We no longer support this browser. Using a supported browser will provide a better experience.

Please update your browser.

Close browser message

Wealth Planning

Are your teens’ social media posts a family security risk?

Keep your family safe by helping them understand what’s at stake.


Statistics confirm what we all can readily observe: Children and young adults today live their lives with mobile devices in their hands. Notably, people aged 16 to 29 spend three hours a day on social networking platforms—the most of any age group, and roughly twice the amount of time spent by adults between the ages of 45 and 54.1

Given this almost constant access to the internet and social media, it can be hard for teens to resist sharing family news with friends. Unfortunately, in the wrong hands, information about an upcoming vacation or family gathering, a new home or other major purchase, etc., can put your family’s financial resources, privacy and/or physical security at risk.

Yet, trying to impose guidelines or limits on a young adult’s online activities more often leads to frustration—for parents and their children alike!—rather than to improved security.

Instead of lecturing, try providing your teenagers with a meaningful context for your concerns. Clients who take the time to fully explain the potential risks of posting personal information online report their children are more ready and willing to limit what they reveal online.

These two real life examples can help you illustrate your concerns:

 

Vacation plans go awry

Planning a vacation for themselves and their three teenage children, Miranda and Dan decided to charter a jet and fly the family directly to a long overdue beach vacation rather than struggle through multiple connecting flights during a pandemic.  

So when the charter jet company emailed a bill for the membership and the details for the upcoming trip, Miranda and Dan readily sent the $100,000 payment.

What the family didn’t know was that the private jet company’s email system had already been hacked, giving cybercriminals direct access to the firm’s client list, which included many wealthy individuals and families. The criminals then researched the names on the client list—focusing on the social media accounts of those clients’ children—for information about upcoming trips.

Sure enough, this family’s teenagers had shared the upcoming vacation details on social media, including their destination and planned activities. This provided enough details for the cybercriminals to craft a personalized email to the parents that appeared credible.

What they should have done

Before paying that bill, Miranda or Dan should have contacted the jet company by phone (i.e., not by replying to the email they received) to verify that both the payment request and the account number were legitimate. Further, the parents should have reminded their teenagers not to post information about the family’s upcoming plans. In this case, a single post became a cyber-safety lapse that left the family vulnerable to the cybercriminals’ scam. Indeed, children of all ages should be reminded not to post on social media their/the family’s intended travel plans or provide location updates during the trip. 

 

A business is made vulnerable

Seeing himself as a social media influencer in training, 14-year-old Ben posted—and boasted—online about an upcoming trip with his grandfather. “Off to Paris for two weeks! See ya!,” he told his social media friends, sharing pictures of the plane, his grandfather and key details of their itinerary.    

What Ben didn’t know was that cybercriminals had been monitoring his social media accounts as well as those of various other family members. With the information Ben unwittingly provided, fraudsters were able to launch a successful social engineering campaign aimed at the grandfather’s business, using phishing or vishing to facilitate a false wire transfer—eventually costing the firm thousands of dollars during the two weeks Ben and his grandfather were on vacation.

What they should have done

First and foremost, Ben should have been made to understand that sharing personal information online poses potential risks for his entire family. Additionally, the grandfather should have trained his office staff to recognize the warning signs of phishing attempts, including: poor grammar and spelling, urgent language, hyperlinks or attachments, fake logos, a vague email address and missing/vague contact information. Further, the office team should have been instructed not to assume that all incoming requests are genuine, even if the requester has plenty of information about the business or owner. Before making payments, the accounting team should have confirmed the legitimacy of the request via an alternate, verified method. 

 

Involve teens in your family’s cyber defenses

Given the amount of time children spend each day on social media, online games and other internet sites, it’s critical for them to understand how their words and actions can have inadvertent, and serious, consequences. In addition to those noted above, here are some protective steps to take:

Cultivate your teens’ cybersecurity awareness

Start talking to your children at an early age about online safety precautions, computer security and the family’s need for privacy—the same way you talk to them about other dangers they might encounter in their daily lives: 

  • Deepen the conversation about the risks and potential consequences as your children mature.
  • Explain how cybercriminals cast a wide net to gather information about an individual or family, steadily adding to the overall picture and enhancing the odds of a cyberattack (or home break-in) being successful.
  • Point out that cybercriminals/hackers often pose as representatives of legitimate organizations (schools, banks, charities) or businesses (retailers, vendors, contractors). Moreover, these scammers use email, phone calls, texts and social media to persuade their targets to provide sensitive data/information, such as passwords and account numbers. To defend themselves, your children should use strong passwords and system controls. However, their best protection is exercising an abundance of caution.

Emphasize the importance of the family’s privacy and security

Talk about the danger inherent in your children revealing upcoming vacation plans/family gatherings, checking into locations online, or posting real-time photos of themselves/others regardless of where they are.

Encourage all family members to:

  • Create strong and complex passwords, change them frequently and never share them.
  • Update operating systems and anti-virus software on computers and mobile devices to the latest versions, as soon as they become available.
  • Advise caution when clicking on links or attachments sent to them in emails: Mobile device users are more likely to click on phishing emails and embedded links. 
  • Encrypt sensitive information, such as account numbers, tax information and other personal information, before emailing it.
  • Confirm the identity of a requester via an alternate, verified method, and check the email address: Scammers often use spoofed email addresses to send what seem to be legitimate requests.

Helping your children fully understand the need for being cautious on social media—and on the internet more broadly—will help them become active members of your family’s cyber and security defense team.

 

1.Social media demographics to inform your brand’s strategy in 2021”; by Brent Barnhart; Sprout Social; March 9, 2021

 

IMPORTANT INFORMATION

KEY RISKS

This material is for informational purposes only, and may inform you of certain products and services offered by J.P. Morgan’s wealth management businesses, part of JPMorgan Chase & Co. (“JPM”). Products and services described, as well as associated fees, charges and interest rates, are subject to change in accordance with the applicable account agreements and may differ among geographic locations. Not all products and services are offered at all locations. If you are a person with a disability and need additional support accessing this material, please contact your J.P. Morgan team or email us at accessibility.support@jpmorgan.com for assistance. Please read all Important Information.



Check the background of Our Firm and Investment Professionals on FINRA's BrokerCheck

To learn more about J. P. Morgan’s investment business, including our accounts, products and services, as well as our relationship with you, please review our  J.P. Morgan Securities LLC Form CRS and  Guide to Investment Services and Brokerage Products.

This website is for informational purposes only, and not an offer, recommendation or solicitation of any product, strategy service or transaction. Any views, strategies or products discussed on this site may not be appropriate or suitable for all individuals and are subject to risks. Prior to making any investment or financial decisions, an investor should seek individualized advice from a personal financial, legal, tax and other professional advisors that take into account all of the particular facts and circumstances of an investor's own situation. 

This website provides information about the brokerage and investment advisory services provided by J.P. Morgan Securities LLC (“JPMS”). When JPMS acts as a broker-dealer, a client's relationship with us and our duties to the client will be different in some important ways than a client's relationship with us and our duties to the client when we are acting as an investment advisor. A client should carefully read the agreements and disclosures received (including our Form ADV disclosure brochure, if and when applicable) in connection with our provision of services for important information about the capacity in which we will be acting.

INVESTMENT AND INSURANCE PRODUCTS ARE: • NOT FDIC INSURED • NOT INSURED BY ANY FEDERAL GOVERNMENT AGENCY • NOT A DEPOSIT OR OTHER OBLIGATION OF, OR GUARANTEED BY, JPMORGAN CHASE BANK, N.A. OR ANY OF ITS AFFILIATES • SUBJECT TO INVESTMENT RISKS, INCLUDING POSSIBLE LOSS OF THE PRINCIPAL AMOUNT INVESTED

Equal Housing Opportunity logo

J.P. Morgan Wealth Management is a business of JPMorgan Chase & Co., which offers investment products and services through J.P. Morgan Securities LLC (JPMS), a registered broker-dealer and investment advisor, member FINRA and SIPC. Annuities are made available through Chase Insurance Agency, Inc. (CIA), a licensed insurance agency, doing business as Chase Insurance Agency Services, Inc. in Florida. Certain custody and other services are provided by JPMorgan Chase Bank, N.A. (JPMCB). JPMS, CIA and JPMCB are affiliated companies under the common control of JPMorgan Chase & Co. Products not available in all states.

Please read additional Important Information in conjunction with these pages.