For Organisations Supporting Domestic Abuse Victims
We want to make sure that domestic abuse victims receive the most accurate and up to date advice to help protect their online accounts and devices from further abuse and stalking both inside and outside of their abusive relationship. This guidance has been based on the training package we deliver to organisations and charities that help domestic abuse victims on a daily basis.
If you would like to receive further training around this topic, please email us at firstname.lastname@example.org.
Build Your Understanding
In order to protect domestic abuse victims online, you need to ascertain what online accounts they have (social media, email, online banking, shopping, etc.) and what devices they have (laptops, computers, tablets, smart phones, smart devices, Alexa, Ring doorbell, etc.). You can achieve this by performing a device and online account audit with them and then start to look at measures that can be put in place. Download our account and device checklist that you can go through with the victim. Once you have completed this and are unsure what advice to give next, you can download our 10 Step Guide to Securing a Victim.
During the Relationship
If the victim is still in a relationship, you need to be aware that the perpetrator could be monitoring their online accounts and devices so any advice needs to be delivered in a safe environment. You need to make sure that if you fill out the device and account checklist with the victim, they do not save the document on a device that the perpetrator has access to.
Any cyber security measures put in place whilst the victim is still in the relationship may result in an escalation of abuse and as such need to be implemented in a way that will safeguard the victim.
Outside of the Relationship
If the victim is now out of the relationship, perpetrators may exploit digital technology to continue to exert control over the victim. However, if the victim is no longer living with or in contact with their abuser, there is a reduced risk of direct harm if the victim implements strong cyber security measures.
If you have concerns about a victim of domestic abuse and/or need to report further abuse, this can be reported via 101 or online. If you are concerned they have been a victim of domestic related cybercrime, follow our Guidance on Reporting Cybercrime.
If any person is at risk of immediate harm, always contact the Police on 999
NCSC Topic Guides
The National Cyber Security Centre has produced a number of topic specific guides which you can download from the links below:
- Key Points
- AirTags & Bluetooth Trackers
- Bank Accounts
- Video Calling
- App Protection and Settings
- Safeguarding Devices
- New & Second-Hand Devices
- Phone numbers, home Wi-Fi and public Wi-Fi
- Internet of Things & Smart Devices
- Getting Help
All online accounts need to be secured with a strong password. If there is a risk that the abuser can access or guess their passwords, they need to be changed as soon as possible. The victim can create a strong, memorable password by creating a passphrase using 3 random words. They can then use special characters and numbers to make it stronger, see the example below.
LondonBeachMusic > 5LondonBeachMusic9@
If they struggle to remember lots of passwords, they can consider using a password manager, where you can keep all of your passwords in one place. If the victim does want to use a password manager it is worth searching online for the best password managers on the market and decide whether they would like a free or paid for version.
We have more detailed guidance on how to deal with passwords.
They also need to make sure that you protect your password manager with a strong password and 2FA. Two-factor authentication (2FA) needs to be set up wherever possible. We have more detailed guidance on the importance and use of 2FA.
On their email accounts, they need to beware of any suspicious emails. Don’t click on any suspicious links or attachments within these or provide any personal/financial information. Remember you can now report all phishing emails by forwarding them to: email@example.com. You can also forward suspicious texts to 7726. Reports are used to take action to protect others by, for example, taking down the websites associated with phishing.
Cloud/ Shared Accounts
Online accounts should not be shared if possible as this will give the abuser access to all of the victim’s data on that account, which can be misused. There is also the risk that the abuser could log the other party out of their accounts and restrict access. This also risks losing any important documents or photos stored in the cloud.
You can remove any associated accounts and devices of the abuser from the account, or create a new account and move all content across to that new account. It may also be worth the victim investing in a USB stick that they can conceal easily to keep all of their most important documents and photos on, in case there is a risk of the perpetrator deleting everything. This USB must be safely stored as losing it could expose personal data.
Online bank accounts are an important online account where perpetrators can exert financial control by accessing the victim’s bank account from their devices and monitoring transactions. Victims can contact their bank for help in ending all active online sessions as well as resetting their password and 2FA. This will prevent the abuser from accessing their accounts.
For a victim still in the relationship, this may be more difficult to achieve. Another option would be to have two separate bank accounts, one for bills and one for everyday spending, where they could subtly limit access to one of the accounts and minimise the risk of being locked out of all finances. The other thing to be wary of is whether an abuser could use social engineering tactics to gain access to the victim’s account by tricking bank staff into handing over information. Some banks have the ability to flag an account where this may be a risk, and the victim should speak with a member of bank staff in confidence if they are concerned this may happen.
If there is a risk that the victim may be at risk of identity theft, Cifas provide a number of services and advice which you can find out more about on their website.
This is a big topic and one of the most important areas in which victims should enhance their security. This is particularly true for younger victims who are more likely to spend more of their time online and have a greater presence on social media. Victims should still be able to safely use social media provided they have taken steps to protect their accounts to minimise the possibility their perpetrators can access their account and/or be able to contact them/ find their location.
To secure their social media accounts, the first step is ensuring they have a strong password and 2FA on all accounts. The vast majority of social media services offer 2FA which is a crucial extra step that would stop the majority of social media account takeovers.
Settings need to be reviewed to ensure accounts are not giving away any unnecessary personal information. Strong privacy settings are crucial. Settings should be checked to see what devices are logged into their accounts or are ‘trusted’ devices, with any old or unknown devices being removed. If a victim’s social media accounts are compromised there is always the option to delete all accounts and create a new profile under an alias name, linking it to a new non-identifiable email account.
For victims who do not have a social media presence it may be worth setting one up as a defensive measure. They can set one up using a strong password, 2FA, add key friends and minimal personal information, turning off all notifications. This will prevent a perpetrator creating a false account in their name to befriend friends and family and try and elicit information, such as the victim’s location. The victim’s friends and family will already know their legitimate account, even if in an alias.
For more information and advice on using social media safely, follow the NCSC guidance.
There are a number of resources to educate children on the safe use of social media:
The Criminal Justice and Courts Act 2015 Section 33 outlines the offence of Revenge Porn: disclosing private sexual photographs and films with intent to cause distress. The Domestic Abuse Act 2021 extends this offence to include threatening to disclose such images. If the victim has been a victim of Revenge Porn they need to report it on 101 or online if they have not done so already. They should also report it to the social media provider to get the post/photos taken down. In particular, Facebook and Instagram have a portal where you can report it called ‘Not Without My Consent‘. Or you can direct the victim to the Revenge Porn Helpline for further advice and guidance.
If a victim has any smart devices in the home, they can leave their network vulnerable if not set up properly. As well as this, perpetrators can use smart devices in the victim’s home both during and after the relationship if they still have access. With smart devices, the key things to do is to make sure they have changed the default passwords of the devices, remove account access for unwanted accounts and keep the firmware updated. For more detailed advice on smart devices, view the NCSC’s guidance.
WiFi: Home Routers and Public WiFi
Home routers are generally secure, but in order to secure them further it is recommended that you change the default password to a stronger password using the 3 random word rule. This is particularly important for a victim to do once outside the relationship, as the perpetrator may have established the ability to remotely connect to the home network. Sometimes a factory reset first is the best option to ensure the strong default rules are in place, but they should consider that this may stop some other devices inside the network from offering full functionality (such as being able to view home CCTV while out and about) without further steps.
Public WiFi may be free but it is usually insecure and may be unencrypted, leaving your personal data vulnerable for cybercriminals to steal. It is recommended when you connect to public WiFi that you avoid accessing social media and your online banking or anything that involves putting in login data to avoid having your credentials stolen. If you do want to use public WiFi, you can download a Virtual Private Network (VPN), which hides your IP address and protects your data from being stolen. A VPN app and service should be chosen based on researching quality services with good reviews, rather than on cost alone.
It is always going to be safer using a 3G or 4G connection, when not connected to your home WiFi, as your data is automatically encrypted between your device and the mobile phone mast.
Browsing the Web
If a victim is concerned about their internet browser history and whether that could be used against them, there are options where they can browse the web safely. Victims can always delete their internet history across their devices. They can also use the private browsing feature in their web browser that will allow them to search the web freely without automatically saving the search history on the device. You can also download private browsing apps that wipe your search history after every use. However, there is always the risk inside the relationship that if the perpetrator is aware the victim is searching online and cannot find any online search history, this may make them agitated. To avoid this they can add a few searches on the clear web searching side so not to arouse suspicion.
Web Browser extensions: there is a possibility that a perpetrator could have added web browser extensions, which can be set up to capture data and monitor activity on that web browser on that device. You can check whether browser extensions have been set up in their browser settings and delete them accordingly. If there are any browser extensions that need removing, it is recommended that they change their passwords as the abuser may have already captured their current passwords.
Location services on your devices can be used as a means of tracking your location by a perpetrator. It is important that the victim switches off location services, unless it is specifically needed for certain apps. For example, they may want to switch their location services on for a personal safety app. Often devices and apps switch it on by default but you can switch it off by going into your settings. For Android devices, click here. For Apple devices, click here. Most devices now allow a choice to allow the use of location services only while using the app.
Victims want to make sure their devices are protected with a password and/or pin, as well as installing all the latest software and app updates. They should also install Anti Virus / Anti Malware software across all of their devices. They can search on their web browser to find one that is most suitable for them. For Microsoft Windows devices, make sure that Windows Defender is switched on and updated. If you think their devices may already have malicious software, you can follow this NCSC guidance on how to recover an infected device.
Further Resources/ Signposting
- TVP/SEROCU Staying Safe Online Guide
- SEROCU Cyber Domestic Abuse Guidance For Victims
- Refuge Tech Safety Website
- Report domestic abuse via TVP’s website
- Hollie Guard – Personal Safety App
- Bright Sky
- How to shop online securely
- Cyber Helpline Referral
NCSC Cyber Protect Guidance for Domestic Abuse for Practitioners
The National Cyber Security Centre have also produced a guide for practitioners which can be downloaded here:
For any further advice and support, please contact us via email at: firstname.lastname@example.org