Search

In case you have trouble accessing your account and you have checked that you are entering the right password  (mind the CAPS LOCK and keyboard language), you can try resetting your account password. On most platforms and online services this can be done by clicking on the link named “Forgot your password?” or something similar, which is located on the login page.

Follow the instructions on the “Forgot your password” page and make sure that you have access to the email address/phone number you used to create your account. If you don’t have access to this email or phone, you will need to use the recovery (backup) account  if the provider supports that option. Otherwise, you might be left permanently locked out of the account.

Most likely, the service provider will send you a password reset link or code via email or other means of communication, which will enable you to create a new password for your account. From then on, you will use the newly created password to access your account.

Password Recovery account Digital hygiene User account Access recovery

Most platforms and online service providers provide you with an option to set up a recovery or backup contact, usually an email address, a phone number or a set of expendable backup codes. It is very important to set up this option so you don’t get locked out of your account.

In case you can’t access your account and you are not logged in on any other device, use your backup email address or phone to gain access to the original account. Make sure you have access to your backup communication method/account - otherwise you might never be able to access the lost account.

Password Recovery account Digital hygiene User account Account recovery

Another method to gain access to your account is to provide answers to the security questions, in case you enabled that option in your account security settings. However, some providers are leaving the option to implement security questions due to their inefficiency (they can easily be guessed, etc.). Also, people often don’t change the answers to these questions for years or simply forget them because they don’t have a frequent need for them.

However, if you still have a security question as your account backup solution , make sure the answer is kept in a safe place, that it is not some publicly available information or something easy to guess (“What’s your favourite food?” for example).

Password Digital hygiene User account Access recovery

Modern browsers '> (Firefox, Chrome, Edge) have the option to save your passwords, so you don’t have to enter them every time you log in. However, this is not recommended and you should use a separate password management  software such as KeePass, KeePassXC or Bitwarden.

In cases where you cannot log in by typing your password, you should check if your browser saved a password at some point and use it to access your account. It is always advisable to copy and paste the password instead of typing it to avoid errors.

Password Digital hygiene Browser Access recovery

Malware (malicious software) is a general term for software used to interfere with a computer, gather sensitive information, or gain access to a protected information system. This type of software is created and used by cybercriminals and other malicious actors, even governments, to intentionally harm an information system. 

The most recognizable types of malware are computer viruses , but there are other types such as ransomware , trojans , adware, spyware and worms . Each type of malware has its own way of functioning, so the damage caused by each of them is of different degree. 

Despite the fact that there are certain definitions and divisions of malware, the categories cannot be definitively distinguished, so it often happens that one malware performs activities that are characteristic of other types of malware. 

Malware is distributed in a variety of ways. Most users download malware themselves, but as installed programs and devices communicate on the internet in different ways due to their activity, they sometimes have different vulnerabilities that attackers can take advantage of. In most cases, these vulnerabilities are addressed by software and hardware vendors, so it is important to regularly install software and device updates. 

Malware can perform a variety of operations, ranging from redirecting users to fake websites to destabilising the entire system. A special type of malware are keyloggers, which record keyboard strokes and send the records to third parties. Also, there is a type of malware that has the ability to send several thousand emails from an infected computer. Here are some other common types of malware:

• A virus is a type of malware that replicates itself in existing files, programs, and even the operating system  itself. It usually modifies the contents of files or deletes them, which can cause the system to crash if a virus deletes a system file;
• A trojan is a type of malware that, when installed, performs operations that are defined by the attacker, most often deleting or modifying data, but it can often damage the entire system. They usually look like regular and useful installation files, so that is how they got their name;
• Adware (advertising software) is a type of malware that automatically displays advertisements when searching the internet when it infects the system, which brings revenue to the person who created it;
• Spyware (spying software) is a type of malware that collects data from an infected system and passes it on to a third party, usually the one which created it. With this malware, unauthorised persons can gain access to passwords  , personal data, correspondence, etc;
• A worm is a type of malware that replicates itself. This means that if one computer within the system is infected, it is very likely that all computers connected to it will be infected after a certain time. It most often damages the network and the system by slowing down the flow of data in the network. Worms are independent malware, i.e. unlike viruses, they do not have to be linked to an existing program to be transmitted.

Organisations nowadays face one of the biggest security problems and forms of cybercrime, a form of malicious software called ransomware. This form of malware encrypts  files on anything from a single computer all the way up to an entire network, including servers , so that the files cannot be accessed without a decryption key. The attackers then ask for payments in cryptocurrency to provide targets with the decryption key, usually within a short time frame to put more pressure on the targets. 

Some ransomware infections start with clicking on what looks like an innocent attachment that, when opened, downloads the malicious files and begins the encryption process. Larger ransomware campaigns use software exploits and flaws, cracked passwords and other vulnerabilities to gain access to organisational systems using weak points such as internet-facing servers or remote-desktop logins to gain access. The attackers will secretly hunt through the network until they control as much as possible – before encrypting all they can.

Victims of ransomware attack can often be left with few choices; they can either regain access to their encrypted files by paying a ransom to the criminals behind the ransomware, restore files from backups or hope that there is a decryption method freely available.

Small and medium-sized businesses are commonly targeted by ransomware because they tend to have poorer security standards and practices compared to larger corporations.

It is not always easy to recognise malware, as it often happens that users are initially unaware that their device/system is infected. Sometimes malware activity can be noticed due to spontaneous deterioration of system performance. The average user certainly cannot completely remove malware on their own without the use of specific anti-malware software. These programs monitor the system, scan the files downloaded from the internet and email, and if they find any malware, they quarantine it or delete it, depending on the settings. 

However, it is not enough to just install a specific application  that will scan and remove malware - it is also important that users do not install untrusted applications, click on suspicious links, open suspicious emails or visit unreliable websites.

Data backup Digital hygiene Malware Damage Cybercrime Device reset System restore

When making a password , you should make sure that it is unique, i.e. that it is only used for one account or device, long and complex. 

Using the same password for multiple resources is a risk - if one of your accounts is compromised, others using the same password might be as well. 

Having a long password - 10+ or even 20+ characters, the longer the better - makes it harder to crack with brute force attacks. Use of different types of characters and symbols, such as numbers, small and capital letters and special characters (!, ~, *) is strongly encouraged.  

Avoid using online password generators and “how strong is my password” tools - you can’t know who is behind them and where your passwords might end up.

It is also highly recommended to set up multi-factor authentication  on your accounts, if the online service or platform has that option. This creates an additional layer of protection, as an additional step is required to login, usually a one-time code received via SMS or an app such as Google Authenticator.

However, multi-factor authentication (MFA) is not a “silver bullet” solution - people are still susceptible to social engineering attacks, such as phishing scams, and can be persuaded or fatigued to provide the second authentication factor, a one-time code for example. This is why it is important to consider a phishing resistant solution for MFA, such as the use of physical hardware keys.

Multi-factor authentication by default is unfortunately still not an industry standard - there are services which don’t offer it, and for those that do, users still have to navigate through complex security settings in their accounts in order to set it up.

Although any kind of MFA is better than having none, some forms are safer than others. For example, receiving codes via SMS is not reliable due to security flaws in mobile networks and so called “SIM swapping”, i.e. when an attacker gains access to a person’s phone number by tricking their mobile provider’s staff.

However, it should be noted that MFA is not a substitute for regular security training and awareness of threats such as ransomware. It is very important to build a positive, proactive security culture within your organisation with motivating and engaging training - you can improve the digital security on both personal and organisational level if you focus on all three domains of cybersecurity: people, processes, and technology.

Password Authentication Digital hygiene Apps

With so many accounts an average internet user has today, it has become impossible to memorise all passwords and have them be unique, long and complex at the same time. 

That is why you should use applications  called password managers , which securely store your login credentials and protect them with a master password. That way, you only need to remember your master password and you can copy/paste your other credentials directly from the app. Password management software usually has the option to automatically generate a long and complex password, made of randomised characters and symbols.  

Applications commonly used for password management are KeePass, KeePassXC and Bitwarden.

Storing login credentials in browsers '> should be avoided, together with online password managers which are not open source and end-to-end encrypted .

Password Authentication Digital hygiene Apps

There are ways to improve your internet browsing experience and make you safer while you use your favourite online services. Modern internet browsers '> , such as Mozilla Firefox, Brave or Google Chrome, have software widgets (add-ons/extensions) which provide additional options and benefits for your browser. Here are some of the best:

HTTPS Everywhere: this addon forces encrypted communication (HTTPS) when you visit a website if it supports HTTPS  , therefore making your browsing more secure.

Privacy Badger: an extension which enables you to block advertising trackers from third parties on websites you visit.

Facebook Container (Firefox only): it isolates your Facebook identity in a container tab, making it harder for Facebook to track your visits to other websites with third-party cookies.

uBlock Origin: a resource-friendly multi-purpose blocking extension designed to block ads, tracking and malware domains .

Digital hygiene Browser Encryption

The internet commonly provides a false sense of anonymity, whereas there is only pseudo-anonymity for most users. Pretty much everyone is identifiable online by their IP address , a unique identifier assigned to you by your internet service provider (ISP).

However, there are tools which can help you mask your actual IP address and provide an additional layer of protection for your online identity. This can be achieved with the use of Tor Browser or Virtual Private Network (VPN)  services.

Tor Browser is a free and open source software customised to work with the Tor network, based upon Mozilla Firefox, which encrypts  your browsing traffic and gives you a new identity, i.e. a new IP address. It is also particularly useful for accessing blocked websites on your network. There are some drawbacks however, as the Tor network provides generally slow internet speeds and users’ identity can be exposed if they do not use Tor Browser properly.

Virtual Private Network (VPN) is a service which enables users to connect to the public internet through a private network, providing an additional encrypted layer of privacy and masking the users’ actual IP address. There are many VPN providers, but users should still take note and be aware of possible security aspects such as:

• Jurisdiction, i.e. in which country is the company providing VPN services based. Countries which are members of the “Five Eyes” mass surveillance alliance (USA, UK, Canada, New Zealand, Australia) should generally be avoided;
• No logs policy, meaning that the VPN provider doesn’t log your internet traffic made through their network;
• Regularly performed independent security audits, which are usually documented on the VPN provider’s website;
• Price - some VPN services are quite expensive, but you should be vary of “completely free” VPN apps , as their business model is almost certainly based on tracking users. However, some paid-service providers  offer free plans with limited possibilities, such as lower speeds and a smaller number of servers .

IP Address Digital hygiene Browser Apps Encryption Data leaks Safety

No matter what you do online, you should always try to follow general good security practices:

• Be very careful with your personal data;
• Respect the privacy of others on the internet;
• Only download files and install software from known and trusted sources;
• Regularly update all software and operating system  of your devices to reduce the risk of attacks;
• Create unique and complex passwords and securely store them in password managers  ;
• Enable multi-level authentication  for your online accounts wherever possible;
• Use an anti-virus/anti-malware software;
• Encrypt everything you can encrypt;
• If you use a public computer, try not to leave any traces  behind;
• If your USB flash drive was in a public or unprotected computer, be sure to scan it with anti-virus/anti-malware software before using it again. It is generally recommended that portable devices, e.g. USB flash drives or external hard drives, are scanned each time they are connected to a computer;
• Take into account the risks that your every action on the internet implies, privacy does not mean less responsibility;
• At least quickly read through the Terms of Use/Service before clicking "I accept".

Digital hygiene Phone/Tablet Data leaks Safety Computer/Laptop

Habits are hard to change, but you should try your best to avoid these bad security practices:

• Never send passwords , personal data or financial information via plain text email;
• Do not access networks or other systems for which you do not have authorisation, even if you have somehow obtained certain login credentials (username, password). This does not mean that you have been authorised to use them;
• Do not install suspicious add-ons and software updates;
• Don't click on suspicious links you received via email, no matter how interesting the message may seem;
• Avoid using public or unprotected computers;
• Avoid using other people's mobile devices;
• Don’t write your passwords on a post-it. Seriously, don't!
• Don’t put the names or dates of birth of people close to you as passwords;
• Don’t leave your devices unattended and unlocked;
• Don’t ignore suspicious activities - sometimes it’s better to be paranoid;
• Do not use pirated software. If you do not want to pay for software, look for a free and open source  alternative;
• Don't live in your comfort zone. Sometimes it is worth investing a little time and effort and learning the basics of how to be safe on the internet.

Digital hygiene Phone/Tablet Data leaks Safety Computer/Laptop

Encryption is the process of protecting data with a complex cipher, scrambling it so that it can only be accessed (decrypted) with a password or key, sometimes requiring an additional authentication factor, e.g. a digital certificate  . Encrypting hard drives and removable devices, such as USB drives, is especially recommended for people working with confidential information, primarily journalists and human rights activists.

VeraCrypt is a multi-platform (Windows, Linux, MacOS X) free and open source  disk encryption software with advanced capabilities. It can be used to encrypt only specific files, whole hard disk partitions, removable drives, as well as a partition or drive where Windows is installed (pre-boot authentication).

Cryptomator enables you to encrypt your cloud storage files for services such as Dropbox or Google Drive. Files are encrypted within a secure vault which is then stored with cloud service providers, which cannot access the data. Cryptomator is open source and available for Windows, Linux, MacOS X and mobile platforms (iOS, Android).

Digital hygiene Apps Encryption Data leaks Cloud

Similar to hard drives and removable disks, communication channels can also be encrypted by protecting data with a complex cipher so that communication can only be accessed (decrypted) with a password or key. Of course, for journalists and human rights activists encryption is a key component of ensuring secure communication with confidential sources. This can be done in a variety of ways. 

Emails can be encrypted using PGP (Pretty Good Privacy), which is based on public key cryptography. You need to generate a key pair - a public key which you share with others and a private key which you keep secret - in order to exchange encrypted emails with correspondents. 

If you use an email provider like Gmail or Outlook, you can encrypt your communication using Thunderbird, an open source email client with built-in OpenPGP capabilities, or by using the Mailvelope browser extension  which works with popular webmail services. 

However, there are email providers, such as ProtonMail or Tutanota, which encrypt your messages automatically when they are sent between their users, and also provide ways to send encrypted emails to those using other providers. 

A free and open source chat app that provides end-to-end encryption  by default is Signal. It is available for iOS and Android, as well as a desktop app. It provides a wide range of security options, such as self-destructing messages, PIN protection or encrypted video calls. Another app with a variety of options you can also use is Telegram, where Secret Chats need to be enabled for end-to-end encryption.

Digital hygiene Apps Encryption

Access to applications and data that are physically located in the system (organisation, editorial office) is possible, with appropriate permissions, from any computer in the world. In this way, work is significantly facilitated, shortens the time required for data processing and enables participation in the field work process. 

From a security point of view, teleworking has serious drawbacks. Establishing a connection between the network or server in the system and the external computer opens the possibility for MitM (Man in the Middle) attacks. MitM [MitM] is a type of technical attack in which the client and server are not necessarily at risk, but the attacker uses connection flaws to access their communication and commit data theft. 

A secure way to work remotely is to connect via VPN (Virtual Private Network). It is a service of creating a separate tunnel between two computers on the public network, which is specially encrypted for protection. Of the several types of virtual private networks, the safest is to use the so-called TSL (Transport Layer Security Protocol). One of the best VPN implementation software at the organisational level is OpenVPN. 

Alternatively, non-profit organisations can opt to use G Suite, i.e. Google’s productivity package which includes several popular tools and products (Gmail, Google Drive, Google Calendar, etc.). However, it should be noted that Google’s business model is based on user profiling and analysis of personal data collected from its users.

IP Address Digital hygiene Encryption

Conventional deletion of data from a device is not an effective solution for permanent deletion, because there are ways to recover deleted data with the help of special software. The solution to this are programs that use complex algorithms for decomposing data into a digital “mash” that can no longer be returned to its original form. Eraser is a free Windows application [APLICATION] that can completely remove data from hard drives by overwriting it several times with carefully selected patterns.

As for optical disks (CDs, DVDs), the most elegant way to permanently destroy them is to use a special shredder that can destroy disks in addition to paper. Methods for physically destroying hard drives that can be found online, where the drive is acidified or burned, are extremely dangerous. Hard drives contain various types of harmful chemicals, which can cause toxic and flammable fumes.

If old equipment is ready for sale or a hard drive is destined for disposal, it will require deep cleaning, even if it is broken. The software that does this very efficiently is Darik’s Boot and Nuke. Good practice suggests that when disposing of old equipment - after special software has performed deep cleaning of the disks - the equipment is disassembled to destroy the ports and break the pins on the connectors.

Digital hygiene Apps Data leaks

According to the most general classification, technical attacks can be carried out either without direct access to the server or with the need of access to the server. In the first group are mostly incidents whose most important goal is to prevent access to the content of the site. 

There are several ways to crash a server, and the most commonly used is a DDoS (Distributed Denial of Service) attack. This means that a huge number of devices simultaneously send access requests to the attacked server, which cannot answer all the queries and simply stops working. After the attack stops, in most cases the server and the site work normally. 

Ransomware is a form of malware which encrypts files on anything from a single computer all the way up to an entire network, including servers, so that the files cannot be accessed without a decryption key. The attackers then ask for payments in cryptocurrency to provide targets with the decryption key, usually within a short time frame to put more pressure on the targets. 

Phishing is focused on exploiting the lack of knowledge or gullibility of the target and is mostly done by email. It is usually used for various scams, such as the famed “Nigerian Prince”, infecting devices with malware or gaining access to sensitive information, such as financial data or login credentials. Potential targets are sent a fraudulent message which is made to look authentic and as if it was coming from someone from the position of authority, such as a bank or police. The recipient is then asked in the email to open the attached file or click on a link in order to do something very important, e.g. to update bank account information or review a received payment. 

Interception of communication (voice, video, text chats, internet traffic) is also a risk, as there are actors such as intelligence agencies and criminals with advanced capabilities and resources to conduct surveillance of unencrypted communications channels. Issues such as government hacking are becoming increasingly dangerous for citizens’ communications privacy due to the growing surveillance industry, which keeps developing and selling one advanced product after the next.

Code injection is a more sophisticated type of attack, when malicious code is inserted through some open form of the site or through a URL. The goal of the attack is to instigate the database or other part of the site to perform operations that have no visible result, but occupy the server's resources until they flood it with activities, thus shutting it down. In some cases, after these attacks, the site becomes unusable, so the content is restored with the last saved copy . Regular backup of the site is rightly considered an elementary security procedure. 

Trojans that enter the system through social engineering are first on the list when it comes to the number of some types of attacks. Users usually pick up the infection on obscure websites where they recklessly accept the warning that they are “infected” and activate a fake antivirus. In this way, millions of hacking attacks are carried out each year, which puts the trojans in an unsurpassed advantage over other hacker attacks. The best protection against this type of attack is education and information about modern forms of threats. In organisations, this problem is somehow solved by filtering sites that can be accessed from a computer in the local network. 

Computer worms are malicious programs that multiply themselves, using computer networks to transmit to other computers, usually without human intervention. They can arrive as an email attachment and their operation is enabled by security vulnerabilities in the operating system. The best protection against worm attacks are antivirus software and quality passwords [PASSWORS]. Other good methods are firewalls, not opening suspicious emails and regular software updates.

Online harassment includes many forms of abuse, such as impersonation (i.e. someone making a fake social media or email account with your personal data), smear campaigns, hate speech, threats, cyberstalking, etc. When such incidents occur, it is best to report and block the accounts in question and gather any digital evidence to be used for potentially filing a criminal complaint: relevant links or URL addresses, screenshots  of profiles and messages, phone/app  call logs and similar. 

Attacks that require access to a server are mostly complex and more serious. They are aimed at stealing data, altering content, placing fake content and disabling access to content. These attacks are complex because the attacker must break through all the security measures set on the server in order to reach certain passwords, access codes and the like. They also require greater expertise of the attacker.

Server DDos Digital hygiene Malware Harassment Cybercrime

The task of each CERT is to monitor and analyse threats to the security of ICT systems  , provide assistance in identifying threats and preventing attacks, empower actors for adequate responses to attacks, provide legal assistance in processing cyber incidents [CYBER-CRIME] , maintain communication with relevant institutions and more. 

In order for a CERT to successfully implement its activities, it is necessary to establish a catalog of services. If the services, vision, mission and goals are clearly and precisely defined, the basic framework of business and development of CERT is established. These are, as a rule, among other things, coordination of information, monitoring of intrusion detection systems, analysis of potential threats and attacks on the security of ICT systems, recovery of the system from the consequences of attacks. The basic services of CERTs include the proposal and implementation of protection measures, reporting, analysis and technical support. They can be described in more detail in the light of their four basic processes: triage, resolution, issuing notices and giving feedback to users.

The triage process is the basic point of contact and involves accepting, collecting, sorting and forwarding the information obtained. When the CERT triage team receives some information or a problem report, a confirmation is sent to the sender that the message has been received, and then the information is sorted, prioritized, a unique identifier is added, and forwarded to other processes within the implemented services.

The incident resolution process involves analysing reported security incidents or threats and responding to them. During the analysis, the cause is determined, the evidence is analysed, it is determined who is involved in the incident, as well as what kind of support and to what extent is needed. What the response will be depends on CERT's missions, goals and definitions of services, but also on the priorities set.

The notification process is a notification in different formats, such as: announcements,  warnings, advice, short notices, guidelines, technical procedures. The primary purpose of issuing a notification is to provide information to users that will help them protect their systems or to find traces of a potential attack by providing information about possible, ongoing, or recent threats. Additionally, methods for preventing, detecting, or recovering from incidents are suggested.

The feedback process is communication with users and entities, either on request or in a regular form (e.g. in the form of a report).

The information management process covers all 4 mentioned phases and is a very important part of the basic process. Information needs to be collected and recorded, then verified, categorised and finally stored. Some information may also be published, to provide guidance or support to stakeholders, but throughout the process the security of all information within the CERT organisation must be at the highest level. 

In addition, the cooperation process involves all types of interactions that CERT has with other entities. It is desirable to regularly maintain existing and establish new contacts with local and regional partners and clients, as well as to create adequate databases. However, information is exchanged during all four basic processes, so it is important to choose partner organisations carefully in order to preserve the integrity, confidentiality and availability of data. 

In addition to national CERTs that comprehensively deal with security incidents in ICT systems at the national level, there are a large number of special CERTs around the world, focused on improving information security within one sector, group of entities, and even within just one company. Given the complexity and specificity of a particular community or group of entities (academic institutions, banks, etc.) or the confidential nature of information managed by companies, special CERTs with their highly specialised experts are certainly the most competent address for protection against cyber incidents and establishing preventive measures.

Digital hygiene CERT

Targeted assaults, lasting any amount of time, at a high intensity, that cause harm, intentionally exploiting vulnerabilities. Harassment is an attack on human dignity, reputation and privacy, with the goal of silencing and/or curtailing the target’s digital participation.

This is an umbrella term that covers different acts: from sexually explicit threats to varying degrees of privacy invasion. 

The structure of the digital ecosystem means that attacks may come from one person and via one platform, but spread via additional perpetrators/platforms as a cyber mob attack. Online harassment, as we see it on one platform, is often much more widely disseminated, and therefore, potentially more impactful.

It is of utmost importance to recognize that a person targeted with online abuse is in no way to blame: there is no excuse for violence. If you are targeted with any type of digital violence, we urge you to seek support from your support networks - primarily friends, family, that can understand you and your feelings. Take time away from spaces where you’re experiencing the harassment, and ask people you trust to check on your accounts, emails and update you about the status of attack, or help you collect digital evidence .

In the case of cyber-mob harassment - potentially a huge volume of messaging, across multiple platforms and channels of communication - emotional support and practical help from friends and family is a key element of regaining a sense of safety.

The most effective prevention mechanisms are those grounded in a holistic approach to safety, including physical, mental and digital (with a crucial focus on consistent digital hygiene). Until digital hygiene and holistic principles of safety do not become a routine, it is crucial to continually undertake processes of risk assessment, such as to evaluate a potential offence - when it happened, why and from whom? If possible, you can request from your employer to connect you with a therapist, legal council or court representation if needed.

There is always the option of abstaining from social media for a certain period of time, but given our reliance on these platforms, this is a strategy that is much easier said than done. Try instead to limit the time you spend on these platforms and interact with people you trust in closed group settings. The most important thing is to take care of yourself, and acknowledge your feelings, even if it means allowing yourself a few days to lie in bed under the blankets, doing nothing.

When you feel ready, you can work on improving your digital security and hygiene. Check DIY online safety guide and ZEN  and the art of making tech work for you. If you are a journalist check also this Totem course on online protection. If you want to learn more OnLine sos  is an excellent place to start as well as Feminist frequency, a detailed overview of different self-help mechanisms. 

Digital evidence Digital hygiene Safety Support Sexual Harassment Pornography Fear Employer

Revenge porn is defined as posting sexually explicit content without consent, with the intent of humiliation, shame or blackmail. Revenge porn is a violation of  privacy and can result in extreme emotional trauma. 
 

Even if the content was consensually created, consent must also explicitly be given for online posting or distribution. 

Regardless of the medium (video recording, pictures, or gif) - the act of posting non-consensual content alone can be considered revenge porn as a person targeted with online abuse is in no way to blame: there is no excuse for violence. If you are targeted with any type of digital violence, we urge you to seek support from your support networks - primarily friends, family, that can understand you and your feelings. Take time away from spaces where you’re experiencing the harassment, and ask people you trust to check on your accounts, emails and update you about the status of attack, or help you collect digital evidence  .

A journalist from Azerbaijan was secretly filmed engaging in sexual intercouse in her own home. This video was later leaked to the media and widely posted online. The European Court of Human Rights later determined that the journalist’s right to privacy and freedom of expression were violated. It was the first case of its kind that clearly established a link between privacy and freedom of expression.

Digital evidence Digital hygiene Reputation Safety Support Sexual Harassment Pornography Fear

Hyper-realistic software-manipulated video or audio content, falsely depicting the target’s behavior or speech with the goal of damaging the target’s reputation, degradation of dignity.

Development of Artificial Intelligence (AI) has enabled manipulation that can perfectly mimic reality. This has serious and terrifying implications for the future of fake news and disinformation, as fake content will be more and more difficult to identify.
 

Among other consequences, the spread of fake news has undermined public trust in professional journalism, and it remains to be seen how the media and broader society will cope with  hyper-realistic disinformation. 

https://www.forbes.com/sites/chenxiwang/2019/11/01/deepfakes-revenge-porn-and-the-impact-on-women/?sh=45ed6ff1f53f

Digital hygiene Damage Reputation Tactic

The process of diligently and continually following someone’s activity online. The designation of stalking can be applied whether or not the stalker or target knows one another in person. 

Digital traces, data and other markers of our participation that show up on social media platforms and other websites have made stalking in the digital space a much easier task. As much as in the physical world, consequences on the targeted individual can vary, but could include an increased sense of insecurity, fear and the perception of an invasion of privacy.

Many women and LGBTQI folks are targeted with this kind of emotional and mental violence online. Even if it never leaves the digital space, stalking can cause feelings of helplessness and the loss of control in one’s private life. More serious cases can result in an overwhelming feeling that the stalker is ever present: everywhere at every moment.

It is of utmost importance to recognize that a person targeted with online abuse is in no way to blame: there is no excuse for violence. If you are targeted with any type of digital violence, we urge you to seek support from your support networks - primarily friends, family, that can understand you and your feelings. Take time away from spaces where you’re experiencing the harassment, and ask people you trust to check on your accounts, emails and update you about the status of attack, or help you collect digital evidence .

The most important thing is to take care of yourself, and acknowledge your feelings, even if it means allowing yourself a few days to lie in bed under the blankets, doing nothing. There is always the option of abstaining from social media for a certain period of time, but given our reliance on these platforms, this is a strategy that is much easier said than done. Try instead to limit the time you spend on these platforms and interact with people you trust in closed group settings.

Also, you can work on advancing your digitlal safety - check for example DIY online safety guide or ZEN complete manual and the art of making tech work for you. 

Digital evidence Digital hygiene Safety Sexual Harassment Fear

Identity manipulation or misuse of personal data is a serious threat with potentially far-reaching consequences.

There are different forms of identity manipulation and fraud utilising unlawful collection of data, including data leaking, and database hacks, and information dumps, for example. 

The most common reasons for identity manipulation include theft, misrepresentation and cover-up of criminal activity.

Digital evidence Digital hygiene Damage Reputation Identity

Endangering of physical and emotional safety and wellbeing by calling for violence against a particular person or group of people, including threats of rape and other forms of gender-based violence.

 

It happens all too often that online threats result in real-world physical violence against a person, group or damage to material goods or spaces. Moreover these physical attacks may not come from the same person making online threats. Rather online threats can inspire and encourage others to commit physical violence. 
 

Social media users in the Balkans, a significant problem is making threats, hate speech and calls for direct violence against refugees from Africa and the Middle East. During one such incident in Belgrade, live-streamed via Facebook, a young man crashed his car into a migrant center in the suburbs.

There are certain measures you can undertake to decrease the risk, for example you can advance your digital hygiene . See for example DIY online safety guide or ZEN - complete manual and the art of making technology work for you.

Digital evidence Digital hygiene Safety Sexual Harassment Fear

Intentional optimization of inaccurate and malicious information on internet search engines (i.e. Google), with the objective of causing damage to the target’s dignity and reputation.

 

Search result indexing can be manipulated using large-scale, coordinated search requests containing inaccurate or malicious information. These search requests and results are up-ranked so that they are the first visible option when the target is searched.  
 

The wife of a former German President filed charges against Google in 2012, claiming the company’s search algorithm resulted in the broad dissemination of  information about her past as a sex worker.

 

Digital hygiene Browser Damage Reputation

Publicly disclosing personal information about a target, such as home address, familial status, bank and credit card details, date of birth etc. This information can be posted on one or many different platforms, in comment sections, or via video or text. 

The infraction of doxxing does not require that the published information be utilized with consequence to the target. The simple act of making sensitive information - the spread of which could have repercussions on the person whose information has been published -public, sends a clear message of intimidation and harassment. 

It is important to report online violence to social media platforms as there is  always the chance that the data is removed and/or the perpetrator blocked  . It is important to report abusive content as a method of documentation and evidence for police investigations and court cases - and there is always the chance that the content is removed and/or the perpetrator blocked. If needed, ask family and friends to take over reporting and communication with the platforms.

The most important thing is to take care of yourself, and acknowledge your feelings, even if it means allowing yourself a few days to lie in bed under the blankets, doing nothing.

There is always the option of abstaining from social media for a certain period of time, but given our reliance on these platforms, this is a strategy that is much easier said than done. Try instead to limit the time you spend on these platforms and interact with people you trust in closed group settings.

If you are a female journalist, there is an initiative “Female Journalists against violence”, which offers support and help rooted in the empathy, trust and mutual learning.

Check aslo OnLine SoS to learn more about additional means of protection.

Digital evidence Digital hygiene Harassment Reputation Safety Sexual Harassment Journalists Identity

Friends, family, partners, colleagues, employers, and even witnesses to the abuse, can be  targeted in the same or similar way as the original target. 

In this way, the perpetrator destroys or attempts to undermine existing networks of support. The result is that the original target is exposed to additional harassment, guilt for the abuse now being levied against friends and family, and further feelings of isolation and anxiety. 

During an assault and in the aftermath, persons suffering violence often turn to their friends and family and spaces where they can talk openly about their experience and find support. As important as the support of family and friends can be, sometimes, even well-meaning advice can place blame for the harassment back onto the target. Remember that the perpetrator alone is responsible for abuse. Your friends and family can also help you to document and monitor  online abuse and to maintain an overview of your social media profile and online communication channels.

Learn more about support, risk assessment and other support mechanisms: here.

It often happens that supporters and bystanders who defend the primary target, in many cases journalists and activists, are involved in an organized attack together or individually.

Digital evidence Digital hygiene Harassment Safety Sexual Harassment Pressure

Having 2-step authentication  turned on for all of your accounts is an essential security practice. However, in case the verification method you set up (phone number, app) is not working or has changed, you should try accessing the account from a trusted device . Many service providers offer the option (usually just a checkbox on the 2-step page) to mark a device as trusted so you wouldn’t have to enter 2-step security codes each time you log in on that specific device, such as your home computer. 

Make sure that only personal devices (computers, tablets, phones) you use regularly are marked as trusted and never use this feature on public or someone else’s devices. 

Authentication Digital hygiene Phone/Tablet Apps Computer/Laptop

If you believe that your device might be stolen, as a precautionary measure it is good to change all the passwords  to your accounts which are logged in. It is also advisable to use a trusted device  to logout from all sessions on the lost device.

Changing all of your passwords is much easier and safer with the help of specialised applications called password managers  . These apps [APPLICATION] securely store your login credentials and protect them with a master password. That way, you only need to remember your master password and you can copy/paste your other credentials directly from the app. Password management software usually has the option to automatically generate a long and complex password, made of randomised characters and symbols. Applications commonly used for password management are KeePass, KeePassXC and Bitwarden.

Password Digital hygiene Phone/Tablet Apps Location Computer/Laptop

If resetting your device to factory settings  did not resolve the issues you experienced, it might be best to take the device to a repair shop. Before you do this, it is important to backup  any data on your device and also make sure to protect your device, sensitive files and apps with a password or a PIN.

Before choosing a specific repair shop, do a simple online search and try to find the ones with the best online reviews and positive comments.

Password Data backup Digital hygiene Phone/Tablet Computer/Laptop Device reset

Targeted assaults, lasting any amount of time, at a high intensity, that cause harm, intentionally exploiting vulnerabilities. Harassment is an attack on human dignity, reputation and privacy, with the goal of silencing and/or curtailing the target’s digital participation.

Password Authentication Recovery account Digital hygiene Phone/Tablet Encryption Malware Location Report to platform Block user Safety Support Sexual Harassment Computer/Laptop Criminal charges

Because harassment comes in many shapes and forms, it can be reported as a number of different criminal offenses. 

Sexual harassment (art. 182b of the Criminal code) explicitly mentions verbal forms of assaults, but necessitates the filing of a motion to initiate criminal proceedings with the Public prosecutor. In other words, you must inform the police and the Public prosecutor - a standard procedure - as well as file a motion to initiate the proceedings. 

ADVICE: File the motion. The courts are a crucial component of protection against harassment. 

Endangering safety, one of the many consequences of harassment, under art. 138 of the Criminal Code, provides another legal basis for protection. In this case, public prosecutors and police are mandated to follow up, investigate and responsible for protection. As the filing party, you are responsible for collecting evidence needed for filing the criminal charges. This option is  especially relevant for (female) journalists.

ADVICE: Explain in detail how, why and when you feel unsafe, and detail your concern for the safety of your family and loved ones. These details could be the key to success when it comes to court proceedings.

Password Authentication Recovery account Digital hygiene Phone/Tablet Encryption Malware Location Report to platform Block user Safety Support Sexual Harassment Computer/Laptop Criminal charges

There is always an inherent risk that online harassment will transition to the physical world. For this reason, physical safety is a crucial precondition for any other form of meaningful protection. In terms of mental protection, sometimes it is helpful to take a break or minimize time spent on social media platforms, or those platforms of communication where you are targeted with harassment. Talking to friends, family, partners and colleagues about harassment can also be helpful in creating a system of support. 

Blocking  , filtering and reporting options on social media platforms can often serve as a helpful tool for documenting harassment. 

The DeleteMe tool can help find and remove your personal information from some websites. 

Reaching out for support professional associations and support groups is another method for dealing with harassment. 

Several investigative journalists and their networks track down perpetrators of online harassment by analysing their digital footprint. This has been an effective mechanism for not only the identification of perpetrators, but also exposing them and their crimes to public scrutiny. 

In Serbia, female journalists can find support through the initiative “Female Journalists against violence”, and dozens of other feminist organizations that offer services for individuals targeted with violence, including online.

 If you ever feel that the online violence you’re experiencing, might transition into the physical world, call the police → immediately. 

Password Authentication Recovery account Digital hygiene Phone/Tablet Encryption Malware Location Report to platform Block user Safety Support Sexual Harassment Computer/Laptop Criminal charges

Revenge porn is defined as posting sexually explicit content without consent, with the intent of humiliation, shame or blackmail. Revenge porn is a violation of  privacy and can result in extreme emotional trauma. 

Revenge porn is a serious form of assault, and as such, it is crucial that instances are reported to the police and the public prosecutor. There are several criminal acts that can be used as a legal basis to prosecute the posting of revenge porn. 

Sexual harassment (art. 182b of the Criminal Code):  filing a motion for the initiation of proceedings is a precondition to start the procedure. This means that you must inform the police and the public prosecutor - a standard procedure - as well as file a motion to initiate the proceedings. 

ADVICE: File the motion. The courts are a crucial component of protection against revenge porn.

Unauthorised wiretapping and recording (art.143 of the Criminal Code ), unauthorised taking of photos (art. 144), unauthorised publishing and presentation of another’s texts, portraits, and recordings (art.145 of the Criminal Code ), are other charges that refer to illegal recordings, and could be utilized to prosecute cases in which video was made without consent, even if it was not posted online.  These procedures carry private criminal charges, which means that you, the filing party,  must present the identity of the perpetrator, and as many details and as much evidence as you can (for example, where the recordings are stored, where the camera could have been placed during the recording, etc.). 

Your physical safety is the highest priority when it comes to protection.

If your harasser intentionally positions themself in your physical vicinity, you can request a court issued emergency restraining order. 

Document any and all recordings, comments, threats and other forms of harassment as crucial evidence for initiating protection mechanisms and/or court proceedings.

Seek support from CSOs, women’s support networks, and others who can help you choose the best way to protect yourself. 

Report any and all recordings, comments, threats and other forms of harassment to the platforms where they have been posted, and find out more about take down procedures on  Facebook and other platforms. 

And don’t forget, even if you originally gave your consent to be filmed, this does not imply consent for sharing that content. You are not to blame for being targeted with this type of assault.

 If you ever feel that the online violence you’re experiencing, might transition into the physical world, call the police → immediately. 

Password Authentication Recovery account Digital hygiene Phone/Tablet Encryption Location Report to platform Reputation Safety Support Sexual Harassment Pornography Computer/Laptop Criminal charges

It would be nearly impossible to exhaustively list the ways in which someone can put pressure on and threaten freedom of expression. Those who have been targeted with online pressure or abuse will undoubtedly feel its consequences.

For the broader public, we can see these threats everywhere - from commenting threads, social media platforms, and increasing hate speech and intentional defamation. 

It has been nearly impossible to legally qualify the idea of ‘pressure’ as it is perceived, as it rarely meets legal thresholds for prosecution. However, this type of assault, in targeting journalists and activists, causes serious distortions in and manipulates public debate and decision making. Taken as a threat to freedom of expression as a whole, ‘pressure’ can reach a legal threshold, but the legal system is unable to effectively address the problem as it can provide only individual, and not collective, protections.

Independent State bodies, such as the Ombudsperson for the Protection of Citizens’ Rights can carry out investigations and issue public warnings to government officials or other public figures who put pressure on journalists and/or single them out through targeted assaults.
 

Digital hygiene Encryption Tactic Support Journalists Media

Intentional optimization of inaccurate and malicious information on internet search engines (i.e. Google), with the objective of causing damage to the target’s dignity and reputation.

The criminal justice system does not explicitly prohibit this or identify it as a criminal act. From a technical viewpoint, Google bombing does not imply the misuse or manipulation of personal data. Rather it is seen as a misuse of the (Google) search engine. In certain cases, this type of assault can be prosecuted via Unauthorised Access to Computer, Computer Network or Electronic Data Processing (art.302 of the Criminal Code ). In this case, criminal charges, together with collected evidence  (screenshot  of the search results, analysis of the search optimization,etc), should be filed with the police.

For harm suffered in the form of damage to reputation and dignity, compensation may be claimed through civil legal proceedings initiated via a lawsuit. Before initiating this type of lawsuit, the identity of the perpetrator as well as evidence substantiating the claim of identity manipulation and resulting harm must be provided.

Because tools to modify search engine algorithms are widely available, almost anyone can alter search results. For this reason it is quite difficult to prevent or protect yourself from Google bombing.

Google has developed an extension for their search engine - Google Meet Bomb Guard that allows users to block all uninvited participants and generic gmail accounts from organized Google Meet groups.

Take a look at other available search engine extensions  that can help prevent this type of assault. 

Digital evidence Digital hygiene Browser Damage Report to platform Reputation

Publicly disclosing personal information about a target, such as home address, familial status, bank and credit card details, date of birth etc. This information can be posted on one or many different platforms, in comment sections, or via video or text. 

Regardless whether or not disclosed data is utilised for harassment, the unauthorized posting of data alone, qualifies as doxxing, and is viewed as a type of online attack. As is often the case, when doxxing creates an imminent danger to safety, art. 138 of the Criminal Code - Endangering safety - could provide legal protection. In this case, public prosecutors and police are mandated to follow up, investigate and responsible for protection. As the filing party, you are responsible for collecting evidence  needed for filing the criminal charges. This charge provides stricter sanctions if the target is a (female) journalist.

ADVICE: Explain in detail how, why and when you feel unsafe, and detail your concern for the safety of your family and loved ones. These details could be the key to success when it comes to court proceedings.

Art. 146 of the Criminal Code, Unauthorised Collection of Personal Data, which prohibits the collection, publication and use of data for purposes “other than those for which they are intended”, could provide the basis for legal protection. 

Document every instance and location in which your personal data was posted, and file this evidence with the police.

Immediately report doxxing and any other unauthorised publication of personal data to the websites or platforms where it was posted, and to the police. 

Follow-up on your report to better ensure they respond.  Immediate action is key to prevent further distribution of your personal information online.

Turn off location tracking options on your phone, Google maps, and other applications that collect your sensitive data (location, key address, etc). 

Put strict privacy controls on your social media profiles, and two-step authentication  systems for all website logins storing your sensitive data. 

Talk to the people you trust - colleagues, friends, employers. Urge the police to alert the platform to remove your personal data, and use website and platform reporting mechanisms. 
Deleteme is a tool that can help find and remove sensitive data online.

If you ever feel that the online violence you’re experiencing, might transition into the physical world, call the police → immediately. 

Digital evidence Password Recovery account Digital hygiene Phone/Tablet Location Report to platform Data leaks Reputation Safety Sexual Harassment Identity User account Computer/Laptop Criminal charges