Just in time for National Cybersecurity Awareness Month, the Identity Theft Resource Center in conjunction with CyberScout has released a survey entitled “Social Media Habits and You.” The survey focuses on how parents and guardians monitor their kids’ online behavior, with a focus on issues like cyber hygiene.

So what exactly is cyber hygiene?

You teach your kids how to practice basic hygiene. This is that—but online. Because today’s children are digital natives, increasingly starting their online journeys while still in the cradle, sometimes the details of good cyber hygiene get lost in a haze of assumptions made by non-natives in the digital world.

Identity theft claims 16.7 million victims a year. More than 1 million children—or 1.48 percent of minors—were victims of identity theft or fraud in 2017. Two-third of those victims were age 7 or younger.

The way kids “get got” varies—it could be a phishing email that delivers a payload of malware or a smishing scam (the text-sent version of the same thing), it could be a clever scam artist tricking his or her target into sharing personal information later used to commit various kinds of fraud—but the one thing most scams rely on is a lack of knowledge. Couple that with a lack of attention—something that is a “local feature” of today’s young digital natives—and fraud is not a possibility, it’s a probability.

Cyber hygiene can be many things, but the key is making sure you’re doing everything you can to stay safe from the dangers that lurk “out there.”

The basics are increasingly well known, but worth reviewing with your children.

1. Only download platform-approved apps on your devices. Non-approved apps can get you in a world of trouble, since they may steal your information while providing entertainment.
2. Coach your kids on the dangers associated with posting information on social media. Talk about the strangers who may be lurking and check their privacy settings. It’s also a good idea to insist that you be allowed to “follow” or “friend” them, so you can monitor their online activity. But bear in mind you may also want to talk to them about any “secret” accounts that they use.
3. Always look for “https” in the URL of the websites you visit. You can also look for the green padlock (plus sometimes the name of the company or organization name also displayed in green), which means this website is using an Extended Validation (EV) certificate.
4. Use a password manager or, at the very least, long and strong passwords that include uppercase characters, symbols ($, !, %) and numbers. Many kids, unsupervised, will choose easy to remember passwords that include personally identifiable information (such as birthdays).
5. Careful what you click. If you receive an unexpected email that includes an attachment, it could be malware. Coach your kids to always double check URLs for misspellings, and email addresses. Remember that e-greeting cards are also a popular method that scammers use to trick people into clicking bad links.

But let’s say you do everything right. Sadly, you’re still not safe, and unfortunately neither are your kids. In fact, your kids have an even trickier problem. Identity thieves like to use the identities of children because they are unused, and often remain unmonitored. That gives the scammer a long runway for committing fraud before the crimes are discovered. Thankfully, there is an easy solution for a major source of fraud (new account creation): Credit freezes.

All three major credit bureaus are now required to offer free credit freezes to all Americans and their dependents. A credit freeze is without a doubt the best way to prevent identity theft in your child’s name, and now that it is fee-free, there can be no reason not to put one in place. Information moves online in circuitous ways, and even the best cyber hygiene cannot protect your loved ones from a data compromise.

Tell your kids to be careful what they post and freeze their credit because identity theft isn’t always avoidable.

Content provided by Adam Levin and CyberScout.

Adam Levin is chairman and co-founder of CyberScout.