Audience: Parents, grandparents, caregivers, and educators who want practical, age‑appropriate ways to raise scam‑savvy kids.
Executive Summary (1‑minute read)
- Scams work by pressing five buttons: Authority, Urgency, Scarcity, Liking/Trust, Reciprocity.
- Teach kids one core habit: Pause → Check → Ask before clicking, paying, sharing, or meeting.
- Build family guardrails: a code‑word, a money rule, and “ask‑an‑adult” cues.
- Practise with short role‑plays monthly; repeat after real news events.
- If something slips through: Don’t panic. Capture → Block → Report → Reset.
The Five Universal Scam Patterns (Kid‑friendly labels)
- The Bossy One (Authority): “I’m from the bank/teacher/police.”
- The Hurry‑Up (Urgency): “Act now or lose it!”
- The Only‑One (Scarcity): “Last chance/Only winner.”
- The Bestie (Liking/Trust): “I’m your friend/cousin/influencer.”
- The Freebie (Reciprocity): “We gave you a gift; do this tiny thing.”
Mantra: If it’s bossy, rushy, rare, friendly, or free… it might be a scam.
Family Guardrails (Set these once, repeat often)
1) The Family Code‑Word
- Choose a secret word only close family knows. Use it to verify unexpected calls/messages from “mum/dad/uncle/teacher.”
- Rule: No code‑word, no help.
2) The Money Rule
- “We never pay or share card/OTP passwords without an adult present.”
- Young kids: sticker chart reminder near devices. Teens: lock money apps behind biometrics + 2FA.
3) The Ask‑An‑Adult Triggers
- Any message about money, prizes, punishment, passwords, privacy, or plans to meet = show an adult (SG: or call 1799 to check if unsure).
4) The Pause Tool (Put it on the fridge)
- Pause (10 seconds) → Screenshot → Show an adult (SG: if you can’t reach a parent/caregiver, call the 24/7 ScamShield Helpline 1799 to check).
Age‑Band Playbooks
Ages 6–8 (Early Primary)
Goal: Recognise feelings (pressure, excitement, fear) and ask for help.
- Teach: “Tricky messages” vs “safe messages.”
- Three red flags: It’s bossy, secret, or wants money/passwords.
- Drill (2 minutes): Show a pretend chat: “You won a toy, click fast!” Child practices: Pause → Screenshot → Show.
- House rule: No new apps, friends, or links without a grown‑up.
- Analogue scam practice: Door‑to‑door “salesperson” game—learn to say, “No thanks, I’ll ask my mum/dad.”
Ages 9–12 (Upper Primary)
Goal: Spot patterns; use code‑word; protect simple personal data.
- Teach: The five buttons (Bossy/Hurry‑Up/Only‑One/Bestie/Freebie).
- Drill: “Spot‑the‑scam” cards (below) weekly; rotate scenarios (gaming skins, gift cards, homework links). If unsure and no adult is reachable, call 1799 to check.
- Tech habits: Use Strong passphrase + 2FA on email & school portals; set devices to ask to buy.
- Money rule extension: Never buy gift cards for someone you met online.
Ages 13–15 (Lower Secondary)
Goal: Evaluate sources; defend accounts; resist social pressure.
- Teach: How phishing works; fake websites; imposter friend accounts; romance grooming basics.
- Drill: 15‑minute monthly “Phish Lab”:
- Compare two screenshots: real vs fake login page.
- Identify the URL, design cues, tone (rushy/bossy), and requests (OTP, card, secret).
- Unsure and can’t reach a parent? Call 1799 to check.
- Social layer: Discuss reputation scams (deepfakes, fake screenshots). Rule: Never forward drama without checking the source.
- Finance: Explain bank limits, cooling‑off periods, card locks. Practice freezing a card.
Ages 16–18 (Upper Secondary/JC)
Goal: Independence with safeguards.
- Teach: Job‑offer scams, scholarship scams, marketplace fraud, crypto/NFT hype.
- Drill: “Due‑Diligence in 5 steps” before gigs or buys:
- Search company + “scam/reviews.”
- Verify job domain & LinkedIn staff.
- Reject paid training/equipment up‑front.
- Use escrow/marketplace buyer protection.
- Contract basics: deliverables, pay, refund.
- Privacy: Lock down device, email, cloud; use passkeys where available; keep a password manager.
- Money: Keep spending limits; enable transaction alerts.
Ten Red Flags Kids Can Memorise
- The sender asks to keep it secret.
- They want money now or gift cards.
- They ask for passwords/OTP.
- A link leads to a weird/odd website or a look‑alike domain.
- Unusual request (out-of-character ask, new payment method, sudden switch to a new app).
- Too good (prize, giveaway, free skins).
- Too scary (punishment, account ban).
- Copycat logo/name.
- New friend asks for photos or moves to DMs quickly.
- They refuse a video call or code‑word.
Note on AI‑polished scams: Messages may look perfect now—clean grammar, pro layouts. That doesn’t make them safe. Keep to the core filters: unusual request, out‑of‑band payment (gift cards/crypto), can’t verify identity (code‑word/voice/video), and pressure/urgency.
Ready‑Made Scripts (Parents & Kids)
“Code‑word check”
Kid: “What’s our family code‑word?”
Scammer: “Huh?”
Kid: “No code‑word, no help. Bye.”
“Pause line”
Kid: “I’m taking 10 seconds to think. I’ll ask my mum/dad.”
Parent to teen (money ask)
Parent: “If anyone asks for money or gift cards, screenshot first. We decide together. If you can’t reach me, call 1799 to check.”
Friend‑imposter DM
Teen: “Send me a 10‑sec voice note so I know it’s you.”
Five Micro‑Lessons You Can Run This Week (5–10 minutes each)
- Sticker Phish: Put a fake QR on a cereal box; ask what they’d check before scanning.
- URL Detective: Write two look‑alike domains on paper; circle the real one.
- Emoji Pressure Test: Rate messages 😬 (pressure), 🤩 (too good), 😐 (normal). Discuss why.
- Gift‑Card Trap: Role‑play the “teacher needs Apple gift cards” scam.
- Marketplace Math: Compare a too‑cheap offer vs average price; discuss risk.
Device & Account Setup (Set‑and‑Forget)
- Update devices/apps automatically.
- App stores only; no sideloading for kids.
- Ask‑to‑Buy/Family Sharing on iOS/Android.
- Biometrics + 2FA on email, social, banking.
- Password manager for teens; teach passphrases.
- Disable pop‑ups in browsers; use safe‑search.
- Turn on transaction alerts for cards/banks.
Tip: Do the setup with your child so they learn the why, not just the what.
Aftercare: If Something Goes Wrong
- Pause & Breathe. No shame, no blame.
- Capture: Screenshots, usernames, links.
- Block/Report on the platform.
- Reset: Change passwords; revoke sessions; enable 2FA.
- Call the bank and lock/freeze cards.
- File a report (school, platform, local authority as relevant).
- Debrief: What pattern did it use? What will we do next time?
Script: “Thanks for telling me. You did the brave and right thing. Now we fix it together.”
Teacher’s Corner (Classroom‑friendly)
- 15‑minute Phish Lab once a month (use real‑world examples with student data removed).
- Peer‑teaching: Each group explains one scam pattern with a skit.
- Assessment idea: “Design a scam” worksheet—then the class defends against it.
Spot‑the‑Scam Cards (Print & Cut)
Card A — Gaming Skin Giveaway
“You won a legendary skin! Click this shortened link in the next 60 seconds.”
Red flags: Hurry‑Up, Freebie, Weird Link.
Safe action: Pause → Screenshot → Ask.
Card B — ‘Mum lost her phone’
“Hi it’s Mum on a new number. Please buy $100 gift cards, I’ll pay you back.”
Red flags: Bestie, Money, Gift Cards, New Number.
Safe action: Call Mum’s old number or ask for code‑word.
Card C — School Portal Login
“Reset your password now: sch0ol‑portal.support.”
Red flags: Copycat URL, Bossy, Urgency.
Safe action: Navigate to portal via bookmark; don’t click links.
Card D — Marketplace Deal
“Brand‑new phone, half price, meet now, cash only.”
Red flags: Scarcity, Urgency, Cash‑only.
Safe action: Use buyer protection/escrow or walk away.
Conversation Starters (By Age)
- 6–8: “What do we do if a message makes us feel rushy or secret?”
- 9–12: “How would you check if a giveaway is real?”
- 13–15: “What would a fake version of your favourite site look like?”
- 16–18: “If a gig pays too well, what checks prove it’s legit?”
Parent FAQ (Short answers)
Q: Won’t this scare my child?
A: Keep it calm and practical. Focus on skills, not threats.
Q: My teen rolls their eyes.
A: Make them the expert—ask them to teach you the five patterns.
Q: How often should we practise?
A: Tiny reps: 5–10 minutes, once a week, plus any time a real scam is in the news.
Q: What about deepfakes?
A: Use the code‑word and voice/video check. Teach them to slow down and verify.
Next Steps
- Pick a family code‑word and test it with a quick call.
- Post Pause → Screenshot → Show near devices (SG: add 1799 as backup when an adult isn’t reachable).
- Turn on 2FA/biometrics for kid accounts; enable transaction alerts.
- Enable Ask‑to‑Buy/Family Sharing on phones/tablets.
- Practise one role‑play this week (pick from the five micro‑lessons).
- Make sure everyone can freeze a card and change a password.
- Save who to call/report to (school, platform, bank, local authority).
