Category: Cyber Safety

Not a Toy: The Hidden Dangers of AI Chatbots for Children

In bedrooms, on bus rides, and between classes, children are turning to AI chatbots not just for homework help—but for companionship, advice, and affirmation. What many parents see as a harmless digital curiosity may be altering how young minds develop, and not for the better. Chatbot apps are being downloaded by millions of users worldwide, and children make up a rapidly growing share of that population. These apps are often free, easy to use, and instantly gratifying. They don’t judge. They don’t get tired. For a child or teen feeling lonely, curious, or bored, these bots can quickly become emotional crutches.

One of the most popular AI chatbot apps available today is Replika. It’s marketed as a personal companion that learns from you and talks with you about anything—from school stress to existential questions. When you search for the app online, the first phrase you’ll see is: “An AI chatbot who cares.” This is exactly the kind of messaging that appeals to young people. It mimics the promise of emotional support, yet behind the scenes, it is powered by language models trained on generic internet data. There are no human values, no ethical guardrails, and no understanding of child psychology. What looks like a friend is just a string of algorithms doing pattern recognition—and children may not be equipped to tell the difference.

Children aren’t just turning to chatbots for companionship — they’re using them as problem solvers. That, in my view, is part of the reason we’re beginning to see studies linking prolonged AI use to signs of brain atrophy. Growing up means going through hard things, and learning to handle them on your own. There’s even a popular trend on TikTok right now: you vs. you. It’s about building resilience through struggle, not bypassing it.

If we don’t let ourselves wrestle with emotions, we’re doing our development a disservice. Leaning on an algorithm for advice about your first breakup might feel comforting, but it short-circuits the brain’s natural learning process. As one article in EdSurge put it, “if we are not struggling, we are not learning.” When kids make a habit of turning to AI bots for emotional support, it becomes a harmful coping mechanism — one that masks difficult feelings instead of helping them work through them.

Sure, the bot might offer an answer. But it’s not the kind of growth we want for our kids. The more they offload their problems to a machine, the less they learn to process real-life conflict — and the more disconnected they become from their own instincts. We need to teach children to live their lives, not hand that responsibility over to a bot.

Recent studies raise deeper concerns. A groundbreaking MIT and Mass General Hospital study found signs of brain atrophy in children who engage with AI or highly stimulating digital platforms for extended periods. While researchers are still exploring how and why these changes occur, the early signals are disturbing: AI interaction may not just confuse kids emotionally—it may harm them neurologically.

AI chatbots are becoming an increasingly common part of children’s lives. While the technology can seem magical and helpful, it is not a substitute for real human connection or the natural struggle that drives learning and growth. As parents, caregivers, and educators, it’s our responsibility to stay informed, monitor how our children use AI, and encourage healthy boundaries. Let’s guide our kids to develop resilience, critical thinking, and emotional strength — not to outsource these essential parts of growing up to algorithms.

 What Parents Can Do

  1. Teach kids the difference between real support and artificial responses.
     Let your child know that AI chatbots like Replika may seem friendly, but they don’t understand feelings, and they can’t offer real help. Make sure your child knows it’s always better to talk to a trusted adult or friend.
  2. Limit access to chatbot apps.
     Check which apps your child is using. Many of these AI companions don’t have age checks or content filters. Set rules around what kinds of apps are allowed, and use parental controls when possible to block or monitor risky ones.
  3. Encourage real-life coping skills.
     When your child is upset or struggling, guide them through it instead of letting a screen do it. Talk it out, offer reassurance, and help them learn how to handle tough emotions — these moments build confidence and resilience.
  4. Create tech-free zones and check-ins. Make spaces like bedrooms and family dinners phone-free. Set regular times to talk about what your child is doing online, and keep the conversation open, not judgmental.
0

Back From the Dead: Why Putting Old Call of Duty Games on Game Pass Could Be a Dangerous Move

In a move that should have excited fans, Microsoft added Call of Duty: WWII to PC Game Pass recently. But within days, it was pulled. The reason? A full-blown hacker infestation that didn’t just ruin matches — it endangered people’s systems.

With Microsoft’s acquisition of Activision Blizzard finally complete, fans have been buzzing with anticipation over what could come next for Call of Duty on Game Pass. The idea of booting up Modern Warfare 2, Black Ops II, or World at War with a Game Pass subscription sounds like a dream come true for longtime players — especially those who miss the golden era of split-screen trick shots and chaotic zombies lobbies.

There’s no doubt that Game Pass is becoming Microsoft’s flagship platform. Adding legacy Call of Duty titles makes perfect business sense. It re-engages lapsed players, boosts subscription value, and capitalizes on the franchise’s massive nostalgia factor. In fact, some of these older titles have already seen revived popularity in recent months, thanks to community-driven hype and modded servers.

But that dream is now running into reality — and it’s not pretty. Call of Duty: WWII was supposed to be a low-risk first step toward bringing back older entries. Instead, it’s become a warning sign of what happens when you bring old games with unpatched vulnerabilities into a modern platform with millions of users.

The situation with Call of Duty: WWII wasn’t just annoying—it was dangerous. The game became a hotbed for remote code execution (RCE) attacks, a type of exploit where malicious users can run code on another player’s machine simply by being in the same game session. In plain terms: someone halfway across the country could access your PC and manipulate it, just because you played a match with them.

And this isn’t limited to WWII. These vulnerabilities are deeply embedded in the IW engine — a codebase that has been the backbone of Call of Duty for nearly two decades. From Modern Warfare to Black Ops, from World at War to Advanced Warfare, many older titles run on versions of the same foundation. As one user put it bluntly:

“No it’s not [just WWII]. There is a way for people to access your PC just by connecting to you in a game. It affects every old COD because it uses the same engine. Including Quake.”

This isn’t just a cheat code arms race. It’s an infrastructure problem. Old games, especially those that haven’t received active support or security updates in years, become breeding grounds for exploits. These vulnerabilities weren’t designed for today’s online ecosystem — and malicious actors know it.

The text boxes, forced pop-ups, and PC manipulations players have documented aren’t theoretical threats. They’re real-time demonstrations of what happens when a popular platform like Game Pass intersects with forgotten game code and modern hacker communities.

The idea of revisiting classic Call of Duty titles on Game Pass sounds like a win. But nostalgia shouldn’t override basic digital safety. If Microsoft is serious about rolling out older Call of Duty games to millions of Game Pass subscribers, especially on PC, it must also be serious about securing them.

These aren’t harmless bugs. These are vulnerabilities that allow strangers to access players’ machines — not in theory, but in practice. Pulling WWII from the PC catalog was the right move. Now the real question is: will Microsoft fix the problem before they bring more of these games back?

The excitement around bringing legacy titles to Game Pass is real. But that excitement can’t blind us to the risks. Pushing these games live again without major investment in security patches or backend protections doesn’t just set up bad multiplayer experiences — it opens the door to real, widespread damage.

What Should Parents Know and Do?

Game Pass is a subscription service from Microsoft that gives users access to a large library of video games. Recently, there’s been talk of adding older Call of Duty titles to the platform. While these games haven’t been added yet, it’s important for parents to be aware of a potential risk tied to these older titles—especially on PC.

Many of these older games have serious security vulnerabilities that hackers can exploit. In some cases, just joining an online match could allow a bad actor to access another player’s computer. While this might sound extreme, gamers and cybersecurity experts have been sounding the alarm for years. And because these games are often sold cheaply at resale stores like GameStop or found for a few dollars online, they’re easy for kids to pick up without knowing the risks.

Here’s what parents should keep in mind:

  • Be cautious of older Call of Duty titles on PC, whether bought through Game Pass or secondhand. If vulnerabilities remain unpatched, they could expose your child’s device.
  • Ask your child what they’re playing and where they got it. If they mention downloading or buying older games, especially for PC, take a closer look.
  • Talk to your child about online safety in games, including avoiding sketchy servers and not sharing personal info in chats.
  • Use basic cybersecurity tools like firewalls and antivirus software to add protection in case something slips through.
  • Avoid giving kids admin access on their gaming computers, which can limit the damage if something does go wrong.

While these risks might not be well known, they’re real—and worth paying attention to. Staying aware can help you keep gaming safe and fun for your child.

Until there’s transparency and a clear security roadmap, older Call of Duty titles should remain offline — or at least off Game Pass. Gamers deserve better than to risk their systems for a shot of nostalgia.

0

Those Free Apps Kids Use Have A Dark Side

Have you ever offered your child an iPad to play games in order to get some uninterrupted time to cook dinner, or to do some work around the house? Many of us have. It’s common for parents to allow young kids to play games on parent-owned phones or tablets.

But a new report from security firm Rubica finds many gaming apps for kids contain significant security risks and may not be safe for use. Find out more in this Cyber Savvy Mom column on BayState Parent.

 

*Image by Hal Gatewood

 

0

Is using free WiFi really risky?

We have been advised to stay off public WiFi networks because they are inherently risky. If you care about security and privacy, don’t jump on WiFi just because you HAVE to get access to something on your laptop.

But do you listen? No!

Apparently, no one is listening. Public, free WiFi is still increasingly popping up…well, everywhere. It’s in coffee shops, airports, it is even available in municipalities around the globe because many cities are developing free, public WiFi to power their own connected, smart cities initiatives.

Just how risky is WiFi these days? As this excellent Consumer Reports article notes, most sensitive data is now sent through encrypted channels. Many of the risks with public WiFi have faded since many adults began their online lives, according to Chester Wisniewski, a principal research scientist for the British cybersecurity firm Sophos.

This article breaks down the concerns that still exist with using public WiFi, and steps you can take to stay safe (or at least a bit safer) when using a public network.

*Image source: Bernard Hermant on Unsplash

0

Has your email been compromised?

Want to know if your email information has been leaked on the dark web? Many email addresses, and associated passwords, have been compromised in recent data breaches. A breach is an incident where data has been unintentionally exposed to the public. Criminals then often make lists of this information and place them on dark web sites for others to view in order to access your account and steal sensitive data (think: financial account information).

Use this link (listed again below) to enter your address (or any address you want to check). If you have been “p0wned” – a term meaning exposed – your first step is to change the password associated with that account.

Other important tips: Do not reuse passwords across accounts, and always use strong passwords. Get tips for creating strong passwords here.

https://haveibeenpwned.com

0

Tips for keeping kids safe on Fortnite

In my monthly column on BayStateParent.com, I dig deeper into a story that is making headlines about the dangers kids face while playing Fortnite and other online games and apps. A story originally reported on the site NJ.com gained attention recently after the arrest of 24 men who police say were using messaging services through Fortnite (and other games and apps) to try and lure children. Law enforcement officials pretended to be kids and communicated with men who thought they were talking with 14- and 15-year-old boys and girls.

But how concerning is this news? Is this a Fortnite-specific problem (spoiler alert: no). And what do parents really need to know to help their kids stay safe while gaming and communicating online? Please read this month’s column for tips and advice.

https://www.baystateparent.com/news/20190207/keeping-kids-safe-on-fortnite-and-other-online-games–apps

0

Today’s biggest social media scams

Social media adds much to our lives: friend connections, socializing, funny memes, political arguments (OK, maybe not ALL of it is positive). But putting yourself out their on a social network also brings risk into your life. Criminals know how much we love to log on and be social, and these sites are common targets for cons. Falling for these schemes sets you up for a malware infection on your device, or even a financial loss if someone manages to fool you into sending them money.

Be on guard for the darker activity making the rounds on social media. Check out these social media scams currently making the rounds on Facebook, Twitter, Instagram and other popular sites.

0

What can I do to protect myself after Equifax?

I’m getting many questions from fellow CyberSavvy Parents out there who want to know the best recourse for protecting yourself and your credit after the massive breach announced earlier this month by Equifax.

A quick explainer if you’re not familiar with the breach I am referring to:

Equifax, a consumer credit reporting agency, reported earlier this month that cybercriminals had gained access to the personal information of approximately 143 million consumers. The information included social security numbers, addresses and other personal information that can be used to create credit accounts in your name and can also be sold for profit on the black market.

The answer to “what now?” is not that easy.  Some experts, like Terry Cutler, a security advisor who gets into suggestions in the video below, advise that you consider freezing your credit.  Freezing your credit is just what it sounds like: it puts a freeze on any new lines of credit that can be opened with your social security number.  You implement the freeze and you initiate the “unfreezing” of your credit as well with a personal identification number or other type of locking key/code that you establish when you initiate the freeze.

My issue with advising millions to freeze their credit is that this is not an easy on/off process and can be a headache, as explained in this article.  Is it an option? Yes. But don’t think it is a “quick fix” to your personal, sensitive information hanging out there for criminals to use.

More importantly: monitor your credit report vigilantly.  This was important before Equifax became headline news, and is now even more so.  If you have minor-aged children (and I assume if you’re reading this site you likely do), then check on their social security numbers too, frequently, to ensure there is no credit taken out in their names.  How do you do this? Unfortunately you need to take your inquiry back to the source of our headache: the credit reporting bureaus.  In addition Equifax, credit bureaus TransUnion and Experian need to be contacted to get a complete picture of what you have out there for credit lines.  All three bureaus also need to be contacted if you choose to freeze your credit.

I don’t promote specific products on this site, but there is the option of enrolling in a credit monitoring service for your entire family.  Google search for some options and do your homework before signing on to any service. And, no, I don’t recommend the service Equifax offered for “free” after they announced their breach. That was a public relations disaster of epic proportions and another topic for another day.

For today, my advice is what is often is: stay aware, be vigilant.  Keep on top of your credit accounts, bank accounts, loans, anything you have out there.  And look out for new lines you didn’t open. That includes your kids’ credit too.

These are tough times and the bad guys seem often to remain one step ahead of us when it comes to trying to take our good name, credit and money for their own nefarious purposes.  But be your own cyber warrior and be tough and aware.  Your best defense is always knowledge.

 

 

0

Checklist for back-to-school device security

Here in the Cyber Savvy household, we are eagerly anticipating the arrival of the first day of school. Only a few weeks away, the Cyber Savvy kids are looking forward to meeting their new teachers, reuniting with old friends and, of course, loading up on all that back-to-school gear we buy each year.

As students get older, school supplies often mean devices; laptops, tablets and other technology.  The team at Malwarebytes have put together this checklist of tips to help you keep your crew safe as they return to school this season.

  • Watch out for too-good-to-be-true software and device sales. Is that Facebook ad really promising a brand-new Mac laptop for $200 if you just click here and fill out your personal info? Think hard before you jump on a back-to-school online ad that seems fiendishly cheap. It could be adware, it could be a scam, or it could lead you to a malicious page that will later infect your own computer.
  • Ensure that they have security software and tools installed on their new device. Antivirus with anti-phishing features, firewalls, script blockers, ad blockers, password managers, anti-theft apps, anti-malware and ransomware—you name it. Cyberattacks can come from all sides these days, so it pays to have at least one of each of these software programs and/or extensions installed on their computer, phone, or tablet. And if you think your child’s Mac is bulletproof from these attacks, think again.
  • Stress the importance of physical security, too. Physically securing devices is just as important as securing the data inside of them. We’re not just talking about using a padded bag for laptops, or shock-absorbent cases and shatterproof screen covers for phones and tablets. We’re talking about locking cables and USB port blockers, actual things that thwart theft and unauthorized access, respectively, while they’re in school.
  • Instill in them the habit of locking computers when they have to move away from them for a while. Locking screens is another way to prevent others from, say, flipping your child’s screen upside down, snooping around, and looking at files they shouldn’t be looking at. Beware the “hacked” social media posts that reveal false, embarrassing information about their users!
  • Disable the autorun functionality of their OS. As you may know, malware can be stored in and transported via USB sticks. If your child’s computer automatically runs what’s inside it once slotted into the machine’s port, then this is a real problem. Thankfully, there are a number of ways one can disable autorun. For Windows users, Microsoft has dedicated a page just for that.
  • Introduce them to multi-factor authentication (MFA). The most common and widely used MFA is two-factor authentication (2FA). In order for them to know and understand what it is, you might show them how it works using your own phone and computer. That way, if they are asked to sign up for online programs that store their data at school, they can raise their hand and ask if the program has MFA. By educating your child on this security procedure, he or she can educate the school in turn.
  • Discourage rooting/jailbreaking. If your child is old enough to figure out how to root or jailbreak a device, chances are they’ll probably be tempted to do this. Jailbreaking opens devices to custom modifications and the unrestricted download and use of apps from third-party sources. These can be quite handy if your child wants one that cannot be found in the official app store. However, jailbreaking and rooting increases the success rate of a hacking attempt, as these overwrite the device’s inherent security settings, making devices more vulnerable and susceptible to threats.
  • Update game console firmware. All work and no play makes Jack a dull boy. Isn’t your little gamer glad that back-to-school gadgets are not limited to calculators, headphones, and keyboards? Gaming consoles are becoming more like computers as they evolve. Although it’s rare for them to catch malware (at least for the time being), there are still ways hackers can circumvent their security to perform other malicious acts, such as gaining access to gaming accounts. So for now, update the gaming console’s firmware—and do this on a regular basis—before handing it to your child.

Find more back-to-school tips from Malwarebytes in their blog post on the topic.

0

New Snapchat feature shares user location. Is that OK for privacy and security?

Snapchat has a new feature that allows users to see where their friends are posting from. But this new location sharing feature has some concerned about privacy, and broader implications like stalking and bullying.  The good news is you can disable it. Check out these stories for more information on how to do that:

https://nakedsecurity.sophos.com/2017/06/26/snapchat-starts-sharing-your-and-your-kids-location-turn-it-off/

http://www.13newsnow.com/news/heres-how-to-turn-off-snapchats-new-location-sharing-feature/451725172Unknown-2

0

Blog at WordPress.com.

Up ↑