sharenting
·

Why sharenting is a cybersecurity vulnerability

ByMateusz Karpacz

An information overload, incessant scrolling, and the sharing of life’s moments on social media have contributed to the rise of sharenting (share + parenting), which has become a daily practise for millions of parents worldwide.

Initially treated as a sociological phenomenon – parents documenting their children’s development, sharing photos from family gatherings or school events – it has replaced the traditional photo albums we once showed only to our closest circle. Today, those private albums are published on social media, making them accessible to everyone. However, we now know that this carries serious consequences from cybersecurity perspective.

What is sharenting and why has it become a problem?

Sharenting is the practise of parents (or guardians) publishing photos, videos, and detailed information about children online. It might be a cute photo from the first day of school, a video from a birthday party, or information about extracurricular activities. The problem is that along with this “innocent” content, precise data ends up on the web: 

  • the child’s full name, 
  • age, 
  • school name and class, 
  • location, 
  • the family’s daily schedule, 
  • details regarding interests and activities. 

To a criminal, this isn’t a touching post; it is a ready-made package of intelligence information. 

Beoynd its harmful impact on the future development of unaware children, it is a phenomenon that introduces another threat vector. Cybersecurity specialists should take it into account.

How sharenting opens the door for cybercriminals?

Modern social engineering attacks increasingly rely on public information, and in the case of sharenting, information that is particularly emotional. Seemingly minor details allow attackers to: 

  • build victim profiles (of both the child and parents), 
  • predict daily habits, 
  • create phishing screnarios, that strike directly at emotions. 

Example?                                                                                                                                                „Your daughter had an accident and is in the hospital. Please contact us urgently…” 

Such a message, reinforced with authentic data (e.g., the child’s name, school name, or the fact that there was a school trip today), is much harder to ignore. Does it sound drastic? That is exatly how these messages are meant to be – precise, emotionally hitting, and based on real data. When children are involved, event the most aware users can lose their vigilance. After all, “Sophie from 1B” could be the daughter of an IT director, a financial manager, or any other employee. 

Next-Generation Phishing

A few years ago, phishing emails and SMS messages were easy to recognize—language errors, strange sender addresses, poor graphics. Only someone very naive or unaware would fall for them.

Today, cybercriminals have at their disposal:

  • Artificial Intelligence, which generates perfectly written messages. 
  • Automated OSINT tools to collect data from social media. 
  • Advanced content personalization based on photos, descriptions, and metadata. 

The result? Attacks as precise as a surgical cut – created with one specific person in mind.

 

Why sharenting in not just a "parental problem"?

Sharenting is not just a private matter. After all, we publish this content by choice – to everyone (regardless of who is on the other side). If a high-level executive or a specialist in a critical department of your company shares too much information about their family, their loved ones can serve as an attack vector.

Security policies often forget to include: 

  • education regarding the family’s digital footprint, 
  • incorporating the topic of sharenting into phishing and social engineering training, 
  • risk analysis related to the public presence of employees’ relatives. 

How to mitigate the risks associated with sharenting?

  1. Think before every post – before uploading a photo, ask yourself if it reveals location data or information that could be exploited.

  2. Disable geolocation in your camera and social media apps.

  3. Use privacy settings – restrict content visibility to trusted people only.

  4. Send content directly – use encrypted messengers (Signal, WhatsApp, Messenger).

  5. Workplace education – include the issue of sharenting in cybersecurity training and informal office discussions.

You don't have to take our word for it

Research conducted by Edith Cowan University in Australia clearly shows: From the moment a pregnancy is announced and ultrasound photos are published, children gain a digital identity. This makes them potential targets for cyber threats. Scientists speak of the risk of so-called digital kidnapping, which involves the theft of a child’s image and its use by third parties (New York Post). This is not a hypothesis, but real cases of data theft and identity fraud already reported even among infants.

Sharenting carries a real risk of identity theft and deepfakes, as discussed in an article by ABC News.

Criminals are increasingly hunting for data from the private lives of staff and their families to more effectively conduct spear-phishing, vishing, and account takeovers. This often serves as a “gateway” to major incidents. For example:

  • Corporate Compliance Insights describes how attackers target the homes and families of board members, building a “human chain” of compromise leading to corporate accounts (profiling through social media, including content about children, schools, and schedules).

Looking to enhance your cybersecurity?

Contact us!

Leave your details – we’ll call you back

Our specialist will get back to you no later than the next business day. You don’t have to fill in the message field, but a brief note about the topic you’re interested in will be a valuable hint for us.

Linkedin Facebook

Powiązane wpisy