Content uploaded by Mathias Agbeko
Author content
All content in this area was uploaded by Mathias Agbeko on Jul 21, 2021
Content may be subject to copyright.
UNDERSTANDING CYBER SAFETY
BEHAVIOR AMONG TEENAGERS IN
GHANA
Mathias Agbeko
Department of ICT Education
University of Education, Winneba
Winneba, Ghana
magbeko@uew.edu.gh
Abstract – The development of mobile technology and the
expansion of internet access has raised concerns about the
cyber safety of teenagers in cyber space. The purpose of this
study is to investigate the cyber safety practices, cyber
security awareness and teenagers’ experiences with cyber-
attacks in Ghana. This study adopted a descriptive survey
research approach and targeted some public senior high
schools in of Ghana. Questionnaire was the main
instrument for data collection and it was used to collect
data from 153 senior high school students who were
conveniently sampled from eight (8) senior high schools in
the Ashanti region of Ghana. The results showed that 74.5
percent of teenagers were aware of cybersecurity, 8.7
percent had been involved in cybercrime and their main
motivation was either to make money and/or for fun. On
the preventive measures against cyber-attacks, 42 percent
said they changed their passwords whilst only 1.8 percent
said they reported to the police. The cyber-attacks that
teenagers often experience are malware attacks and
phishing attacks. The study has revealed that these attacks
are common among teenagers because they often open
unknown email attachments and they fail to regularly
update their antiviruses. It is therefore recommended that
teenagers be more preventive than corrective in their
approach toward cyber-attack. They need to periodically
change their passwords and update their antiviruses. The
security services should also be more proactive and
apprehend perpetrators of cyber-attacks so that victims
can have the confidence to report cyber cases to them. It is
only in this way that the issue of online crime can be
addressed effectively in Ghana.
Keywords – Cyber Safety; Internet; Security; Awareness;
Cyber-Attack
I. INTRODUCTION
The expansion of internet access in Ghana is very
laudable; considering the huge benefit it brings to
individuals, institutions, businesses and the country. As
of the third quarter of 2019, Ghana counted about 16.7
million unique mobile subscribers, 15.1 million
smartphone devices and 10.7 million mobile internet
users in the country [16]. In 2016, Ghana opened a multi-
million dollar 600-rack National Data Centre in Accra,
the largest of its kind in West Africa [1]. This goes to
confirm the huge investment the government is making
to ensure that internet access is available to all of its
citizens. In the educational sector, currently, thirteen
public tertiary institutions in Ghana are benefiting from
a free WiFi pilot project, with the aim that this initiative
will soon be rolled out in the over seven hundred and
twenty-two public senior high schools in Ghana. These
initiatives, though positive, will come at a great cost if
research in the cyber safety behavior of our teenagers in
the senior high schools is understudied or non-existent.
Cyber safety is defined as the safe and responsible
use of information and communication technologies [2]
and [3], including protection against unsolicited
marketing and advertising [7]. Cyber safety has been a
major concern not only in Sub-Saharan Africa but also
worldwide. Due to this, the Budapest convention on
cybercrime was convinced that as a matter of priority,
they need to pursue a common criminal policy aimed at
the protection of society against cybercrime, inter alia,
by adopting appropriate legislation and fostering
international co-operation [5]. Although this convention
remains the most significant instrument in this area,
especially in protecting young ones against various
forms of cybercrime, many nations are yet to take the
initiative to adopt it.
As portrayed in a straightforward term, cybercrime
is any unlawful action which is perpetrated utilizing any
processing gadgets, similar to PC/cell phone [18]. There
are various techniques by which digital wrongdoing is
carried out, and which incorporates attacks on PC
frameworks, cyber-harassing, email spam, phishing, and
identity robbery. Cybercrime is the deadliest sort of
wrongdoing. It can upset existing set-up within a second
[24]. Additionally, cybercrime is characterized as
offense that is carried out against individual or group of
people with a criminal rationale to purposefully hurt the
reputation of the person in question or cause physical or
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 19, No. 6, June 2021
1
https://sites.google.com/site/ijcsis/
ISSN 1947-5500
mental mischief to the casualty directly or by
implication, utilizing current media transmission
organizations like web and cell phones [9]. Worldwide,
teenagers are most susceptible to cyber-attack due to
their avid use of the internet and their perceived lack of
awareness of cyber security risks. A study conducted by
[18] to explore teenager’s familiarity with digital
protection discovered that about half of the students were
aware of digital wrongdoing. A comparable study by
[20] discovered that students were tolerably mindful of
digital violations and knew about the law against digital
wrongdoing. On the other hand, an investigation led by
[19] showed that a large number of secondary school
students shared their private information online and did
not know about the likely misuse of such information by
cyber criminals.
The reason for increase in cybercrime owes to the
fact that perpetrators gain easy access to mobile devices,
the internet and network facilities [21]. Adopting a
descriptive research design to survey 44,500 university
undergraduate students in Nigeria, [17] found that
students engage in online drug trafficking, cyber
stalking, email hack, hacking of organizational accounts,
identity theft, among others. The students in their various
responses showed that they had been involved in one
form of cybercrime or the other in their various
institutions. [15] further explained that most of these
students were deeply involved in cybercrime alongside
their counterparts in the school. [6] disagreed
vehemently with the finding of this study when he found
out that undergraduates are fully occupied with academic
and vocational activities that can make them associate
with cyber theft.
On the issue of teenagers’ experience with cyber -
attack, a study by [11] conducted on a sample of more
than 200 Slovenian Internet users revealed that 83% of
respondents had experienced a computer virus infection.
He also reported that just under one third of respondents’
friends experienced computer hacking and online
identity theft and that they reported knowing at least one
person who was harmed by cybercrime. Thus, the forms
of harassments the perpetrators of cyber bullying exhibit
comes in different faces. The nature of harassment
ranges from ignoring, disrespecting, threatening, calling
names, spreading rumors, email bombing, picking on
and ridiculing [22] to hiding names while sending SMS
or when in a chat room, kicking someone out of a chat
room, and violating the privacy of someone by a webcam
[23].
On the preventive measure teenagers take to curb
cyber-attacks, [13] mentioned the importance of cyber
security training programs that can change the attitude
and behavior of internet users, by decreasing the number
of risk affiliated with cyber security incidents. They also
pointed out the need for appropriate security practices
that will change the behavior of online users in their day-
to-day practice. [11] reported that approximately one
half of respondents have sufficient information to protect
their devices misuse or personal data/theft. However, it
turned out that 40% of them did not know or did not
install any software protection on their Internet-
connected devices (computer, phone, etc.). [25] also
showed that internet users possess adequate cyber threat
awareness but apply only minimal protective measures
usually relatively common and simple ones.
[10] reported that respondents’ behaviors towards
curbing cyberattacks was ambivalent. On one hand, they
argued that they know how to behave in the case of a
cyberattack (M=3.10, SD=1.19). For example, they
indicated that they would not provide information on the
web (M=2.42, SD=0.93). In addition, they argued that
their length of a standard password is 10 on the average,
which was considered to them as safe. On the other hand,
when asked to describe how they acted in order to protect
their computer, they only indicated 4 measures on
average out of 11 options. This indicated their uncertain
posture towards cyber safety. Hence, [4] asserted that the
primary tool for such prevention is undoubtedly
education aimed at establishing greater awareness and
knowledge regarding illegal internet content and
cybercrime among children and teenagers, as well as
parents and educators. Thus, Cyber violence is a
relatively new phenomenon, with most of the reports
emerging through publicity in the mass media. In the
same vein, there should be a mandatory prevention-
education on cybercrime and cyber safety for all
incoming students [12].
A number of studies have been conducted to assess
the causes and effects of cyber threats [8]. This is an
indication of the increasing prominence of cyber-attacks
among organizations and citizens all over the world.
Despite the growing interest and impact of cyber-attacks
on teenagers, there still remains a general lack of
education on cyber security among the consuming
Ghanaian public [14]. It is for this reason that the
researcher decided to carry out this research to
understand the cyber behavior of teenagers on the
internet. Hence, these questions are formulated to form
the basis of this study:
1. What is the level of awareness of cyber security
among teenagers?
2. To what extent are teenagers involved in
cybercrime?
3. How often do teenagers experience
cyberattacks?
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 19, No. 6, June 2021
2
https://sites.google.com/site/ijcsis/
ISSN 1947-5500
4. What preventive measures have teenagers put
in place to prevent cyberattacks?
A. Research Objectives
The study seeks to achieve the following objectives:
1. To understand the cyber security awareness
among teenagers.
2. To explore the extent to which teenagers are
involved in cybercrime.
3. To find out how often teenagers experience
cyberattacks.
4. To identify the preventive measures teenagers
have put in place to prevent cyberattacks.
B. Purpose of the study
The study seeks to investigate the cyber safety
practices, teenagers’ experiences with cyber-attacks,
their cyber security awareness and preventive measures
taken by teenagers in Ghana to curb cyber-attacks.
II. METHODOLOGY
This study adopted a descriptive survey design
incorporating quantitative research approach with a
researcher-made questionnaire as the instrument. The
population of the study was all form two (2) students in
eight senior high schools in Ashanti Region. The
sampling technique used was convenience sampling
since the researcher was supervising students on
teaching practice in that region. In all, 153 students were
selected from the eight schools. Questionnaire was
administered by the researcher himself and was
completed on the spot by all respondents. Thus, the
return rate was 100%. Statistical Product and Service
Solutions (SPSS) was used for the analysis.
III. RESULTS AND DISCUSSION
A. Cybersecurity Awareness among Teenagers
Fig. 1 represents students’ responses on the question
on their awareness of cyber security. Out of the 153
respondents, 152 responded whereas only 1 respondent
did not respond to the question. 114 students
representing 74.5% said they are aware of cybersecurity,
27 students representing 17.6% said they are not aware
of cybersecurity whereas 11 representing 7.2%
responded that they are not sure. From the above, we can
confidently conclude that most teenagers are very much
aware of cybersecurity. This finding confirms the study
made by [18] that about half of the students knew about
digital wrongdoings.
Figure 1. Awareness of Cyber Security
B. Extent to which Teenagers are Involved in
Cybercrime
Students were further asked about the extent to
which they are involved in cybercrime. The cross
tabulation in Table I clearly shows that 13 students have
been involved in cybercrime, 130 students have not been
involved in cybercrime whereas 6 students stated they
were not sure whether they had been involved or not.
Thus, from the findings, majority (130) representing
87.2% of the respondents have not been involved in
cybercrime. Thus, the findings are in line with the
argument by [6] when he disagreed in his findings that
students are fully occupied with academic and vocational
activities which occupies them from engaging in cyber
theft. However, [17] and [15] concluded from their
findings that most students engage in various forms of
cybercrimes.
TABLE I. TEENAGERS INVOLVEMENT IN CYBER CRIME
Age
group
Have you been involved in any form of
cybercrime before
Yes No Not
sure
Total
10-20 6 44 3 53
16-20 7 84 3 94
21-25 0 2 0 2
Total 13 130 6 149
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 19, No. 6, June 2021
3
https://sites.google.com/site/ijcsis/
ISSN 1947-5500
Furthermore, the students were asked to state their
reasons for their involvement in cybercrime. The results
from Table II showed that 5 of the teenagers said they
were involved in cybercrime to make money and for fun
whereas 1 teenager got involved out of ignorance. None
of the students were involved in cybercrime due to
pressure from friends nor to retaliate.
TABLE II. REASONS FOR INVOLVING IN CYBER CRIME
What was your motivation for getting
involved
Frequency
To make money 5
For fun 5
Ignorance 1
Pressure from friends 0
To retaliate 0
Total 11
C. How Often Teenagers Experience Cyberattacks
From Table III, it can be seen that most of the
respondents between the frequencies of 43 and 55
concluded that they have never experienced cyberattacks
whereas another group which are between the frequency
of 4 and 28 indicated that they experienced cyberattack
once a while. From the responses, there is an indication
that students generally do not experience cyberattacks
and for those who do, they often get malware and
phishing attacks. Thus, this finding does not confirm the
studies by [23] when they found out that there is a higher
rate of cyber bullying among public school students.
However, the findings are in line with [11] who found
that 83% of respondents had experienced a computer
virus infection.
TABLE III. RATE OF CYBERATTACKS
Cyber
attacks
N/
A
Dail
y
Once
a
week
Once
a
month
Once
in a
while
Nev
er
Malware
attacks
(viruses,
worms,
Trojan
horses
etc.)
5 8 6 3 28 43
Unauthor
ized
access of
confident
ial
informati
on like
email and
other
school
related
documen
ts
6 5 1 2 10 44
Stealing
password
s to
access
accounts
7 5 1 3 25 50
Identity
theft and
imperson
ation
6 1 0 1 4 55
Phishing
emails
5 6 0 2 13 50
Online
fraud 4 7 1 4 13 54
D. Preventive Measures Against Cyberattacks
Fig. 2 is a chart to represent exactly the data in Table
IV. From Table IV and Fig. 2, one can conclude that
most students use strong passwords to prevent
cyberattacks and this represent a frequency of 47 which
is a valid percentage of 28%. Also, on the issue of
malware protection, it was realized that only 12.4%
regularly scan their computers for malwares and out of
this, only 10.5% regularly updated their antiviruses.
Unfortunately, only a minimal 4.6% of the respondents
do not open unknown email attachment. This study
confirms the study by [25] who found out that internet
users possess adequate cyber threat awareness but apply
only minimal protective measures usually relatively
common and simple ones in cyber space. As opined by
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 19, No. 6, June 2021
4
https://sites.google.com/site/ijcsis/
ISSN 1947-5500
[13], training of students at a younger age about cyber-
attacks and involving them in discussions about cyber
bullying will make them aware of cyber security and
devise means and ways to stop such attacks and always
remain safe and secured on the internet.
TABLE IV. PREVENTIVE MEASURES AGAINST CYBER
ATTACKS
Preventive Measure Frequency Percentage
Use a mixture of lower-
and upper-case
alphabets, numbers and
symbols for password
41 26.8
Regularly update
antiviruses
16 10.5
Regularly update my
operating system
12 7.8
Regularly scan computer
for viruses and other
forms of malware
19 12.4
Do not write/disclose
password to anybody
12 7.8
Prevents others from
looking over shoulder to
view login password
7 4.6
Do not leave default
password in use
5 3.3
Change password
frequently
8 5.2
Do not open an unknown
email attachment
7 4.6
Do not allow others to
work in your computer
account
5 3.3
Missing System 21 13.7
Total 153 100.0
Figure 2. Preventive Measures Against Cyber Attacks
Furthermore, when the students were asked about
the actions they take when they experience a cyber-
attack and/or cyber bullying, 30.7 percent reported that
they changed their password whereas 12.4 percent
indicated they did not tell anyone about it and blocked
their accounts. Just 1.3 percent reported to the police
about cyber-attacks and/or cyber bullying. These results
are presented in Table 5. Thus, in line with these
findings, [13] opined that individuals facing cyberattacks
should report the behavior to the appropriate institutions,
and block their accounts. [10] also found that their length
of a standard password is around 10 on average which is
considered by them as safe.
TABLE V. ACTIONS TAKEN ON CYBERATTACK /
CYBERBULLYING EXPERIENCE
Action taken Frequency Percent
(%)
Report to police 2 1.3
Report to parent 6 3.9
Report to your teacher 5 3.3
Report to website
administrator /telephone
company
14 9.2
You didn’t tell anyone 19 12.4
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 19, No. 6, June 2021
5
https://sites.google.com/site/ijcsis/
ISSN 1947-5500
Changed password 47 30.7
Blocked your account 19 12.4
Missing System 41 26.8
Total 153 100.0
IV. CONCLUSION
It is clear from the study that cybersecurity
awareness among teenagers in Ghana is high. A very few
teenagers are involved in cyber-attacks for the purposes
of making money and for fun. The cyber-attacks that
teenagers often face are malware attacks and phishing
attacks. The study has revealed that these attacks are
common among teenagers because they often open
unknown email attachments and they fail to regularly
update their antiviruses. Again, it has been observed that
teenagers change their passwords after they have
experienced cyber-attacks. It is therefore recommended
that teenagers be more preventive than corrective in their
approach toward cyber-attack. They need to periodically
change their passwords and update their antiviruses.
Although cyber safety has not traditionally been part of
the senior high school curriculum, the changing nature
of society, in particular the increased use of ICT now
justifies its inclusion. Rather than seeing cyber-attack as
a reason to deny students access to ICT, the Ministry of
Education should regard its increased use as an
opportunity to impart safe and responsible practices to
students so that they become ethical cybercitizens of the
future. Also, the Government of Ghana in conjunction
with the security services should develop a national
cyber security framework that specifies cyber security
requirement controls for individual network users. If
approaches towards preventing cybercrime are to be
truly effective, the security services should be more
proactive and apprehend perpetrators of cyber-attacks so
that victims can have the confidence to report cyber
cases to them. It is only in this way that the issue of
online crime can be addressed effectively.
REFERENCES
[1] Ashiadey, B. Y. (2016). National Data Centre to spur
economic growth. January 27. Available at:
http://thebftonline.com/business/ict/17079/national-data-
centre-to-spureconomic-growth.html [Accessed 10 February
2016]
[2] Balfour, C. (2005). A journey of social change: Turning
government digital strategy into cybersafe local school
practices. In International Conference on Cyber-Safety,
Oxford University, Oxford, United Kingdom.
http://www.oii.ox.ac.uk/cybersafety.
[3] Beach, R. (2010). Developing a cybersafety program for early
childhood education. High-tech tots: Childhood in a digital
world, 71.
[4] Bele, J. L., Dimc, M., Rozman, D., & Jemec, A. S. (2014).
Raising Awareness of Cybercrime--The Use of Education as a
Means of Prevention and Protection. International
Association for the Development of the Information Society.
[5] Budapest Convention on Cybercrime. (2001). Council of
Europe.
http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm
[6] Denga, A. (2011). Youths and cyber theft. Lagos: Ademola
Publishers.
[7] Frechette, J. (2005). Cyber-democracy or cyber-hegemony?
Exploring the political and economic structures of the Internet
as an alternative source of information.
[8] Gehem, M., Usanov, A., Frinking, E., & Rademaker, M.
(2015). Assessing Cyber Security: A meta-analysis of threats,
trends, and responses to cyberattacks. The Hague Centre for
Strategic Studies.
[9] Halder, D. and Jaishankar, K. eds., 2011. Cyber Crime and the
Victimization of Women: Laws, Rights and Regulations: Laws,
Rights and Regulations. IGI Global.
[10] Lesjak, D., Zwilling, M., & Klein, G. (2019). Cybercrime and
cyber security awareness among students: a comparative study
in Israel and Slovenia. Issues in Information Systems, 20(1),
80-87.
[11] Lukanović L. (2017). Računalniška kriminaliteta in varstvo
osebnih podatkov: diplomska naloga.
[12] Marcum, C. D., & Higgins, G. E. (2019). Cybercrime.
In Handbook on Crime and Deviance (pp. 459-475). Springer,
Cham.
[13] McCrohan, K. F., Engel, K., & Harvey, J. W. (2010). Influence
of awareness and training on cyber security. Journal of
internet Commerce, 9(1), 23-41.
[14] Ministry of Communications (2014). Ghana National Cyber
Security Policy & Strategy. Accra.
[15] Ngozi, S. (2016). Students’ perception of cybercrime and its
implications. Journal of Social Development, 4(2), 50-57.
[16] Omondi G. (2020). The state of mobile in Ghana’s tech
ecosystem. Mobile for Development- GSMA.
[17] Philips, C. A. (2018). Awareness and involvement in
cybercrime among undergraduate students in Universities in
Rivers State, Nigeria. International Journal of Humanities and
Social Science Invention, 7(3), 39-43.
[18] Rathod, P., & Potdar, A. B. (2019). Study of Awareness of
Cyber-Security among Medical Students. Indian Journal of
Forensic Medicine & Toxicology, 13(1), 196 – 198.
[19] Rek, M., & Milanovski, B. K. (2017). Slovenija, Ljubljana:
Fakulteta za medije [izdelava], 2016. Slovenija, Ljubljana:
Univerza v Ljubljani, Arhiv družboslovnih podatkov
[distribucija], IDNo: MPSS16.
[20] Saima B. (2018). Cyber Crime Awareness amongst students of
Government Law College, Trivandrum- A legal Survey.
Government Law College, Trivandrum. [Internet].
https://acadpubl.eu/hub/2018-119-16/1/130.pdf.
[21] Saul, B., & Heath, K. (2015). Cyber terrorism. In Research
Handbook on International Law and Cyberspace. Edward
Elgar Publishing.
[22] Sourander, A., Klomek, A. B., Ikonen, M., Lindroos, J.,
Luntamo, T., Koskelainen, M. & Helenius, H. (2010).
Psychosocial risk factors associated with cyberbullying among
adolescents: A population-based study. Archives of general
psychiatry, 67(7), 720-728.
[23] Topçu, Ç., Erdur-Baker, Ö., & Çapa-Aydin, Y. (2008).
Examination of cyberbullying experiences among Turkish
students from different school types. CyberPsychology &
Behavior, 11(6), 643-648.
[24] Varghese, B., Wang, N., Barbhuiya, S., Kilpatrick, P., &
Nikolopoulos, D. S. (2016, November). Challenges and
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 19, No. 6, June 2021
6
https://sites.google.com/site/ijcsis/
ISSN 1947-5500
opportunities in edge computing. In 2016 IEEE International
Conference on Smart Cloud (SmartCloud) (pp. 20-26). IEEE.
[25] Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F.,
& Basim, H. N. (2020). Cyber security awareness, knowledge
and behavior: a comparative study. Journal of Computer
Information Systems, 1-16.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 19, No. 6, June 2021
7
https://sites.google.com/site/ijcsis/
ISSN 1947-5500