Doing digital safety will help you to stay safe, protect your data, and ensure that the harassment doesn't escalate to taking over your accounts or personal information to increase intimidation and abuse. We know that it can be difficult to find the mental space to cope with your cybersecurity when you are under attack but remember that action doesn’t have to be taken alone; you can always reach out to people you trust and ask them to help you to complete this process. This guide will walk you through the immediate steps you need to take to feel safe and make informed decisions to strengthen your privacy online.
✔ Step One: Secure your Accounts
✔ Set up Two-Step Verification
The two-step verification is an additional layer of security that you can use to prevent others from accessing your accounts on social media or other online services. When you activate this extra authentication, you will receive a code via SMS, which you will have to enter when you or someone else tries to log in to your account from an unfamiliar browser or computer.
This page lists current sites with two-step verification options, and includes links that will help to set this feature up.
✔ Make your Passwords Stronger
To increase your privacy online, you can also start by practicing password hygiene. Keep in mind these basic recommendations:
Use a different password for each platform or service. The more passwords you have the better!
A strong password will be around 10 characters or more and where possible, you should always include upper case letters, lower case letters, numbers, and symbols
Here’s a great model from xkcd about password strength:
Try to change your passwords on a regular basis (Tip: reset your passwords, then set a reminder on your phone 3 months from that day to change them, repeat).
If you have a lot of passwords, it can be difficult to remember them all. Don’t put your passwords in your cloud (such as Google Drive, Dropbox, or iCloud) in case you get hacked. Instead, make use of online password managers such as 1Password, LastPass and KeePass that create and keep track of highly random high-security passwords for every account you access online. On your mobile phone Take Back the Tech! recommends KeePassDroid.
If your passwords were published, change them on all your websites. Add privacy settings like two-factor authentication.
Check out our Social Media Safety guides here.
✔ Step Two: Search for yourself
Doxing occurs when someone publishes private or identifying information on the internet such as home addresses, phone numbers, or social security numbers. It is a tactic used to make individuals feel unsafe, extort them or make them vulnerable to other attacks such as stalking. Doxxing is easier than ever due to the fact that so much of our information is online. (Learn more about other forms of abuse here) It can be a good practice to search if your personal information is available online
✔ Self-dox yourself.
Check if your information is publicly available online, for example, on “people finder” websites which are open databases that anyone can use to look up an individual’s information.
Here are a few examples of sites that you can check:
You can request to have your information removed from many of these sites. It is generally a good idea to check them every few months to see if your information has been relisted. If this is not a responsibility that you would like to take on yourself and you have the means to do so, you can use a paid service such as Reputation.com which removes your personal information from paid sites, and then monitors them to make sure your information stays erased. You can also ask a friend to do all of this for you as it can be unsettling to see what information on you is out there.
✔ Set up alerts using Google Alerts.
Set up alerts for your full name, as well as any social media handles that you use. Another option is requesting Google to remove information by using this form. (See how to report abuse on social media here). Need help reporting harassment? Click here.
Keep in mind, some harassers will search for your family or friends if they are clearly linked to you, so it is important to alert them so they can take precautions. We recommend sending them a link to this guide.
Evaluate threats and if you feel that you are in immediate danger, call your local emergency number. ie. if your address has been exposed, considering going to a friends house.
✔ Step Three: Improve your Social Media Privacy
✔Avoid sharing identifying information.
One way of reducing your risk of doxing and other forms of intimidation is to limit the personal information you share online. Never share your phone number or address online and avoid sharing details on social media like where you live or where you like to hang out.
Also, be careful about posting information that can be used to figure out your security question answers such as the name of a childhood pet or your maiden name.
✔ Step Four: Be Cautious
✔ Do not open links or attachments from an unknown or suspicious account.
Avoid clicking unverified links or downloading an attachment from an unknown source as this might expose you to malware. One of the most common ways to deceive you is through a tactic known as phishing, which is a type of scam where cybercriminals or harassers impersonate legitimate organizations or services to steal personal information like your passwords or credit card information. For example, you could receive an email where they impersonate Instagram saying that your account will be banned or removed if you don’t enter your username and password. If you follow those steps, your information will be sent to the criminals. To avoid being scammed, always verify the sender and go to the official website
✔ Update your devices and use antivirus protection.
It is key to keep your devices updated because when manufacturers launch regular updates, they usually fix vulnerabilities or bugs that can be used to access your devices or personal information. Also, using antivirus software will alert you if there is an attempt of installing malicious software.
✔ Cover your camera
Your device's camera can be hacked in different ways. You can receive or click illegitimate links that hide malware or malicious code to access your camera. Sometimes devices might have vulnerabilities or bugs that can be exploited by cybercriminals. That is why it is really important to be really cautious with what you open on your device and cover your camera as an extra precaution. Covering your camera is not going to prevent people from accessing it but it is an extra measure you can take to protect yourself. And if Mark Zuckerberg does it, we should probably do the same. Learn more about why you should cover your camera here.
Now that you have tightened your digital privacy, check out our Basic protocol on How to Respond to Online Harassment
Need more help? Want more information? Here are some more online safety resources from:
Take Back the Tech!: A global, collaborative campaign project that highlights the problem of tech-related violence against women, together with research and solutions from different parts of the world.
Speak Up & Stay Safe(r): Guide written by Jaclyn Friedman, Anita Sarkeesian, & Renee Bracey Sherman to empower readers to make informed safety and security decisions that are right for them.
The Crash Override Network Resource Center: Online Abuse Crisis Helpline, resource center, and advocacy group. Staffed by survivors, trying to make the internet a safer place.
A DIY Guide to Feminist Cybersecurity: A DIY Guide to Feminist Cybersecurity written by Noah Kelley & Safe Hub Collective.
TrollBusters: A digital tool to combat online harassment of women.
Violet Blue’s The Smart Girl’s Guide to Privacy: Award-winning author and investigative journalist Violet Blue shows you how women are targeted online and how to keep yourself safe.
Security in-a-Box: Guide to digital security for activists and human rights defenders throughout the world.