Protect against online abuse.
Social media has become more and more important for journalists as a tool to promote their work and to voice their opinions. This has led to increased levels of online abuse in the form of trolling.
Trolls can be real people or fake accounts run by computer bots. They have several aims. One aim is to shut down discussion on a social media thread by leaving so many comments that it is impossible for the journalist to engage in conversation. The other is to intimidate or threaten a journalist. In some cases, trolls may try to hack into the journalist’s accounts. Once a journalist has been identified as a target for trolling then they are likely to be trolled in the future.
Journalists covering certain political issues, or topics such as the extreme right, the alt-right, race, and issues around feminism and women’s rights are likely to be a target for trolls. It is important to identify the reason for the trolling and the objectives of the trolls in order to protect yourself. Our guide below details best practice for reducing the risk of trolling.
Best practice: trolling
Before an attack
- Protect your accounts from being hacked by creating secure long passwords for them and/or think about using a password manager. See our guide on passwords.
- Turn on two-factor verification for your accounts. This will alert you if someone is trying to breach your account. See our guide on email for more information on this.
- Review the privacy settings of your social media accounts and lock down any information that you do not want made public.
- Review photos of you online and assess whether any of them can be used to discredit you. Trolls often misappropriate images found in the public domain and use them as a way to tarnish a journalist’s image. These images are often perfectly normal everyday photos, for example, a journalist on holiday.
- Get your accounts verified by social media companies. This will show your followers that the account is yours and not a fake account set up in your name.
- Review your social media sites regularly for comments that could indicate the beginning of a trolling situation. Be especially vigilant just after a story has been published, especially if it is a topic that attracts the interest of trolls.
During an attack
- When trolling occurs try not to engage with the trolls, as this can make the situation worse.
- Look at the type of trolling and try to ascertain who is behind it. Look to see if the trolls are real people or bots.
- You may want to block or mute trolls. You should report any trolls that are abusive or threatening to the social media company. Change the settings on Twitter to control the content you see on your feed. See the TrollBusters guide for more information.
- If trolling involves defamation of your character and/or your work consider mobilising a team of supporters on social media to counteract the claim.
- You may want to consider going offline if an attack is particularly bad.
- Consider making your editor and key work contacts aware of the situation.
- Document the attack. See the TrollBusters guide to harassment online for how to do this.
A troll attack can also involve doxxing. This is when personal information on a person, for example, an address or phone number, is made public online. This information is normally taken from public databases or the journalist’s online profile. Adversaries can also hack your accounts to obtain personal data. This information is then used as a way to harass and/or intimidate a journalist. This could vary in threat level from sending items to the journalist’s house to threatening them over the phone.
Best practice: doxxing
Before an attack
- Review your online profile and look on sites, such as search directories and the electoral roll, that contain personal information about you and your family. You may be able to get this information removed. This will depend on the site and the law in different countries.
- Remove contact details and personal data, such as your date of birth, that is public on your social media sites and websites. Create a work-only email address for people to contact you.
- Lock down your privacy settings on your social media accounts. See our guide on social media. Consider speaking to relatives about their social media accounts and their settings. Adversaries can obtain a lot of information on you through the accounts of family members and friends.
- Create strong and long passwords for your accounts or consider using a password manager. See our guide on passwords.
- Review content in your accounts, including emails and private messages on social media, for any information that could put you at risk. Remove, if possible, anything that could harm you if made public.
During an attack
- Consider relocating if you think that you or your family’s life could be at risk. Organisations such as the Rory Peck Trust may be able to help with advice and support in this situation.
- Document the attack and create an incident log.
- Review your online profile and remove any personal details
- Change passwords on your commonly-used accounts. Hackers will try to gain access to these accounts. See our guide on passwords.
- Let your bank, utility companies, and mobile phone companies know that you have been doxxed to prevent fraudulent use of these services.
- Let people know that you have been doxxed, including your family, your employer and your friends.
- Report threatening behaviour to the authorities, if you feel able to do so.