Students are the targets of many kinds of cybercrime, including scholarship scams, doxxing, phishing, identity theft, and more.
For your online security, we recommend the following steps:
- Don’t post or share personal information online, especially not to strangers or people you don’t trust.
- Secure your social media accounts with the right settings.
- Use strong passwords to avoid brute force attacks.
- Enable two-factor authentication to mitigate the risk of a breach.
- Always update your software as soon as possible.
- Avoid public Wi-Fi (even school Wi-Fi!) as much as possible, or use it safely.
- Use a VPN when torrenting.
- Run email attachments through an antivirus software.
- Be aware of revenge porn and sextortion.
- Never leave your devices unattended.
- Keep backups of your important files.
- Report cybercrime and other forms of abuse.
Make sure to get Surfshark to hide your IP address from would-be hackers and keep your online activity private from school Wi-Fi administrators.
Surfshark is noted for its affordable subscription fee and offers a 30-day money-back guarantee so you can test the service for free.
Surfshark
In the rest of the article, we’ll detail the risks you can be exposed to online, as well as the best internet safety tips for students.
As remote learning gains popularity, so do the privacy and security risks students face on a daily basis. It’s as important as ever to keep these cyber security tips in mind when browsing the internet.
Cybercrime has been on the rise since the pandemic, with the US seeing up to $10.3 billion in total potential losses in 2022. The FBI reported extortion, data breaches, and phishing as some of the top kinds of cybercrime in the US.
Unfortunately, students are not exempt from cybercrime. Using your school Wi-Fi can carry security risks to your sensitive data. And even if you study from home, you can still be exposed to doxxing, phishing attempts, identity theft, and internet scams directed at students.
In this article, we discuss what cyber security threats students face and what the best internet safety tips are.
Our Top 12 Online Safety Tips for Students
Students face many privacy and security online threats on a daily basis. We provide a list of cybersecurity tips for students below. Afterward, we’ll discuss all types of cyber attacks, like identity theft, online scams, and doxxing.
1. Don’t post or share personal information online
You should never post sensitive information or personal details in a public forum. Not even your school’s learning software may be completely safe. Universities are prime targets for attacks. In fact, cyber-attacks target UK universities on a weekly basis.
As much as possible, only share confidential information through private messages, and only to people that you know and trust. If possible, use a secure messaging service like Telegram or encrypted email services like Proton Mail, both of which are free to use. These will guarantee a higher degree of security for your messages.
2. Secure your social media accounts
You may be tempted to share Instagram posts with the whole world or post your email address on your Twitter profile. Neither is a good idea. Your social media accounts may be used to doxx you or spam you with phishing emails.
Most social media platforms also have trackers that monitor your activity. Their algorithm then builds a profile of you to sell your data to advertisers. Facebook is especially notorious for this kind of activity, and it’s paid fines in the past for mishandling user data.
To keep yourself safe, we recommend the following steps to secure your social media platforms:
- Don’t connect your social media accounts to each other unless absolutely necessary.
- Use unique passwords for each of your social media accounts. We recommend using a password manager like NordPass so your passwords are easier to track.
- Configure your security settings so your posts are visible to friends only. We have thorough step-by-step guides on how to optimize your security settings for the following social media websites: Facebook, Twitter, Instagram, YouTube, LinkedIn, and Reddit.
3. Use strong passwords for enhanced internet safety
Do you know what the most commonly-used password is? According to NordPass, it’s actually “password,” followed by “123456,” and “123456789.” You can pat yourself on the back if you don’t use such an obvious password. But even if your credentials are more complex, you’re not guaranteed internet safety.
There are a lot of ways to brute force passwords, especially short and commonly used ones. That’s why you should aim to use long, unique, and complicated passwords.
But more importantly, you shouldn’t use the same password for every account you have. This way, even if one of your accounts gets breached, the rest of your internet safety is not in danger.
And yes, doing this manually for all your passwords can be tiring. We recommend you invest in a good password manager instead. Our go-to recommendation is NordPass. NordPass stores your passwords securely and generates unique, complex passwords for you.
4. Use two-factor authentication
Two-factor authentication (2FA) or multi-factor authentication (MFA) adds a layer of security to your accounts. When you have 2FA enabled, an app or website will prompt you to verify your identity before you can perform activities such as logging in or making changes to your account.
This verification can be done in several ways. Some apps or websites ask you to use an authenticator app, while others will send a one-time-use code to mobile devices or email addresses.
2FA is essential as it prevents hackers from easily getting into your account. Even if they crack your password, they will first need to verify their identity before they gain access to your account.
5. Always keep your software up-to-date
We know it’s annoying to get a software update pop-up while you’re trying to scroll through TikTok. And it’s natural to just hit “Update Later” so you can go about your day.
However, software updates don’t just bring a fresh look to your phone, or your favorite apps. They have crucial updates that fix newly-found vulnerabilities and guarantee internet safety. And that’s especially true for updates to mobile operating systems.
So every time you decide to “Update Later,” you’re exposing your devices to potential cybercriminals that can use unpatched vulnerabilities to hack you. Updating your software in the middle of watching a YouTube video may be annoying, but it’s the smartest choice for your internet safety.
6. Use public Wi-Fi carefully
Public Wi-Fi networks are easy to hack and can be taken advantage of to collect your personal information. Hackers use unprotected public Wi-Fi networks to spread malware.
As much as possible, you should avoid connecting to public Wi-Fi, even if it’s your school’s network or a place where you’re surrounded by other students, such as libraries and coffee shops.
If you don’t have a choice but to use public Wi-Fi, we recommend you use a virtual private network (VPN) to encrypt your IP address and hide your online activity. VPNs not only prevent hackers from infecting you with malware, but they also keep your browsing and download history private.
Surfshark is one of our top-ranking VPNs, offering air-tight security while also being affordable. Read our full Surfshark review, or learn more about it through the link below.
- Very user-friendly and works with Netflix and torrents
- 30-day money-back guarantee. No questions asked!
- Cheap with many extra options
If you’re on a tight budget and can’t afford a VPN subscription, you can read our guide on how to get 30-day free trials for premium VPNs like Surfshark. You can also check our top 8 best VPNs for students for other affordable options.
7. Use a VPN when torrenting
For a lot of people, being a student means making due on a limited budget. That’s why many students resort to downloading course material or even entertainment content from unofficial sources.
We always advise against torrenting copyrighted content if it’s not allowed where you live. And even if it’s legal for personal use in your country, we still advise caution.
Downloading from torrent sites can be convenient, but it also exposes you to a lot of cyber risks. You never know if the movie you downloaded is an actual movie or malware in disguise waiting to steal your data.
What’s more, if you use public Wi-Fi to torrent files, be warned that your Wi-Fi administrator can see your activities. We recommend you avoid torrenting on school Wi-Fi if your college or university is against the practice.
To keep your browsing and download activity private, make sure to use a VPN. A VPN will hide your activities from everyone, including your school Wi-Fi admin, your government, and even hackers.
8. Inspect email attachments before downloading them
Email attachments are often used to distribute malware. Especially if you have a “.edu” email domain, you could be targeted with phishing scams, such as when “.edu” email users received fake IRS emails, or infected email attachments parading as term papers, presentations, and other documents.
As such, be careful when downloading email attachments. Always check the email address of the sender. If there are any weird spellings or grammatical errors in the email body, that could also be a sign of a fake email.
And to guarantee your safety, invest in a good antivirus. Ensure that you scan files with your antivirus before opening them so you know the file isn’t infected. There are plenty of free antivirus scanners to choose from, such as our top-ranking free antivirus, Avast.
9. Be wary of revenge porn and sextortion
Sexting is one of the most common forms of flirting today. Although it can be fun and exciting with the right partner, sexting carries significant risks.
Revenge porn occurs when an ex-partner shares your sexually explicit photos, audio files, or videos without your consent. These media can also be used for sextortion, or when you’re blackmailed with your explicit content in exchange for payment or sexual acts.
According to the American Psychological Association, one in 12 Americans will find themselves a victim of revenge porn at least once in their lives. To avoid this, we recommend the following steps:
- Never share intimate photos with people you don’t trust.
- Only store your sexually explicit media in a secure folder, preferably encrypted and password-protected. If you must use cloud storage, only choose end-to-end encrypted services like MEGA, which offers free 20 GB storage.
- Don’t send intimate media through insecure channels that can be hacked or intercepted. Avoid sharing through social media especially, as these websites will store your photos on their servers.
If you become a victim of sextortion or revenge porn, you can report your case to the relevant authorities, such as the US Federal Trade Commission or the UK’s Revenge Porn Hotline.
10. Never leave your laptop and phone unattended
Your personal devices hold all your crucial data. From private messages and pictures to login credentials, they’re all on your laptop and phone. A lost or stolen phone can lead to personal data breaches, and depending on what you have stored, even identity fraud or compromised banking information.
Make sure you never leave your laptop and phone unattended. You might trust the patrons at your local coffee shop or your colleagues at the public library, but you shouldn’t. The risk to physical security is too great.
Besides keeping an eye on your devices in public places, you should also secure them. Make sure access to your devices is protected by a password, PIN, face recognition, or fingerprint ID. This way, even if your phone is misplaced, it will be hard for anyone to access it.
Plus, don’t forget to enable “Find My Services” on your phone, so you can locate it in case it’s lost or stolen.
11. Keep backups of your files
Ransomware attacks can be devastating for students. This kind of malware will encrypt all of your files and put a ransom on the key to get them back.
In most cases, even if you do pay the hacker, you won’t regain access to your files. So in the blink of a second, you lose access to all of your data, your schoolwork, and anything you had on your laptop or phone.
This is why keeping backups of your files is important. This way, no matter what happens to your important files, you can always get them back. And it’s especially important to do this as a student. Imagine working for an entire semester on your final paper just to lose it and have to start from scratch.
If you’re not sure where to start, we have detailed guides on backing up your Windows PC, Mac, iPhone, and a lot of devices with Google One.
12. File reports of violations
The internet may not always be a friendly place, but we can all help make it better.
If we report all the violations we see or experience online, moderation teams can better assess cyber threats and deal with problematic parties. It only takes a few minutes to report spam messages on Discord or cyber bullying in the comments section of TikTok.
And this can extend to the offline medium, as well. Campus officials and even the police can get involved in case your phone gets stolen or if library computers are infected with a keylogger.
What Internet Safety Issues Do Students Face?
Students are vulnerable to some of the most widespread cyber threats today, such as identity theft, data theft, and phishing scams. These can often be a result of accidents (like your laptop getting stolen) or poor internet safety practices (like forgetting to log out of your Facebook account on a library computer).
Not to mention, students are also exposed to online scams like scholarships or tuition fee scams. Here are some of the more common examples of cybercrime faced by students today.
1. Scholarship scams
One of the most widespread internet scams that target students is the scholarship scam. This usually entails a third-party contacting students and asking for a small sum of money in exchange for the guarantee of a scholarship.
The person facilitating this scam usually claims to have an “in” with your university of choice. They may even provide “proof” of their previous successful transactions. Regardless of how it plays out, the ending is the same: you don’t get a scholarship, and you’re out of money.
The U.S. Financial Trade Commission (FTC) provides some information on how to avoid falling for scholarship or financial aid scams. According to the FTC, here are some typical claims made by scholarship scammers:
- “The scholarship is guaranteed, or you get your money back.”
- “I just need your credit card or bank account number to hold this scholarship.”
- “We’ll do all the work. You just pay a processing fee.”
Other signs of a scholarship scam involve getting scholarship offers even if you didn’t apply for one and being asked for unnecessary information. A scholarship application doesn’t require your social security number, bank information, and credit card details.
If you experience or spot a scholarship scam, you can report the incident to reportfraud.ftc.gov.
2. Tuition payment scam
Like most phishing campaigns, tuition payment scams will try to swindle money out of your pocket on a made-up basis.
Most commonly, tuition payment scammers will claim they’re representing the university you’re attending or that you’ve just been accepted into. They’ll often ask you to pay them directly for your tuition.
Others will send you to fake websites to either steal your credit card information or process a payment. In some cases, the scammers will even claim they can offer a discount on tuition fees.
The tell-tale signs of tuition payment scams involve:
- A false sense of urgency about your payment
- Being contacted by someone you’ve never heard of in the application process
- Receiving offers from people to make payments on your behalf
- Grand promises about discounts that were never mentioned during the application process
The safest bet in dealing with this kind of scam is to contact your university directly. They’ll be able to confirm if the person contacting you is a legitimate employee. Also, as an internet safety measure, make sure you never share your personal information with anyone that contacts you this way.
3. Identity theft
Identity theft refers to when a person obtains your personal information, poses as you, and uses your info to get money. Cybercriminals will use your identity to access your bank accounts, apply for credit, or trick your family and friends into giving them money. Some cyber criminals even take your social security number and fabricate fake personas as they conduct illegal activity.
There are plenty of ways for cybercriminals to get your data, such as if your university suffers from a data breach or if you post your personal info on social media. And it’s much more common than you think. According to the FBI, as many as 300,000 Americans are the victim of identity theft each year.
The best ways to guarantee internet safety against identity theft are to be mindful of your online interactions, not share information with strangers online, and secure your online accounts.
4. Phishing attempts
Phishing occurs when you unwittingly provide cybercriminals access to your personal information or bank accounts by clicking on a fake link or going to a fake website.
Phishing links are commonly seen in spam emails, bot DMs on Twitter and Instagram, and Discord private messages from hackers. And phishing attempts are on the rise, accounting for the most costly data breaches in 2022 according to IBM.
In phishing attempts, you’ll often be asked to visit a website and provide your details. For instance, a phishing website could copy the exact layout of PayPal’s sign-in page. These websites then store the information you provide, such as your password and credit card details.
Phishing attempts can look pretty legit. The perpetrators will often fabricate documents to support their claims. For example, if they’re pretending to contact you on behalf of PayPal, they might send a fake PayPal invoice, claiming you’ve just paid thousands of dollars on something and need to contact them for a chargeback. If you ever make the call and share your PayPal login credentials, your funds are in danger.
The best way to protect yourself from phishing attempts is to stay skeptical of anyone contacting you out of the blue. Never provide sensitive information over email, and always double-check the URL of the website you’re visiting.
5. Doxxing
Doxxing occurs when your personal information is posted in public with the intention of embarrassing or harassing you.
This kind of attack is often used against Twitch streamers, YouTubers, and influencers on Twitter, Instagram, and TikTok. However, it can also be used against you by anyone who manages to access your personally identifiable information.
You should be especially careful about these kinds of online threats while playing online games. Don’t share sensitive information with anyone, especially people you just met on Discord or in an online gaming lobby.
Additionally, don’t forget to always use a VPN. All it takes for your IP address to be doxxed is joining the wrong Minecraft server. The owner of a server can see your IP address as soon as you join.
6. Cyberbullying and abuse
Cyberbullying is a real and very dangerous phenomenon online. As many as 46% of students report experiencing cyberbullying at least once in their lifetime, with even higher numbers in the case of LGBTQ students. Cyberbullying has a considerable effect on the psychological and physical well-being of people.
A specific form of abuse online, revenge porn, also has damaging effects on people’s psyches. And although it’s illegal in a lot of countries, as many as 1 in 12 people report being a victim at least once in their lifetime, with the majority of them being women.
In any case of cyberbullying and abuse, it’s important to open up to someone you trust. Talking about your experience can help ease the burden of abuse, and find the best way to move forward. If you feel comfortable doing so, we also recommend filing a report against your abuser. Both the website where it’s taking place and the local authorities, can help you mitigate the impact of such a case.
7. Malware
Malicious software, or malware, comes in many forms. Public computers could be infected with keyloggers, which are silent programs that collect your private information in the background. If you’re not careful and if you don’t use an antivirus scanner, you might end up with an infected device.
Here are some typical kinds of malware you might encounter.
| Type of Malware | Description |
|---|---|
| Adware | Adware shows intrusive ads and changes your browser settings without your consent. |
| Ransomware | Ransomware takes over your computer and encrypts your files so you can’t access them. The hacker then demands a ransom in exchange for the encryption key. |
| Spyware | Spyware spies on you as you use your computer and steals your personal information. |
| Trojan | Trojans masquerade as legitimate software so you download them and give them access to your device. From there, the trojan can download other malware, steal your financial information, or grant remote access to hackers. |
Avoiding malware requires constant vigilance and a trustworthy antivirus program. Practice good cyber hygiene by being careful about what files you download, and keep your device clean by regularly scanning your computer for malware.
Final Thoughts: Cybersecurity for Students
The web can be dangerous for students. From your average adware or phishing campaign to sophisticated social engineering like tuition fee scams, there are a lot of cyber threats lurking out there.
If you read our entire piece, you’re now better equipped to deal with these threats. Stay skeptical online, don’t share your personal information with anyone, and use security-enhancing apps like a VPN or an antivirus.
- Very user-friendly and works with Netflix and torrents
- 30-day money-back guarantee. No questions asked!
- Cheap with many extra options
Additionally, enable two-factor authentication on all your apps, and always update your software as soon as possible. Lastly, don’t be afraid to report cybercrime, as it helps keep the internet a safe place for you and other students on the web.
If you liked our guide on student online safety, check out these other guides:
- Safe Online Dating Tips: 15 Ways to Safeguard Your Privacy
- Internet Safety for Kids: How to Keep Children Safe Online
- Is Discord Safe?: How to Keep Teens Safe on Discord
Cybersecurity is a complicated topic. Our FAQ section below can help. You can also leave a comment, and we’ll get back to you right away.
Like all people, students are exposed to an increasing number of cyber attacks, phishing attempts and other online scams. From identity fraud to doxxing, the web can be a scary place. Plus, students can also fall victim to tuition fee or scholarship scams. That’s why cybersecurity is important for students. To help combat all these, we rounded up the best online security tips for students.
Good cyber safety tips include:
- Don’t share your personal information with anyone.
- Enable all app security features, especially on social media.
- Create strong, long and complicated passwords.
- Enable two-factor authentication on all of your accounts.
- Update software as soon as a new version is available.
- Beware of public Wi-Fi networks.
- Install a VPN before torrenting.
- Double-check email attachments before downloading them.
- Be wary of revenge porn and sextortion.
- Don’t leave your laptop and phone unattended.
- Keep backups of your school files.
- File reports of violations online and offline.
If you want to find out more, we have an entire guide on how to be safe online.
Students are the most vulnerable group to tuition fee and scholarship scams. The best thing they can do is employ skepticism, and only pay their university via official means.
Beyond that, students should employ the same safe browsing tips as anyone else: Don’t share your information at random, beware the links you click, use strong passwords, enable 2FA, update software as soon as possible, and use security enhancing apps like a VPN.
