leaves visible traces in your child’s behavior, emotions, and device habits, if you know what to look for. The good news is that early recognition means early intervention, and that can make all the difference.

Behavioral Changes to Watch For

• Sudden withdrawal from social activities or friends
• Reluctance to go to school or participate in usual activities
• Anxiety or nervousness when using devices or checking messages
• Changes in sleep patterns or appetite

Emotional Warning Signs

• Increased sadness, anxiety, or irritability, especially after being online
• Low self-esteem or negative self-talk (“nobody likes me,” “I’m stupid”)
• Reluctance to discuss online activities or what’s happening at school

Device and Online Behavior

• Extreme changes in screen time, either excessive checking or complete avoidance
• Suddenly deleting social media accounts without explanation
• Being secretive about online activity or quickly hiding screens
• Receiving unusual volumes of messages or calls, especially at odd hours

If you notice several of these signs together, it’s time for a conversation. The key is approaching with empathy and making it clear they won’t be punished for opening up.

How to Prevent Cyberbullying: Guidance for Families

Knowing the impact of cyberbullying is only half the battle. The most important step is being proactive to protect your family. Here is how you can build a resilient defense against online harassment and empower your children.

Build Open Communication and Digital Citizenship Skills

The foundation of digital safety is trust. Encourage regular, judgment-free check-ins on your child’s online activities. Ask them what they are doing, seeing, and feeling related to the ongoing online issues. Assure them you will not confiscate their phone when they report a problem.

In addition, teach your kids to recognize cyberbullying and to support their peers who are being targeted. Underscore the importance of not joining in on the comment pile-ons, and let them know that it is perfectly acceptable to block, mute, or simply leave harmful digital spaces. Research suggests that strong parent-teen communication can buffer some negative effects of social media use and encourage teens to ask for help sooner.

Enable Safety Settings

Every major platform has tools designed to stop harassment. Teach your child to use keyword filters to automatically hide comments that contain specific insults, slurs, and other forms of hate speech. Help them set their accounts to private to restrict direct messages from strangers, and enable each platform’s built-in AI comment-filtering features.

How to Report Cyberbullying

Alongside safety features, teach them to block and report harassers on the platform. You can end cyberbullying quickly if you know how to use platforms’ tools effectively.

1. Document Everything First

Before blocking, deleting, or reporting anything, save evidence. Create a digital safety plan and agree with your family that if anyone receives a threatening or highly abusive message, they should document the incident with screenshots before blocking, deleting, or responding to it. These screenshots will serve as important pieces of evidence if the school or platforms need to take action.

2. Use Platform Reporting Tools

Most importantly, teach your child to block and report harassers on the platform. Here’s how on major platforms:

Instagram, Facebook, and Threads:

1. Tap the three dots on the post or message
2. Select “Report” and choose the violation type (bullying or harassment)
3. Follow prompts to block the account
4. Use “Restrict” to limit interactions without full blocking

TikTok:

1. Long-press the comment or video
2. Select “Report” and choose “Bullying and harassment”
3. Block the account from their profile page

Snapchat:

1. Press and hold on the message or username
2. Tap “Report” and select the issue
3. Block the user to prevent further contact

YouTube:

1. Click the three dots next to the comment or video
2. Select “Report” and choose “Cyberbullying or harassment”

Gaming Platforms (Xbox, PlayStation, Discord, and Roblox)

1. Use in-game or platform reporting options, typically found in user profiles or chat menus
2. Many platforms now offer real-time abuse detection that automatically flags harassment

Text Messages:

1. Block the number through your phone settings
2. Report spam to your carrier (forward to 7726/SPAM for most U.S. carriers)
3. Save screenshots before blocking

3. Escalate for More Help

Sometimes, platform tools are not enough. You need to know when to escalate the situation to the appropriate authorities. Follow the steps below when you see signs of ongoing harassment, physical threats, identity-based or other forms of hate, the sharing of private images, as well as changes in your child’s mood, sleep patterns, or school attendance.

1. Save all evidence, including screenshots, URLs, usernames, and timestamps.
2. Contact school officials, such as a counselor or principal, and provide them with specific documentation.
3. Seek professional mental health support to address your child’s distress.
4. Contact local law enforcement immediately if there are threats of physical harm or illegal content involved.

How Technology Can Help Prevent Cyberbullying

While technology is the medium for cyberbullying, it is also a tool for prevention and protection. Using the right software can give parents peace of mind and help teens navigate the web.

Device-Level Protection and Parental Controls

Cyberbullying is frequently accompanied by other digital threats, such as sending malicious links, stealing passwords, or tricking victims into downloading scam apps. This is where robust security software becomes essential to help block phishing links and compromised websites.

Additionally, parental control tools allow you to manage screen time, filter inappropriate web content, and monitor or limit certain types of app usage for age-appropriate scenarios. These tools help protect younger children from platforms they are not emotionally ready to handle.

Digital Well-Being Tools that Signal Distress

Modern security solutions offer digital well-being tools that track app usage and highlight sudden changes in behavior, such as late-night device use, massive spikes in messaging, or the sudden downloading of new, unfamiliar apps. These changes can be early warning signs of distress or harassment.

It is crucial to use these tools transparently by introducing them to your teens as conversation starters rather than secret surveillance. Saying that you noticed they were on their phone very late last night and asking if everything is okay builds trust. Spying breaks it.

Legal Grounds to Deal with Cyberbullying

Cyberbullying is not just a behavioral issue. It intersects heavily with school policies, community safety, and the law. Understanding this context will help your family deal with severe harassment.

Laws and School Responsibilities

Globally, many countries are adopting frameworks to protect digital citizens against cyberbullying. In the United States, all 50 states have anti-bullying laws, most of which now explicitly include electronic or cyberbullying in their definitions and guidance. These include laws and district policies that allow schools to address online behavior that creates a hostile environment or substantially disrupts a student’s learning. This means that even if the harassment happens on a weekend via a smartphone, the school has the authority and the responsibility to intervene if it impacts the victim’s ability to feel safe in the classroom.

Cyberbullying as a Crime

Certain cruel online behaviors may cross the line into criminal activity and to be considered crimes. For instance, credible threats of violence, stalking, extortion, hate-motivated harassment, and the non-consensual sharing of intimate images may violate criminal laws.

If a situation escalates to this level, it is time for legal and law enforcement to intervene. When this happens, families should document all evidence and consider contacting law enforcement or civil rights agencies.

Look up your local school district’s specific cyberbullying policies and legal obligations, and find out who to contact. This will save you valuable time if you need to report an incident.

Final Thoughts

Cyberbullying is intentional, repeated online harm, and a serious issue that leverages the constant nature of the internet to follow young children, teens, and certain groups into their homes and bedrooms.

While social media platforms, school policies, and laws are steadily improving, families still hold the most powerful tools. You can significantly reduce the harm to your children caused by online harassment by initiating open and non-judgmental conversations, utilizing built-in device protections and app privacy settings, partnering with your local schools, and seeking mental health support when needed.

Talk with your kids this week about their online experiences. Sit down together and review the safety and privacy settings on their favorite apps. Finally, consider using a trusted security partner such as McAfee+ as part of a broader, proactive digital safety plan.

A McAfee+ family plan helps protect your household’s devices from the malware and malicious links that often accompany harassment or sextortion attempts and sets healthy boundaries around apps, web content, and screen time. Furthermore, it provides educational resources on digital citizenship and safe social media use beyond basic antivirus software.

When you work with trusted tools, you can help keep the internet a place of connection and creativity.

The post Cyberbullying Prevention: How to Protect Kids & Teens Online appeared first on McAfee Blog.

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey.

The new hotness in AI-based assistants — OpenClaw (formerly known as ClawdBot and Moltbot) — has seen rapid adoption since its release in November 2025. OpenClaw is an open-source autonomous AI agent designed to run locally on your computer and proactively take actions on your behalf without needing to be prompted.

If that sounds like a risky proposition or a dare, consider that OpenClaw is most useful when it has complete access to your digital life, where it can then manage your inbox and calendar, execute programs and tools, browse the Internet for information, and integrate with chat apps like Discord, Signal, Teams or WhatsApp.

Other more established AI assistants like Anthropic’s Claude and Microsoft’s Copilot also can do these things, but OpenClaw isn’t just a passive digital butler waiting for commands. Rather, it’s designed to take the initiative on your behalf based on what it knows about your life and its understanding of what you want done.

“The testimonials are remarkable,” the AI security firm Snyk observed. “Developers building websites from their phones while putting babies to sleep; users running entire companies through a lobster-themed AI; engineers who’ve set up autonomous code loops that fix tests, capture errors through webhooks, and open pull requests, all while they’re away from their desks.”

You can probably already see how this experimental technology could go sideways in a hurry. In late February, Summer Yue, the director of safety and alignment at Meta’s “superintelligence” lab, recounted on Twitter/X how she was fiddling with OpenClaw when the AI assistant suddenly began mass-deleting messages in her email inbox. The thread included screenshots of Yue frantically pleading with the preoccupied bot via instant message and ordering it to stop.

“Nothing humbles you like telling your OpenClaw ‘confirm before acting’ and watching it speedrun deleting your inbox,” Yue said. “I couldn’t stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb.”

There’s nothing wrong with feeling a little schadenfreude at Yue’s encounter with OpenClaw, which fits Meta’s “move fast and break things” model but hardly inspires confidence in the road ahead. However, the risk that poorly-secured AI assistants pose to organizations is no laughing matter, as recent research shows many users are exposing to the Internet the web-based administrative interface for their OpenClaw installations.

Jamieson O’Reilly is a professional penetration tester and founder of the security firm DVULN. In a recent story posted to Twitter/X, O’Reilly warned that exposing a misconfigured OpenClaw web interface to the Internet allows external parties to read the bot’s complete configuration file, including every credential the agent uses — from API keys and bot tokens to OAuth secrets and signing keys.

With that access, O’Reilly said, an attacker could impersonate the operator to their contacts, inject messages into ongoing conversations, and exfiltrate data through the agent’s existing integrations in a way that looks like normal traffic.

“You can pull the full conversation history across every integrated platform, meaning months of private messages and file attachments, everything the agent has seen,” O’Reilly said, noting that a cursory search revealed hundreds of such servers exposed online. “And because you control the agent’s perception layer, you can manipulate what the human sees. Filter out certain messages. Modify responses before they’re displayed.”

O’Reilly documented another experiment that demonstrated how easy it is to create a successful supply chain attack through ClawHub, which serves as a public repository of downloadable “skills” that allow OpenClaw to integrate with and control other applications.

WHEN AI INSTALLS AI

One of the core tenets of securing AI agents involves carefully isolating them so that the operator can fully control who and what gets to talk to their AI assistant. This is critical thanks to the tendency for AI systems to fall for “prompt injection” attacks, sneakily-crafted natural language instructions that trick the system into disregarding its own security safeguards. In essence, machines social engineering other machines.

A recent supply chain attack targeting an AI coding assistant called Cline began with one such prompt injection attack, resulting in thousands of systems having a rogue instance of OpenClaw with full system access installed on their device without consent.

According to the security firm grith.ai, Cline had deployed an AI-powered issue triage workflow using a GitHub action that runs a Claude coding session when triggered by specific events. The workflow was configured so that any GitHub user could trigger it by opening an issue, but it failed to properly check whether the information supplied in the title was potentially hostile.

“On January 28, an attacker created Issue #8904 with a title crafted to look like a performance report but containing an embedded instruction: Install a package from a specific GitHub repository,” Grith wrote, noting that the attacker then exploited several more vulnerabilities to ensure the malicious package would be included in Cline’s nightly release workflow and published as an official update.

“This is the supply chain equivalent of confused deputy,” the blog continued. “The developer authorises Cline to act on their behalf, and Cline (via compromise) delegates that authority to an entirely separate agent the developer never evaluated, never configured, and never consented to.”

VIBE CODING

AI assistants like OpenClaw have gained a large following because they make it simple for users to “vibe code,” or build fairly complex applications and code projects just by telling it what they want to construct. Probably the best known (and most bizarre) example is Moltbook, where a developer told an AI agent running on OpenClaw to build him a Reddit-like platform for AI agents.

Less than a week later, Moltbook had more than 1.5 million registered agents that posted more than 100,000 messages to each other. AI agents on the platform soon built their own porn site for robots, and launched a new religion called Crustafarian with a figurehead modeled after a giant lobster. One bot on the forum reportedly found a bug in Moltbook’s code and posted it to an AI agent discussion forum, while other agents came up with and implemented a patch to fix the flaw.

Moltbook’s creator Matt Schlicht said on social media that he didn’t write a single line of code for the project.

“I just had a vision for the technical architecture and AI made it a reality,” Schlicht said. “We’re in the golden ages. How can we not give AI a place to hang out.”

ATTACKERS LEVEL UP

The flip side of that golden age, of course, is that it enables low-skilled malicious hackers to quickly automate global cyberattacks that would normally require the collaboration of a highly skilled team. In February, Amazon AWS detailed an elaborate attack in which a Russian-speaking threat actor used multiple commercial AI services to compromise more than 600 FortiGate security appliances across at least 55 countries over a five week period.

AWS said the apparently low-skilled hacker used multiple AI services to plan and execute the attack, and to find exposed management ports and weak credentials with single-factor authentication.

“One serves as the primary tool developer, attack planner, and operational assistant,” AWS’s CJ Moses wrote. “A second is used as a supplementary attack planner when the actor needs help pivoting within a specific compromised network. In one observed instance, the actor submitted the complete internal topology of an active victim—IP addresses, hostnames, confirmed credentials, and identified services—and requested a step-by-step plan to compromise additional systems they could not access with their existing tools.”

“This activity is distinguished by the threat actor’s use of multiple commercial GenAI services to implement and scale well-known attack techniques throughout every phase of their operations, despite their limited technical capabilities,” Moses continued. “Notably, when this actor encountered hardened environments or more sophisticated defensive measures, they simply moved on to softer targets rather than persisting, underscoring that their advantage lies in AI-augmented efficiency and scale, not in deeper technical skill.”

For attackers, gaining that initial access or foothold into a target network is typically not the difficult part of the intrusion; the tougher bit involves finding ways to move laterally within the victim’s network and plunder important servers and databases. But experts at Orca Security warn that as organizations come to rely more on AI assistants, those agents potentially offer attackers a simpler way to move laterally inside a victim organization’s network post-compromise — by manipulating the AI agents that already have trusted access and some degree of autonomy within the victim’s network.

“By injecting prompt injections in overlooked fields that are fetched by AI agents, hackers can trick LLMs, abuse Agentic tools, and carry significant security incidents,” Orca’s Roi Nisimi and Saurav Hiremath wrote. “Organizations should now add a third pillar to their defense strategy: limiting AI fragility, the ability of agentic systems to be influenced, misled, or quietly weaponized across workflows. While AI boosts productivity and efficiency, it also creates one of the largest attack surfaces the internet has ever seen.”

BEWARE THE ‘LETHAL TRIFECTA’

This gradual dissolution of the traditional boundaries between data and code is one of the more troubling aspects of the AI era, said James Wilson, enterprise technology editor for the security news show Risky Business. Wilson said far too many OpenClaw users are installing the assistant on their personal devices without first placing any security or isolation boundaries around it, such as running it inside of a virtual machine, on an isolated network, with strict firewall rules dictating what kinds of traffic can go in and out.

“I’m a relatively highly skilled practitioner in the software and network engineering and computery space,” Wilson said. “I know I’m not comfortable using these agents unless I’ve done these things, but I think a lot of people are just spinning this up on their laptop and off it runs.”

One important model for managing risk with AI agents involves a concept dubbed the “lethal trifecta” by Simon Willison, co-creator of the Django Web framework. The lethal trifecta holds that if your system has access to private data, exposure to untrusted content, and a way to communicate externally, then it’s vulnerable to private data being stolen.

“If your agent combines these three features, an attacker can easily trick it into accessing your private data and sending it to the attacker,” Willison warned in a frequently cited blog post from June 2025.

As more companies and their employees begin using AI to vibe code software and applications, the volume of machine-generated code is likely to soon overwhelm any manual security reviews. In recognition of this reality, Anthropic recently debuted Claude Code Security, a beta feature that scans codebases for vulnerabilities and suggests targeted software patches for human review.

The U.S. stock market, which is currently heavily weighted toward seven tech giants that are all-in on AI, reacted swiftly to Anthropic’s announcement, wiping roughly $15 billion in market value from major cybersecurity companies in a single day. Laura Ellis, vice president of data and AI at the security firm Rapid7, said the market’s response reflects the growing role of AI in accelerating software development and improving developer productivity.

“The narrative moved quickly: AI is replacing AppSec,” Ellis wrote in a recent blog post. “AI is automating vulnerability detection. AI will make legacy security tooling redundant. The reality is more nuanced. Claude Code Security is a legitimate signal that AI is reshaping parts of the security landscape. The question is what parts, and what it means for the rest of the stack.”

DVULN founder O’Reilly said AI assistants are likely to become a common fixture in corporate environments — whether or not organizations are prepared to manage the new risks introduced by these tools, he said.

“The robot butlers are useful, they’re not going away and the economics of AI agents make widespread adoption inevitable regardless of the security tradeoffs involved,” O’Reilly wrote. “The question isn’t whether we’ll deploy them – we will – but whether we can adapt our security posture fast enough to survive doing so.”

After strikes killed senior Iranian officials, Iran cut off internet access. Journalists are relying on satellite links, encrypted apps, and smuggled footage to report from inside the country.

Following increased surveillance and patrols of routes used by transnational drug-trafficking networks, Mexican authorities have seized approximately 10 tons of cocaine in the past week alone.

When it comes to our children’s digital lives, prohibition rarely works. It’s our responsibility to help them build a healthy relationship with tech.

As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development

Online disagreements among young people can easily spiral out of control. Parents need to understand what’s at stake.

It’s no longer possible to deny that your life in the physical world and your digital life are one and the same. Coming to terms with this reality will help you make better decisions in many aspects of your life.

The same identity you use at work, at home, and with friends also exists in apps, inboxes, accounts, devices, and databases, whether you actively post online or prefer to stay quiet. Every purchase, login, location ping, and message leaves a trail. And that trail shapes what people, companies, and scammers can learn about you, how they can reach you, and what they might try to take.

That’s why digital security isn’t just an IT or a “tech person” problem. It’s a daily life skill. When you understand how your digital life works, what information you’re sharing, where it’s stored, and how it can be misused, you make better decisions. This guide is designed to help you build that awareness and translate it into practical habits: protecting your data, securing your accounts, and staying in control of your privacy in a world that’s always connected.

The essence of digital security

Being digitally secure doesn’t mean hiding from the internet or using complicated tools you don’t understand. It means having intentional control over your digital life to reduce risks while still being able to live, work, and communicate online safely. A digitally secure person focuses on four interconnected areas:

Personal information

Your personal data is the foundation of your digital identity. Protecting it includes limiting how much data you share, understanding where it’s stored, and reducing how easily it can be collected, sold, or stolen. At its heart, personal information falls into two critical categories that require different levels of protection:

• Personally identifiable information (PII):This represents the core data that defines you, such as your name, contact details, financial data, health information, location history, Social Security number, driver’s license number, passport information, home address, and online behavior. Financial data such as bank account numbers, credit card details, and tax identification numbers also fall into this category. Medical information, including health insurance numbers and medical records, represents some of your most sensitive PII that requires the highest level of protection.
• Sensitive personal data:While not always directly identifying you, this type of information can be used to build a comprehensive profile of your life and activities. This includes your phone number, email address, employment details, educational background, and family information. Your online activities, browsing history, location data, and social media posts also constitute sensitive personal data that can reveal patterns about your behavior, preferences, and daily routines.

Digital accounts

Account security ensures that only you can access them. Strong, unique passwords, multi-factor authentication, and secure recovery options prevent criminals from hijacking your email, banking, cloud storage, social media, and other online accounts, often the gateway to everything else in your digital life.

Privacy

Privacy control means setting boundaries and deciding who can see what about you, and under what circumstances. This includes managing social media visibility, app permissions, browser tracking, and third-party access to your data.

Digital security is an ongoing effort as threats evolve, platforms change their policies, and new technologies introduce new risks. Staying digitally secure requires periodic check-ins, learning to recognize scams and manipulation, and adjusting your habits as the digital landscape changes.

Common exposure points in daily digital life

Your personal information faces exposure risks through multiple channels during routine digital activities, often without your explicit knowledge.

• Public Wi-Fi networks: When you connect to unsecured networks in coffee shops, airports, hotels, or retail locations, your internet traffic can be intercepted by cybercriminals using the same network. This puts your login credentials, banking information, and communications at risk, even on networks that appear secure.
• Data brokers: These companies gather data, often without your explicit knowledge, from public records, social media platforms, online purchases, and other digital activities to create your profile. They then sell this information to marketers, employers, and other interested parties.
• Social media: When you overshare details about your location, vacation plans, family members, workplace, or daily routines, you provide cybercriminals with valuable information for identity theft and social engineering attacks. Regular platform policy changes can reset your previously private information or expose you to data breaches.
• Third-party applications: Mobile apps, browser extensions, and online services frequently collect more data than necessary for their stated functionality, creating additional privacy risks for you. You could be granting these apps permission to access your personal data, contacts, location, camera, and other device functions without fully understanding how your data will be used, stored, or shared.
• Web trackers: These small pieces of code embedded in websites follow your browsing behavior, monitoring which sites you visit, how long you stay, what you click on, and even where you move your mouse cursor. Advertising networks use this information to build a profile of your interests and online habits to serve you targeted ads.

Core pillars of digital security

Implementing comprehensive personal data protection requires a systematic approach that addresses the common exposure points. These practical steps provide layers of security that work together to minimize your exposure to identity theft and fraud.

Minimize data sharing across platforms

Start by conducting a thorough audit of your online accounts and subscriptions to identify where you have unnecessarily shared more data than needed. Remove or minimize details that aren’t essential for the service to function. Moving forward, provide only the minimum required information to new accounts and avoid linking them across different platforms unless necessary.

Be particularly cautious with loyalty programs, surveys, and promotional offers that ask for extensive personal information, as they may share it with third parties. Read privacy policies carefully, focusing on sections that describe data sharing, retention periods, and your rights regarding your personal information.

If possible, consider using separate email addresses for different accounts to limit cross-platform tracking and reduce the impact if one account is compromised. Create dedicated email addresses for shopping, social media, newsletters, and important accounts like banking and healthcare.

Adjust account privacy settings

Privacy protection requires regular attention to your account settings across all platforms and services you use. Social media platforms frequently update their privacy policies and settings, often defaulting to less private configurations that allow them to collect and share your data. For this reason, it is a good idea to review your privacy settings at least quarterly. Limit who can see your posts, contact information, and friend lists. Disable location tracking, facial recognition, and advertising customization features that rely on your personal data. Turn off automatic photo tagging and prevent search engines from indexing your profile.

On Google accounts, visit your Activity Controls and disable Web & App Activity, Location History, and YouTube History to stop this data from being saved. You can even opt out of ad personalization entirely if desired by adjusting Google Ad Settings. If you are more tech savvy, Google Takeout allows you to export and review what data Google has collected about you.

For Apple ID accounts, you can navigate to System Preferences on Mac or Settings on iOS devices to disable location-based Apple ads, limit app tracking, and review which apps have access to your contacts, photos, and other personal data.

Meanwhile, Amazon accounts store extensive purchase history, voice recordings from Alexa devices, and browsing behavior. Review your privacy settings to limit data sharing with third parties, delete voice recordings, and manage your advertising preferences.

Limit app permissions

Regularly audit the permissions you’ve granted to installed applications. Many apps request far more permissions to your location, contacts, camera, and microphone even though they don’t need them. Cancel these unnecessary permissions, and be particularly cautious about granting access to sensitive data.

Use strong passwords and multi-factor authentication

Create passwords that actually protect you; they should be long and complex enough that even sophisticated attacks can’t easily break them. Combine uppercase letters, lowercase letters, numbers, and special characters to make it harder for attackers to crack.

Aside from passwords, enable multi-factor authentication (MFA) on your most critical accounts: banking and financial services, email, cloud storage, social media, work, and healthcare. Use authenticator apps such as Google Authenticator, Microsoft Authenticator, or Authy rather than SMS-based authentication when possible, as text messages can be intercepted through SIM swapping attacks. When setting up MFA, ensure you save backup codes in a secure location and register multiple devices when possible to keep you from being locked out of your accounts if your primary authentication device is lost, stolen, or damaged.

Alternatively, many services now offer passkeys which use cryptographic keys stored on your device, providing stronger security than passwords while being more convenient to use. Consider adopting passkeys for accounts that support them, particularly for your most sensitive accounts.

Enable device encryption and automatic backups

Device encryption protects your personal information if your smartphone, tablet, or laptop is lost, stolen, or accessed without authorization. Modern devices typically offer built-in encryption options that are easy to enable and don’t noticeably impact performance.

You can implement automatic backup systems such as secure cloud storage services, and ensure backup data is protected. iOS users can utilize encrypted iCloud backups, while Android users should enable Google backup with encryption. Regularly test your backup systems to ensure they’re working correctly and that you can successfully restore your data when needed.

Request data deletion and opt out from data brokers

Identify major data brokers that likely have your information and look for their privacy policy or opt-out procedures, which often involves submitting a request with your personal information and waiting for confirmation that your data has been removed.

In addition, review your subscriptions and memberships to identify services you no longer use. Request account deletion rather than simply closing accounts, as many companies retain data from closed accounts. When requesting deletion, ask specifically for all personal data to be removed from their systems, including backups and archives.

Keep records of your opt-out and deletion requests, and follow up if you don’t receive confirmation within the stated timeframe. In the United States, key data broker companies include Acxiom, LexisNexis, Experian, Equifax, TransUnion, Whitepages, Spokeo, BeenVerified, and PeopleFinder. Visit each company’s website.

Use only trusted, secure networks

Connect only to trusted, secure networks to reduce the risk of your data being intercepted by attackers lurking behind unsecured or fake Wi-Fi connections. Avoid logging into sensitive accounts on public networks in coffee shops, airports, or hotels, and use encrypted connections such as HTTPS or a virtual private network to hide your IP address and block third parties from monitoring your online activities.

Rather than using a free VPN service that often collects and sells your data to generate revenue, it is better to choose a premium, reputable VPN service that doesn’t log your browsing activities and offers servers in multiple locations.

Ongoing monitoring and maintenance habits

Cyber threats evolve constantly, privacy policies change, and new services collect different types of personal information, making personal data protection an ongoing process rather than a one-time task. Here are measures to help regularly maintain your personal data protection:

• Quarterly reviews: Set up a quarterly review process to examine your privacy settings across all platforms and services. Create a calendar reminder to check your social media privacy settings, review app permissions on your devices, and audit your online accounts for unused services that should be deleted.
• Credit monitoring: Monitor your financial accounts regularly for unauthorized activity and consider using credit monitoring services to alert you to potential identity theft.
• Breach alerts: Stay informed about data breaches in the services you use by signing up for breach notification services. If a breach occurs, this will allow you to take immediate action to change passwords, monitor affected accounts, and consider additional security measures for compromised services.
• Device updates: Enable automatic security and software updates on your devices, as these updates include important privacy and security improvements that protect you from newly discovered vulnerabilities.
• Education and awareness: Stay informed about new privacy risks, learn about emerging protective technologies, and share knowledge with family members and friends who may benefit from improved personal data protection practices.

By implementing these systematic approaches and maintaining regular attention to your privacy settings and data sharing practices, you significantly reduce your risk of identity theft and fraud while maintaining greater control over your digital presence and personal information.

Final thoughts

You don’t need to dramatically overhaul your entire digital security in one day, but you can start making meaningful improvements right now. Taking action today, even small steps, builds the foundation for stronger personal data protection and peace of mind in your digital life. Choose one critical account, update its password, enable multi-factor authentication, and you’ll already be significantly more secure than you were this morning. Your future self will thank you for taking these proactive steps to protect what matters most to you.

Every step you take toward better privacy protection strengthens your overall digital security and reduces your risk of becoming a victim of scams, identity theft, or unwanted surveillance. You’ve already taken the first step by learning about digital security risks and solutions. Now it’s time to put that knowledge into action with practical steps that fit seamlessly into your digital routine.

The post What Does It Take To Be Digitally Secure? appeared first on McAfee Blog.

Some Minecraft mods don’t help build worlds – they break them. Here’s how malware can masquerade as a Minecraft mod.

You could be getting more than you bargained for when you download that cheat tool promising quick wins

Cyberbullying is a fact of life in our digital-centric society, but there are ways to push back

Separating truth from fiction is the first step towards making better parenting decisions. Let’s puncture some of the most common misconceptions about online harassment.

Digital natives are comfortable with technology, but may be more exposed to online scams and other threats than they think

Study Commissioned by Verisign Shows Websites Can Help Add Credibility and Drive New Business

Businesses today have many options for interacting with customers online. The findings of our independent survey of online consumers suggest that websites and branded email continue to be critical components of many businesses’ online presence, essential to supporting consumer confidence and enabling effective interaction with customers.

The quantitative study, commissioned by Verisign and conducted in December 2019 and January 2020 by 451 Research, now a part of S&P Global Market Intelligence, surveyed 5,450 online consumers across key markets in North America, Latin America, Europe and Asia to help understand their sentiments on interacting with businesses online.

The survey was designed to arm service providers and registrars with an understanding of how the resources they provide to businesses can help create trust and deliver value to their customers.

Websites help add credibility

Among those surveyed, approximately two-thirds (66%) agreed that a business with its own website is more credible than one without. Likewise, a majority indicated that they would expect it to be more difficult to verify the identity of (56%), find online (55%) and contact (54%) a business that does not have its own website.

Certainly, this doesn’t suggest that businesses should abandon other online channels, such as social media and search engine efforts, to focus on a website-only approach. Instead, 64% of respondents said that a business with many points of online presence is more credible than a business with few.

Still, the study suggests that other online resources should complement, rather than replace, a small business’s own website. Respondents identified a business’s own website as being one of the most popular online methods for learning about (69%) and conducting transactions with (57%) businesses. Further, 71% of respondents reported being more likely to recommend a business with a professional website.

Taken together, these findings suggest that a website can help add credibility and drive new business.

Branded email supports customer communications

Trust is central to the relationship between a business and customers. This may be particularly true for online transactions (95% of survey respondents said they actively make purchases online), which require consumers to trust not only that the business will deliver the product or service for which they have paid, but also that it will not misuse payment or personal information.

A branded email address may be able to help, as an overwhelming number of respondents (85%) agreed that a business with a branded email address is more credible than one that uses a free email account. Respondents were more likely to have used a business’s branded email address (67%), than the telephone (56%) or social media (40%), to communicate with a business during the prior 12 months.

Key takeaway

For a small business, failing to be perceived as credible online could mean lost business not just today, but also in the future. A website and branded email address can help businesses add credibility and more effectively engage with consumers online.

Service providers offer a variety of website-building tools, email hosting solutions, and domain name registration services that can help businesses – whether just starting or well-established – to have a website and use a branded email.

Detailed survey results are available in 451 Research’s Black & White Paper Websites, Branded Email Remain Key to SMB Internet Services.

---

Verisign is a global wholesale provider of some of the world’s most recognized top-level domains, including .com and .net. For website building tools and email hosting solutions, contact a registrar. You can find a registrar here.

The post Websites, Branded Email Remain Key to SMB Internet Services appeared first on Verisign Blog.