#FactCheck - Old Japanese Earthquake Footage Falsely Linked to Tibet

Today, let us talk about one of the key features of our digital lives – security. The safer their online habits are, the safer their data and devices will be. A branded security will make their devices and Internet connections secure, but their carelessness or ignorance can make them targets for cybercrimes. On the other hand, they can themselves unwittingly get involved in dubious activities online. With children being very smart about passwords and browsing history clearing, parents are often left in the dark about their digital lives.

Fret not, parental controls are there at your service. These are digital tools often included with your OS or security software package, which helps you to remotely monitor and control your child’s online activities.

Where Can I find them?

Many devices come with pre-installed PC tools that you have to set up and run. Go to Settings-> Parental controls or Screentime and proceed from there. As I mentioned, they are also offered as a part of your comprehensive security software package.

Why and How to Use Parental Controls

Parental controls help monitor and limit your children's smartphone usage, ensuring they access only age-appropriate content. If your child is a minor, use of this tool is recommended, with the full knowledge of your child/ren. Let them know that just as you supervise them in public places for their safety, and guide them on rights and wrongs, you will use the tool to monitor and mentor them online, for their safety. Emphasize that you love them and trust them but are concerned about the various dubious and fake characters online as well as unsafe websites and only intend to supervise them. As they grow older and display greater responsibility and maturity levels, you may slowly reduce the levels of monitoring. This will help build a relationship of mutual trust and respect.

Step 1: Enable Parental Controls

• iOS: If your child has an iPhone, to set up the controls, go to Settings, select Screen Time, then select Content & Privacy Restrictions.
• Android: If the child has an Android phone, you can use the Google Family Link to manage apps, set screen time limits, and track device usage.
• Third-party apps: Consider security tools like McAfee, Kaspersky, Bark, Qustodio, or Norton Family for advanced features.

Check out what some of the security software apps have on offer:

‍

‍

If you prefer Norton, here are the details:

‍

McAfee Parental Controls suite offers the following features:

McAfee also outlines why Parental Controls matter:

‍

Lastly, let us take a look at what Quick Heal has on offer:

‍

STEP 2: Set up Admin Login

Needless to say, a parent should be the admin login, and it is a wise idea to set up a strong and unique password. You do not want your kids to outsmart you and change their accessibility settings, do you? Remember to create a password you will remember, for children are clever and will soon discover where you have jotted it down. 

STEP 3: Create Individual accounts for all users of the device

Let us say two minor kids, a grandparent and you, will be using the device. You will have to create separate accounts for each user. You can allow the children to choose their own passwords, it will give them a sense of privacy. The children or you may (or may not) need to help any Seniors set up their accounts.

Done? Good. Now let us proceed to the next step.

STEP 4: Set up access permissions by age

Let us first get grandparents and other seniors out of the way by giving them full access. when you enter their ages; your device will identify them as adults and guide you accordingly. 

Now for each child, follow the instructions to set up filters and blocks. This will again vary with age – more filters for the younger ones, while you can remove controls gradually as they grow older, and hence more mature and responsible. Set up screen Time (daily and weekends), game filtering and playtime, content filtering and blocking by words (e.g. block websites that contain violence/sex/abuse). Ask for activity reports on your device so that you can monitor them remotely This will help you to receive alerts if children connect with strangers or get involved in abusive actions.

Save the data and it has done! Simple, wasn’t it?

Additional Security

For further security, you may want to set up parental controls on the Home Wi-Fi Router, Gaming devices, and online streaming services you subscribe to.

Follow the same steps. Select settings, Admin sign-in, and find out what controls or screen time protection they offer. Choose the ones you wish to activate, especially for the time when adults are not at home.

Conclusion

Congratulations. You have successfully secured your child’s digital space and sanitized it. Discuss unsafe practices as a family, and make any digital rule breaches and irresponsible actions, or concerns, learning points for them. Let their takeaway be that parents will monitor and mentor them, but they too have to take ownership of their actions.

‍

Introduction 

As various technological developments enable our phones to take on a greater role, these devices, along with the applications they host, also become susceptible to greater risks. Recently, Zimperium, a tech company that provides security services for mobiles and applications from threats like malware, phishing, etc., has announced its identification of a malware that is targeted toward stealing information from Indian Banks. The Indian Express reports that data from over 25 million devices has been exfiltrated, making it increasingly dangerous, just going by the it has affected so far.

Understanding the Threat: The Case of FatBoyPanel 

A malware is a malicious software that is a file or a program, intentionally harmful to a network, server, computer, and other devices. It is also of various types; however, in the context of the aforementioned case, it is a Trojan horse i.e., a file/program designed to trick the victim into assuming it to be a legitimate software program that is trying to gain access. They are able to execute malicious functions on a device as soon as they are activated post-installation. 

The FatBoyPanel, as it is called, is a malware management system that carried out a massive cyberattack, targeting Indian mobile users and their bank details. Their modus operandi included the process of social engineering, wherein attackers posed as bank officials who called their target and warned them that if no immediate action was taken to update their bank details, their account would be suspended immediately. On panicking and asking for instructions, they were told to download a banking application from the link sent in the form of an Android Package Kit (APK) file (that requires one to enable “Install from Unknown Sources” ) and install it. Various versions of similar incidents were acted on by other attackers, all to trick the target into downloading the file sent. The apps sent through the links are fake, and once installed, they immediately ask for critical permissions such as access to contacts, device storage, overlay permissions (to show fake login pages over real apps), and access to SMS messages (to steal OTPs and banking alerts). This aids in capturing text messages (especially OTPs related to banks), read stored files, monitor app usage, etc. This data is stolen and then sent to the FatBoyPanel backend, where hackers are able to see real-time data on their dashboard, which they can further download and sell.  FatBoyPanel is a C&C (command and control) server that acts as a centralised control room.

Protecting Yourself: Essential Precautions in the Digital Realm 

Although there are various other types of malware, how one must deal with them remains the same. Following are a few instructions that one can practice in order to stay safe:

• Be cautious with app downloads: Only download apps from official app stores (Google Play Store, Apple App Store). Even then, check the developer's reputation, app permissions, and user reviews before installing.
• Keep your operating system and apps updated: Updates often include security patches that protect against known vulnerabilities.
• Be wary of suspicious links and attachments: Avoid clicking on links or opening attachments in unsolicited emails, SMS messages, or social media posts. Verify the sender's authenticity before interacting.
• Enable multi-factor authentication (MFA) wherever possible: While malware like FatBoyPanel can sometimes bypass OTP-based MFA, it still adds an extra layer of security against many other threats. 
• Use strong and unique passwords: Employ a combination of uppercase and lowercase letters, numbers, and symbols for all your online accounts. Avoid reusing passwords across different platforms.
• Install and maintain a reputable mobile security app: These apps can help detect and remove malware, as well as warn you about malicious websites and links (Bitdefender, etc.)
• Regularly review app permissions and give access judiciously: Check what permissions your installed apps have and revoke any that seem unnecessary or excessive. 
• Educate yourself and stay informed: Keep up-to-date with the latest cybersecurity threats and best practices.

Conclusion 

The emergence of malware management systems indicates just how sophisticated the attackers have become over the years. Vigilance at the level of the general public is recommended, but so are increasing efforts in awareness regarding such methods of crime, as people continue to remain vulnerable in aspects related to cybersecurity. Sensitive information at stake, we must take steps to sensitise and better prepare the public to deal with the growing landscape of the digital world.

References

• https://zimperium.com/blog/mobile-indian-cyber-heist-fatboypanel-and-his-massive-data-breach
• https://indianexpress.com/article/technology/tech-news-technology/fatboypanel-new-malware-targeting-indian-users-what-is-it-9965305/ 
• https://www.techtarget.com/searchsecurity/definition/malware 

‍

Introduction

‍

Meta has announced that E2EE in Instagram direct messages is ending entirely. Every day, billions of people send messages they consider private. A medical update to a family member. A photograph meant for one person. A conversation they would never have in public. For years, end-to-end encryption (E2EE) was the technology that made that privacy possible: the digital equivalent of a sealed envelope that only the sender and receiver could open. After May 8, 2026, this will change. 

‍

Understanding the Adoption Gap

‍

Meta pointed to low user adoption as the reason for this change. Few people were using encrypted messaging on Instagram, the company said, so the feature was not worth keeping. That explanation raises some questions. Encryption was never switched on by default. Users had to find it and turn it on themselves. It was not advertised. And it was only available in certain regions to begin with, something Meta noted on its own Help Centre page. Features that require users to actively seek them out tend to get used far less than those that simply work from the start. WhatsApp demonstrates this clearly; encryption has been on by default since 2016, for every user, with no action required. Back in 2019, Mark Zuckerberg spoke publicly about building privacy into Meta’s messaging platforms as a core direction for the company.  The current decision shows a different vision for the company.

‍

The Commercial Dimension

‍

Encrypted message content is not accessible for advertising purposes by design. In December 2025, Meta updated its privacy policy to allow interactions with its Meta AI assistant to inform personalized advertising recommendations across its platforms. With encryption removed from Instagram direct messages, the content of those conversations enters a data environment that already serves Meta’s advertising systems. Meta has not made a direct public statement connecting these two decisions, but technology analysts and privacy researchers have noted the commercial implications of making previously inaccessible message content available within that ecosystem.

‍

What This Means for Users

‍

From May 8, 2026, the content of Instagram direct messages will be accessible to Meta’s systems. This includes messages relating to personal matters that users may have previously sent under the assumption of encryption. A related concern is the question of data security. Unencrypted message content stored on platform servers creates a larger surface area of sensitive information that could be exposed in the event of a security breach. As platforms collect and retain greater volumes of personal data, the potential consequences of unauthorised access grow correspondingly. 

But, there is an argument on the other side. Law enforcement agencies and child safety organisations have long maintained that end-to-end encryption limits their ability to detect and act on harmful content. Removing encryption does make certain forms of platform-level content moderation technically feasible where they were not before.

‍

India’s Supreme Court: The Warning Nobody Heeded

‍

India’s Supreme Court said it plainly when hearing the case against Meta’s 2021 WhatsApp privacy policy, which forced hundreds of millions of users to accept data sharing with Facebook or lose access entirely. Chief Justice Surya Kant called it “a decent way of committing theft of private information” and asked how ordinary people could meaningfully consent to policies written in language they cannot understand. He made it human with one line: “A poor woman selling fruits on the streets — will she understand the terms of your policy?” The court ordered Meta not to share a single word of user data until the case is resolved. When Meta’s lawyers argued that encryption protects users anyway, the bench pushed back: encryption protects message content, not the metadata surrounding it. Who you talk to, how often, at what time, from where: all of it is still harvested. The Competition Commission’s own advocate summarised the entire arrangement in four words: “We are the products.”

‍

WhatsApp: A Question Worth Asking

‍

Instagram, Messenger, and WhatsApp are three products inside one ecosystem, owned by Meta, serving one business model. Instagram’s encryption is already gone. Is WhatsApp next in line ?

WhatsApp has over 850 million monthly active users in India alone. People do not use it for entertainment, it is how families talk, how businesses run, how essential daily communication happens. It is infrastructure, not an app. Meta acquired it in 2014 promising no ads, no data exploitation. By 2021 that promise was already bending. By 2025 ads appeared in the Status section. Both original co-founders had long since left the company over exactly these concerns. Instagram’s encryption survived until it conflicted with revenue and regulation. WhatsApp’s encryption exists today under the same ownership, the same business model, and the same tightening global regulatory pressure. That is not a reason to panic. It is a reason to pay attention.

‍

Conclusion

‍

Encryption is not permanent. It is a design choice, and like any design choice, it can be undone when priorities shift. After May 8, 2026, Instagram direct messages will no longer be protected the way they once were. For most users, this change will pass unnoticed. But the data those conversations contain will now be accessible in ways it previously was not. What platforms do with user data is rarely announced loudly. Paying attention to the quiet changes matters.

‍

References 

‍

1. https://help.instagram.com/491565145294150
2. https://www.theguardian.com/technology/2026/mar/18/instagram-to-remove-end-to-end-encryption-for-private-messages-in-may
3. https://www.androidpolice.com/why-meta-is-getting-rid-of-e2ee/
4. https://digitalpolicyalert.org/change/13307
5. https://www.skadden.com/insights/publications/2025/06/take-it-down-act
6. https://timesofindia.indiatimes.com/india/you-cant-play-with-right-of-privacy-of-citizens-scs-big-warning-to-whatsapp-meta-over-take-it-or-leave-it-policy/articleshow/127878524.cms#
7. https://proton.me/blog/instagram-end-to-end-encryption
8. https://www.forbes.com/sites/parmyolson/2018/09/26/exclusive-whatsapp-cofounder-brian-acton-gives-the-inside-story-on-deletefacebook-and-why-he-left-850-million-behind/

‍