Safe in Digital Playgrounds: Protecting Children from Online Predators on Roblox, Minecraft, and Discord

in. >> Okay. >> All right. You ready? >> Hi everybody. Thanks for being here.

>> So that go back one. All right. So this is the presentation. Make sure you're in the right spot. Right. So, I've done that before. I walked into somebody else's thing. Oh, wait a minute. Wrong spot. Simply had to leave. So, this is the presentation. Thank you for being here. A little bit about myself, right? That's me. And yes, that's also me. All right. Harald is over there with my one of my team members. Hold him up, please. There he is. He is my sidekick. He goes to be everywhere. One of my team members made him for me. So, as a show of gratitude, everywhere I go, he goes, right? So, go ahead, hit next. So, here's a little bit

about me. No, I am not Andrew Zimmer. I've never been on Bizarre Foods. Yes, I had to put this on every slide I go to because I have been approached in parking lots, ask for autographs, and ask for, "Hey, what are you eating?" And I'm like, "Nothing. It's normal because I'm not him." No, you are. No, I'm not. Just give me your autograph so I'll sign his name. And then off they run the train. But yeah, so I'm a retired army. I am an Air Force civilian. I'm a cyber patriot coach. If you're on my cyber patriot team or I team, yeah, you didn't raise your hand after you. Much over me here today. Right. So I do

this very actively. I've been doing it for over 10 years. I've held various IT positions throughout my career. Right. Currently I'm working for the Air Force doing things. Right. Yes. I'm also work with the Cyber Texas Foundation. Anybody heard of Cyber Texas Foundation? Right. So, if you're involved with Cyber Patriot here in San Antonio, we help Cyber Patriot teams or new Cyber Patriot teams get established so they can start. All right. Next. So, disclaimer, since I had the font changed since I had to run it through their laptop, all my fonts are gone. So, it looks lame now. So but information is still the same in the story. So today we will be touching on a few things that for may be a bit

sensitive right because for the topic you know we have to get a little bit in there so people understand those you don't understand what the dangers are on the internet what your kids may or they may not be seeing. Okay, so just as a disclaimer just so everybody's aware and yes I will have resources at the end in case you want to report somebody comes to you what do I need to do who do I need to call I have stuff there for you all right next please all right so why this topic right so as it says I was contemplating what to submit I call the papers. And as I was sitting there eating dinner, news story came

when this was uh that the fourth person had been arrested for using one of the three platforms up there to maroon and or lure children into doing things. And that was just since January and this was in March. Okay. So my wife is like, you know, you how many people you talk to, how many kids you can interact with. How would you feel if this is one of your team members? What would you do? So I said, okay, this is what I'll do. This is this is why we chose this topic for today. Okay next please. So the next couple slides are some actual headlines that I pulled out. I have the links and where they came from and these are

mainly April through May this year. It's like five headlines that I grabbed a little bit when I had to put the presentation together over the past week. Right? So, if you want to look up the links later, there they are. Next slide, please. And as you can see, this is some pretty disturbing stuff. Okay. Kids are, you know, kids are one here to have fun. They're here to play games. They're here, you know, learn, right? Because you can do coding and stuff these things, right? That's why they're there. And then they're being taken advantage of while they're, you know, for me and I'm sure most of you, this is terrible, terrible, terrible. And most of the parents where

they're doubt they're on these things don't understand or don't know how to make sure the proper security settings are set in place or oh they're just playing a game. You know they don't check anything right. So ironically I was at a camp yesterday talking with a bunch of fifth sixth graders about 20 of them. And I always do this when I go into money scams because I'm curious. I said, "Hey, what platforms are you on?" Right? So, big three got hit. Discord, somebody was on Discord, somebody was on Roblox, somebody was online. Right. I said, "Okay, so here's another question. Do your parents have Yeah. Yeah. Yeah. Okay. Do your parents know about your other accounts that you use besides the

one they help you set up?" And I mean, a bunch of this. So, how many accounts do you have on these things? Well, I only have one. I have two. Do your parents know about that extra account that you have? No. Do you think you should tell them? Look at the teacher, you know, hey, you might want to talk to their parents that they have this extra account out there on the platform. Uh, a couple months ago, same area, talking to a bunch of fifth, sixth graders, asked them the same thing, you know, hey, how many accounts do you have on these platforms? One girl said 10. I said 10. She said yes. So why do you

have 10 couchs? Well, you know, if I'm doing something, I want to switch the cows, go over here. Okay, you parents know. No, again, eyeball teacher. We need to talk afterwards, you know, might want to talk to the parent after we leave because she has saying she has this many accounts just to make sure it's true or not, you know, because kids aren't kids. They'll over exactly. And so I asked, "Has anyone approached you online, sent you a message, message request, wanted to initiate a conversation?" One boy said, "Yes." I said, "Okay, well, how far did it get?" He goes, "Oh, yeah. We've been chatting for a while." Said, "Did he tell you like how old he

actually was or anything like?" "Oh yeah, he told it was a 40-year-old." Again, I have all the teachers. He need to talk to his parents, too, right? But it's not it's not something you would normally hear because I asked him, how many of these people have you actually met online? Like you know, hey, hey Bob and you're going to play, right? Like you know, like we live down the street from each other. Not usually the case. So these headlines are, you know, a reflection of that. Next slide, please. So let's break down what, you know, the platform. So, what does it actually mean? Minecraft, right? You have to purchase it. It's a game. You can do it. You can do other

things in there, but basically it's a game. Okay, Roblox, it's a platform. It's used, you can play games on it, but you build environments, you do other things on there besides play whatever games are done. People build games, they put games on there, people can access the games, but it's a platform, right? And then you have your social platform, which is Discord, right? Who has Discord? Yeah, I figured just about everybody in here. Excuse me. So, social platform, chatting, video chat, you know, sharing files, you can broadcast your stuff while you're playing a game on there, all the fun stuff, just like we can with the other platforms. Everything has in game chat and stuff like that. Next,

please. So, we're going to get into Minecraft first. Now, I do not have Minecraft. I do not have robots. So, I had to recruit from my old teenagers that I see every day, hey, send me some screenshots of your security settings, just your security settings. And luckily, two of my sons have this stuff. Say, hey guys, I need your help. Send me some screenshots of the security settings inside. So, you're going to see a combination of actual in-game or in platform and you're going to see the screenshots that my team members sent to me from their mobile phone with the settings. Okay. But it's a game. What's this game do? Well, it's literally that you build

things, you explore, you can do battles. It's a really fun game. Very popular. 300 million copies worldwide as of January 2025. One of the more popular games, I'd say, out on the internet. out in the in the world, right? Anybody would say anything higher than that? >> Roblox. >> Roblox. Okay. So, very popular. Kids love this thing. Next one. So, oxidator is different. We'll just play with this. Right. Notice at the end here, no internet connection required. Don't need to internet for these two. So, you load it locally. like I used to do back in the 90s when I played start staying home the computer want to connect to the internet would do that right

doesn't need an actual internet connection other than the movie god please right if you're playing on land use play land games have land parties yeah won't break so two ways hit next please now the next way three ways you have to be on the internet and this where things start Right. This where you got to start checking settings, you know, looking over the shoulder a little bit. Okay. So, you got online multiplayer, public servers, and your Xbox there. You can set things up with your friends list. Who's ever played Minecraft? Just so I know. Okay. Yeah, I have not. So, if I'm saying anything wrong, please let me know. Okay. Next please. So, in-game chat, who's saw the in-game

chat, right? Who's found the hidden shared links that you can embed inside their right? Who's put embedded links in their environment? Right? The bottom one, when they go into these rooms, you can put any link you want in there and it'll take you somewhere else. Correct. Right. So, what if I put a link in there for somebody and then takes them totally off out in the blue and in the wild somewhere where, you know, a parent wouldn't want their child to go by accident, right? Even while there's a wildly clicking on the internet. Not saying it's, you know, putting a link in the environment is bad, but it can lead to bad things, right? And these things could be hidden

anywhere, right? Next, please. So, hold on a second. So, >> my bad. >> Go back one. Hit one. I pull there. So, this is from my son's Microsoft account. So, you got two ways you could start blocking stuff, right? The one is obviously your personal info and your password. You can read it. I'm closer. I couldn't get it bigger to fit on the slide. And the other one is your profanity setting, right? Because I know when I'm playing, I remember when I was at Display, my serants cursing me. It would tick me off and I would tell them they need to learn to use English properly and I'd have to end up on a lot of these, right?

Next, please. So, these are actually in the game, right? You get the options. These are some of the options that pop up right away. So, turn it on, turn it off, or your link's going to be active. Turn it on and off when you're done. Click done and it should save. Next, now here are some screenshots that were sent to me from Google. All right. So, go ahead and click this for me. So all of these were locally online. They guess they had it installed locally on the phone. So they're doing the security settings on the phone. And the bottom ones are actually online. Now, can anybody see the bottom? Sort of. >> You see anything wrong or good about the

settings on the bottom? Because they're the ones that are actually going Way too much everyone. >> Way too much everyone. So, see other people's Xbox profiles, everyone. Uh, video communications friends. That's okay, right? As long as you know who the person is. You got to be in the friends list. All right. What What's over here? We got others can communicate with voice, text, or invites. Everyone, right? What's this one down here? Others could send you friend requests. Allow, right? These are things. These are probably default settings, right? When they went in and installed this thing, probably didn't go past default settings, you know, start fidgeting with stuff. Now, I forgot whose this was, and I

wouldn't call them out, but guaranteed it's from my pool of teenagers where these came from. Okay, so if you have a child and you haven't checked their phone yet for their settings for Minecraft or playing them on their mobile phone, might want to take a look to make sure it's past default settings. Next please. So, parental controls, they have so many guides and things to help parents understand the game, how to set things safely when your child's playing, excuse me online right? These are some of the links that I found for parents to use. Okay? They go very in depth. I click through a couple of them and see how deep they went other than, hey, click

this and we're done. know they have actual documentation of what you need to do. Thanks. Ah Roblox. Oh, they're part of the triad, right? This is more popular than Minecraft. So, this is the gaming platform, right? People make games. People can do all kinds of things. Just like with Minecraft, you can use it to teach coding. Not a bad thing, right? teach 70 plus million daily users worldwide. That's crazy. Crazy, right? The primary audience 8 to 16, right? Perhaps note they do offer privacy controls, chat filters, and other fun controls that you can use beyond the default settings. Right. All right. So here's what's inside the platform. Here's what they promote. This is straight from the website. Immersive

platform. They want you to create. You can buy and sell things on their platform. Safety and civility, right? Because they don't want things happening with their platform that are happening to kids that's that are being reported, right? This is what they're next please. So again, don't play Roblox. So I had to grab screenshots for myself. Dang, give me some in stuff so I can see it. So if you don't know how to access it, first one is you open up the game, go to settings, and then right there at the top, you got security, privacy, and portal controls. Further down, once you get in, you can add the extra layer for logging. in your multi-layer authentication. You know

your passwords are here. If you want to add another layer on top of that for logging in, this is where you can set it up. Next please. So, inside the game, go back one. I should have fixed this. Do it again. Maturity level. That one caught me off guard when I saw it. So, maturity. Why would you want to set that maturity level? Okay. So, maybe go read back a bit to what some of these games are actually showing and putting out there. Understand why there's a maturity level out there. Okay. So, if you're an adult and over 18, you wouldn't turn that thing all the way up. You're fine. 17 and under, you might want to check to make sure that

it's on the lower end. Okay. But these are some of the settings that are rendered. So the privacy all these come underneath the privacy setting enable the microphone friend requests. Go back one more do it again. Yeah, I should have turned this up there. Hit it. Chat, direct chat. Party lines. Right. And enable the microphone now. My sons are old. They can do what you want. They're over 18. But, you know, if you have everyone selected for most of those things and you're not old like my my sons might want to say, "Hey, not that." Next, please. Again underneath the privacy who could send friend requests people you follow private server right experience what limits everyone

I wouldn't want my kid going into a private server don't know who it was next please so they also have many many pages and they have a full PDF for how to implement proper safety controls for their platform. about all the bad press the first two have got over the past you know few months let alone previous years they do offer a lot of documentation and help for setting the proper security settings to make sure your kids are not going to be taken advantage of there's a link >> all right last one Discord this one I am Yes, that's how I keep track of all my teams when I'm not when we're not in practice for over the summer.

And yes, I do have teachers on there with me. I do have parent I invite parents to come on. I have other adults on there with me to help with moderate. And if one of them get crazy and try to direct message me. I always disclaimer, tell your parents right now, they can message me as my team members can tell you right? because it looks weird if you're just sending me a direct message. I'm like, what are you doing? Keep it in the room. But since you did it, tell your parents. So, it's a very useful platform for me because, hey, I found an article. You might want to read this. Hey, here's some resources

for next season. You might want to read this. You know, they'll put stuff in there. Hey, Mr. Hall, I found this. And share it with the team. But I always always always have people in there with me since everybody knows what this is. Get the next slide. Right. So besides I couldn't find it. They I don't know their active discord versus even more discord. I couldn't find it but at one point they did because it's a very useful tool. Keep everybody in line. Right. Next one please. Now, these are settings that I pulled off mine, right? And if you don't know how to do it, there's a settings button button and those are the three four and how to get

into them and what they do, right? Where they're laid out. Pretty straightforward. Go here. Go here. Go here. Next please. Now, direct messaging. That was a big one for me. Allow um allow access to age restricted commands. I don't have iOS, but they have the same thing for iOS, right? Friend requests. Now, mine are all long because I didn't change default settings, but you might want to change default settings for your kids. next.

And these are going down into the data and privacy settings as well. So up there where it says get started, if your child is on here and you haven't selected the get started thing yet, go to that website. They have many documents on how to secure Discord for your child that is using the platform. So many lot lot of documentation right over here it says enable family center so if you have family members you want to keep contact you do that in there right is one of my family members earlier next please devices let's see who's done this before log out of all known devices from any platform I've done that a few times I forgot where I'm

logged in at. Why am I getting these alerts that somebody's trying to log in as me? Log out everything all at once, right? It's on Facebook, too. It's on here. It's on a few of them, right? So, if you're wandering around, like I said, and you're looking through stuff, just hit that. Make sure your kids totally log off everything and then go back in and do the security settings. Allow voice to be recorded. That's a scary one. Right? Who knows about the AI filters now? People are manipulating the voice to create things, right? Just about everybody, right? That's one way you can get voice clips to make somebody's voice. Next please. So again, here are

everything that I found based on Discord. what you can do to harden the platform for your child because they have a very they got like a 20 30 page PDF document on Discord alone on how to set things up safely. Okay, next one please. Okay, this is the slide. Okay, so why is it always these three? Who knows? Maybe it's because of their popularity. That's probably one thing. Maybe it's just easy and accessible for kids to use. But as for the past few months, it should have been these three. Now, if you can tell me where the quotes from, you get a prize. >> My man. >> All right. >> And now the end. >> Yeah.

>> Okay.

Okay. One too. >> Thank you. >> So, are these platforms inherently banned by themselves? Obviously not. They are there. They want to help educate. They're there for fun. That's what they want. Is that what it's being used for? Most of the time, no. I'm not going to fault the platform because they're putting stuff out there to help people make sure everything's safe. They want the kids and users to be safe. Okay. Ultimately, it is up to the user to make sure they're putting in the correct settings. children, parents, it's up to you to make sure it has brick settings in the platforms so they're staying safe. Now, if they go crazy and go wild and say,

"Hey, I want to make another account." Might want to check every once in a while. Hey, how many accounts you have out there? Pull them all up. So, if the kids when I'm talking to them are like, "Oh yeah, I have 10 accounts. Hey, I have five accounts." Like like that. Like no hesitation, no extra trying to get information out, they automatically boom. I got this many accounts out there. You want to sit down and talk with them and say, "Look, really tell me all the Fin accounts. Fin accounts, the real ones and the fake ones. How many accounts do we actually have out there? And we got to get rid of those older accounts."

Yes, sir. I have to ask. I'm sorry. It's okay. You said your kids were older. So, have you personally had to actually set up these print controls for children? Yes. >> And do you think they work at all? >> They work to the point unless somebody tells them how to deceive. >> Okay. I have I have two children. My experience with all of it. So in our house, we kind of take a different approach anyways. And we do a lot of education, a lot of talk about things that they need to be looking out for to bring up because yeah, I've been in security for like 20 years. So >> I know but every time we try to take the

approach of blocking down always find a way around it. And usually what it is like my daughter who's 10 who's not allowed to be on Roblox because it is accessessible for terribleness. You know what she does? She gets on FaceTime with a friend. Her friend gets on Roblox and her friend plays and she just watches. >> Yes. >> I can't stop FaceTime because you're FaceTiming with your friend in where we used to live. >> Yes. But I can't control that friend's thing. So where do we draw the line between the parent responsibility and the platform responsibility? Because that's the platform's problem that they don't have these settings in place by default. They aren't protecting the

children as well as they should. That's a question for them. Now what can you do as a parent? I was painted above my sons cuz I was army. >> Yeah. You're not going to do this. If you find it, I will destroy it. Right. So, I mean, it's it's one of those things. Talk to the parents as a friend. I don't want her doing this. I don't want this one there. As far as the platform's concerned, talk to email them directly. Hey, I'm finding this. Here's what's going on. Here's how they're going to get around it. Can you add something to your program to help block this from happening? >> Sorry. So to that point, Frederick, um

there used to be a tool, right, called K9 by Blue Code to kind of shut down and prevent those sorts of things disabling if discontinued. Have you seen any other tools out there that would help deal with the roadblocks, the discords, the the parental not being okay? Just >> what was the one you said? >> Uh K9 weapon detection. >> Oh yes, yes, I have. >> So something like that. But particularly for you know those sorts of things that you were laying down, right? to see for for kids not be able to go and change settings and go around that. Just wondering you know if there's any tools out there that >> those I do know those I've used those

before. >> Okay. >> I've seen them. I've told parents to use them. Right. I've also told them look hey get on your router limit their device contest. Right. These MAC addresses cannot access the internet after this time. get an older phone or device that has alternate like you know your cell phone you can put on the regular network find something to block that okay but if you're definitely using wireless you can go into the the router and put those parental controls in there I've seen them on my routers I've seen them on other routers so at least kind of limits what you're doing with blocking phone is a different thing make sure they're not using the mobile network

or go grab a fairy t's phone in All right. Lock it in the door and this way any signal. All right. Yes, sir. >> Twitch. >> Twitch wasn't as prominent. I I've seen headlines with Twitch. I know what Twitch is. Who knows what Twitch is? I'm pretty sure everybody does, right? So, when I was watching the news stories and I went wanted to research, these were the three that kept popping up, all the headlines. Not saying that anything, you know, the other ones aren't out there. Saw a news story this morning. FBI reported somebody was using Snapchat, right? They arrested somebody for using Snapchat to lower childhood. Same thing with FaceTime. Same thing with Instagram.

But recently when I started putting this presentation together, initially when I started researching, these were the three that really popped up all the time. That's why I picked these three. Yes. Uh so my personal experience like I've had incidents where like when I was a teenager like 10 years ago uh my parents were kind of lax and kind of let me do whatever on the computer >> right >> and I was actually kind of a victim in one of these incidents >> and they kind of use like shame and blackmail to keep me from like reporting stuff. So I like like the platform can't do everything correct like you know because like if you report someone they don't the

account and then the uh abuser creates a new account and goes find other people. >> Yes. >> So like how do you stop that if they can just like so go back one >> now I I know people in the FBI I work with people in the FBI and I talk with people at the FBI about this all the time. Um, I'll let it be this way. I had to go talk with a middle schooler a few months ago because their vice principal wasn't concerned about what was going on. Talk with the kid went back and told the principal to me it sounds like he's being based off what he told me. So, ironically, I was at St.

a couple days later and was talking to one of the FBI agents who went to Brian and I asked him and said here's what's going on. He agreed. Yes, it sounds like it's he was telling me but they have to have something hard evidence before they can start pursuing which is pass the line in my point but legally that's what they have to do. So when I tell kids, when I tell my team members, when I tell other people immediately, as soon as you find it, report it. Don't care who it is, tell mall officials. Whether you're reporting it to IC3, you're calling them sick up there, you're calling your local police. Call them. and tell them start a case

immediately because as you know from your experience these guys get more and more aggressive very aggressive because they're already looking at all your research. They know where you live. They found your pictures. They found all your social media stuff. We're going to expose us. We're going to hurt your family. All these things going to happen. That's what they're saying. Most of the time they're not even here in the country. But at the mindset of someone being that age, they believe everything. So like I said, what I tell my students, what I tell, you know, people I know immediately, don't be scared to tell somebody. Maybe not your parents, talk to a teacher, talk to a counselor, talk

to somebody, tell somebody that's going, they can initiate that. Especially in the school system, school system, school system is bound by law to start this process. Then they inform the parents. Answer your question. >> Yeah. Well, sort of >> a snag in my thing was that it turned out like in my case I didn't really know anything until like years after it ended. But in my case, it was like a guy working through like a girl that was my age at the time. Like she was 16, I was 15. And he was telling her to tell me to do things. So there was like a degree of separation. >> Oh wow. >> So there was like a child technically or

a minor technically abusing me. And so it was kind of what do you do at that point? I don't know that original guy. Do you know of like role playing activities or trainings for parents for exactly this kind of thing to get kids has a great series on this stuff

they put out they work with a company they have stuff that goes out there all the time they post every month or every time they have an update lot of educational material sexation online for Uh FBI has their thing. The government different government uh federal and government entities have their education. Theirs is very good. Forgot the name of it right now, but if you go out to the website right there, you will find it. And they get very indepth, right? I like so a few years ago I had to go out to college right after the shooting and we ran a camp for the kids that were there and I used their stuff because they were getting threats. So

I grabbed some of their stuff off some of their material and handed out to the you know the mil kids and we kind of went over some of the scenarios and played some of the videos that were in there so they know how to deal with what they were experienced. So they cover everything from elementary to high school. They have a lot of information out there, videos, everything. A lot of training material for parents and for kids. That's probably the best one that I know of. >> Any other questions? Sir, >> so I don't have kids of my own, but I work with kids. Okay. How would you start this kind of conversation one with

the kids so that they're aware and then also with their parents? So I said just do what I do, right? Hey, I heard this. Who's on this platform and then usually that just opens everything up? Or hey, Abd's playing this game. Where you want this game, too? Right. Or, hey, do what do you teach? >> I'm not a teacher. I work in church. >> Okay. So, it it's just a simple conversation starter. Because like I said, when I go into a room and I have kids, that's, you know, I'm usually there to talk about internet stuff or cyber safety or whatever, and that's usually the first thing I ask. And it opens the floodgates. Anything else? Questions, comments,

concerns? What did you say was the first thing you asked? I'm sorry, I missed that. You said this the first thing I asked. I missed that. >> Oh, what platform? What games do you play? Great. Because they're always going to tell you, hey, I'm playing this game. you know, I'm at this level or hey, I've done this while I was in there. That's usually the icebreaker. I'll just only Microsoft acquisition Minecraft. If you set up the Microsoft account as an underage account, it does disable all the online features by default. Um, we ran into that issue because we're trying to play a little bit of multiplayer. Okay. And the only way is to buy. So it's by

>> it has to be an underage account. >> Underage account only. Okay. >> Anything else? All right. Click it. One more. Thank you for being here. You've been a great audience. If you have any questions, I'll be around all day. Thank you.

Oh, everybody give a big round of applause for my awesome button masher. Her name is Thank you very much. You ready? Round it up.