Ask-LOIS DV & Technology v3 - Done...2018. 11. 9. 1 ©"Women’s"Legal"Service"NSW"2013 DV#&#Technology Staying#Safe#in#an#Online#World Charissa"Sun,"Solicitor,"WLS"NSW 3"September"2013

2018. 11. 9.

1

©"Women’s"Legal"Service"NSW"2013

DV#&#TechnologyStaying#Safe#in#an#Online#World

Charissa"Sun,"Solicitor,"WLS"NSW3"September"2013


Introduction


Objectives

To"flag"that"perpetrators"can"and"do"use"technology"to"perpetrate"abuse.

To"cultivate"a"basic"understanding"of"how"technology"can"be"used"to"perpetrate"abuse.! Terminology! Mechanisms

To#equip#you#with#sufficient#knowledge#so#that#you#can#go#out#and#use#the#tools#available#to#help#your#clients#keep#themselves#safe.

2018. 11. 9.

2


Overview

This"webinar"will"look"at:

1. Cyber"safety

2. Digital"footprint

3. Account"access"/"takeovers

4. Social"engineering

5. Spyware

6. Mobile"phones"&"Computers


Cyber"Safety

Perpetrators"can"and"do"use"technology"to"perpetrate"abuse

• Cyberbullyingo writing"nasty"comments,"posting"embarrassing"pictures,"spreading"false"or"

misleading"information"about"the"victim"on"the"Internet

• Cyberstalkingo using"technology"to"harass,"threaten"or"frighten


An#example#of#cyberstalking:

A female victim was being cyberstalked. She had no idea who could be theperpetrator. They could be male, female, friend, colleague or a stranger.

The stalker told her the route she took to work. They threatened to stand besideher on the tube one day and throw her in front of it.

She never knew if the person she was standing next to was her stalker. Eventuallyshe had to quit her job because she did not feel safe getting to work.

Digital#Stalking:#A#guide#to#technology#risks#for#victims#(version#2),#Jennifer#Perry

2018. 11. 9.

3


Cyber"Safety

Perpetrators"can"and"do"use"technology"to"perpetrate"abuse• Cyberbullying

o writing"nasty"comments,"posting"embarrassing"pictures,"spreading"false"or"misleading"information"about"the"victim"on"the"Internet

• Cyberstalkingo using"technology"to"harass,"threaten"or"frighten

• Digitally0Assisted0Stalkingo stalking"activity"which"is"enhanced"or"accelerated"by"the"use"of"technology"

(such"as"mobile"phones,"computers"and"Internet)o spyware


MobilePhones

Computers Tablets

Digital'Footprint• pieces"of"information"that"people"leave"behind"about"themselves"online

• forums,"emails"and"attachments,"uploading"videos"or"pictures,"and"any"other"form"of"transmission"of"information

Digital"Footprint


2018. 11. 9.

4


Digital"FootprintDangers

• Information"you"leave"behind"– everything"you"do"online"leaves"a"trace"• Information"other"people"leave"behind"about"you

Dangers• Gives"stalkers"the"information"that"feeds"their"obsession• Information"used"by"perpetrators"to"help"them"intimidate,"humiliate,"or"

harass

E.g.$Online$information$can$be$used$to$establish$a$pattern$of$where$we$go,$who$we$know,$how$we$are$feeling,$our$specific$location,$etc$…


Digital"FootprintWhat%can%we%do?

Technology%Safety%Planning%(I)• Assess%what%online%information%exists%about%you

Do"a"Google"search"of"yourself"to"see"what"information"is"available"online"so"you"know"what"precautions"to"take.

• Online%accounts%with%profiles%or%an%online%presenceo Change"your"email"and"passwords

o Delete"existing"online"accounts,"particularly"it"they"contain"large"amounts"of"information"or"photos"(eg Facebook,"Instagram,"etc)

o Delete"entries"and"photos

o Review"who"can"access"your"information


Digital"FootprintWhat%can%we%do?

Technology%Safety%Planning%(II)• Review%all%the%privacy%and security%settings

o Highest"possible"privacy"settings"and"security"settings

• Avoid%public%forumso Perpetrator"can"see"your"postso Avenue"of"bullying"and"harassment

Minimise disclosure of personal information

2018. 11. 9.

5


Account"access"|"takeover

Account'access |"when"someone"gains"access"to"another"person’s"account"without"their"permission

Account'takeover |"when"someone"accesses"another"person’s"account"and"then"changes"the"username"or"password"so"that"the"original"account"holder"can"no"longer"access"their"own"account

A perpetrator"either"knows"or"can"guess"the"victim’s"username"and"password

A change"passwords"and"update"email"addresses"on"all"accounts


Account"access"|"takeoverRisks

Risks• physical"harm• financial"loss"(through"accessing"online"bank"accounts)• harassment,"humiliation,"abuse"of"victim• damage"or"destruction"of"victim’s"relationships"by"accessing"victim’s"email"

account"to"send"family,"friends,"work"colleagues"or"clients"abusive"messages"or"messages"telling"them"to"never"contact"the"victim

• perpetrator"can"use"the"victim’s"account"to"send"themselves"abusive"messages"in"order"to"incriminate"the"victim


Social"engineering

When%a%perpetrator%manipulates%someone%to%divulge%confidential%information%about%the%victim

Stalkers"often"use"social"engineering"to"gather"information"about"the"victims"– finding"out"where"they"are,"their"new"phone"number,"email,"address,"where"they"work,"if"they"are"seeing"someone"new

Stalkers"use"information"available"online"(digital"footprint)"to"manipulate"others"into"providing"further"information"about"the"victim.

Article:)Hacking)the)Mind:)How)&)Why)Social)Engineering)Workshttp://www.veracode.com/blog/2013/03/hackingDtheDmindDhowDwhyDsocialDengineeringDworks/

http://www.veracode.com/blog/2013/03/hacking-the-mind-how-why-social-engineering-works/

2018. 11. 9.

6


An#example#of#social'engineering:

A domestic violence survivor’s ex4partner was monitoring her eBay account.When she purchased an item, he waited a few days and contacted the sellerclaiming the item hadn’t arrived. He asked the seller to verify the address.The seller inadvertently gave the perpetrator the victim’s new address.

The perpetrator then found the victim; beating her so severely she was leftblinded in her left eye.

(Digital#Stalking:#A#guide#to#technology#risks#for#victims#(version#2),#Jennifer#Perry)


Social"engineeringRisks

Risks• physical"danger"/"access"to"victim• data"gathering• harassment,"humiliation,"abuse"of"victim• installing"spyware• account"access"/"takeover• identity"theft


Social"engineeringRecommendations! Clean"up"the"computer"– remove"spyware! Change"all"passwords"and"PIN"numbers! Limit"what"you"share"online! Educate"family,"friends"and"work"colleagues

2018. 11. 9.

7


Spyware

• Apps"or"software"that"can"be"download"onto"a"person’s"mobile"phone"or"

computer"to"collect"information"about"them

• Monitors"their"movements,"phone"calls,"text"messages,"etc.

• Tracks"everything"that"the"person"does"without"their"knowledge"and"

sends"the"information"to"a"third"party

Mobile"phones

• mSpy – smartphone monitoring"software

- ‘Listens’"to"and"records"conversations"between"

people"who"are"not"on"the"phone"– ‘remote"listening"

device"that"will"spy"on"its"owner’"– records"sounds"

within"4"½"metres"of"the"phone

- Completely"invisible"on"the"target"phone


SpywareOn#Computers

How#does#computer#spyware#get#uploaded?• The"perpetrator"sends"a"victim"an"email"that"has"a"file"attached"– picture,"PDF"or"other"

document,"etc.• When"the"victim"opens"the"file"the"spyware"is"downloaded"in"the"background"without"

the"victim"knowing.

What#computer#spyware#can#do:• logs"key"strokes• captures"all"IM"chat"conversations• shows"all"websites"visited• monitors"what"is"written"online"and"in"social"networks• reads"your"email• shows"your"usernames"and"passwords• captures"screenshots"of"what"you"are"doing"on"your"computer• allows"third"party"to"control"your"computer"– e.g."launch"programmes,"upload"or"

download"files,"turn"on"the"computer’s"webcam"and"microphone


SpywareOn#Computers

ComputerSniperSpy – remote"monitoring"software- Can"be"remotely"installed"on"a"computer

- Records"user"activities"and"sends"it"to"an"online"account

- View"live"screenshots"and"live"keystrokes

- Check"Facebook and"other"social"media"activities

- Launch"applications- Remote"shutdown- Remote"uninstall

2018. 11. 9.

8


SpywareRecommendations

Recommendations• requires"an"internet"connection"to"function"– disconnect"your"computer"

or"mobile"phone"from"the"internet• factory"reset"the"computer"or"mobile"phone• use"spyware"removal"software• install"antiCvirus"and"antiCspyware"software• be"extremely"careful"about"opening".exe"files• do"not"open"attachments,"pictures,"cartoons

Article:)How)to)detect)if)you)are)being)monitored)on)your)mobile)phone:http://acisni.com/is;there;spy;software;on;my;cell;phone;how;to;detect;being;monitored/


Mobile"phones

Smartphones"can"increase"the"risk"for"DV"survivors"and"stalking"victims"because"they"contain"sensitive'information'and"have"apps'that'leak'data'about'us."Eg:"It"can"lead"people"to"our"exact"location.

User"information"stored"on"the"phone"is"also"stored"on"the"Internet"through"Google or"iCloud.

Important"for"victims"to"secure'both'their"mobile'phones'and"its"associated'online'content.


Accessing"Google"or"iCloud

Accounts

User"information"and"data"stored"on"Android"phones"

or"iPhones"link"to"an"online"account.

The"online"account"stores"contacts,"calendars,"photos,"

documents,"apps,"etc.

Can"show"the"phone’s"location"– thereby"showing"the"

user’s"location.

E.g."The"iPhone"has"a"built"in"‘Find"your"phone’"app."

N go"to"your"online"iCloud account

N see"where"the"phone"is"located

N remotely"lock"the"phone"and"delete"data

http://acisni.com/is-there-spy-software-on-my-cell-phone-how-to-detect-being-monitored/

2018. 11. 9.

9


Mobile"phonesRisks

Risks• physical"danger"/"access"to"victim• financial"loss"A iCloud and"Google"allow"users"to"store"their"credit"card"details"

online"so"that"they"can"download"paid"content."A"perpetrator"can"maliciously"download"content"and"run"up"a"big"bill."Or"they"can"add"a"device"to"the"online"account"and"download"paid"content"for"their"own"use

• data"gathering"– invasion"of"privacy,"feeds"obsessive"behaviour• account"access"/"takeover


Mobile"phonesRecommendations

Secure/your/Google/or/iCloud account• Immediately"change"your"login"details"for"your"mobile"phone"account"–

choose/a/secure/password/that/perpetrator/will/not/be/able/to/guess

• Delete"apps"that"you"do"not"use

• Review"apps"to"see"if"they"have"any"features"that"could"be"used"to"give"away"your"location"or"leak"information"about"you


ComputersInternet&Browsers

Programme&that&is&used&to&access&the&internet&and&view&webpages

Browsing"history"– ‘private"browsing’

Synced"information"across"the"same"browser"on"different"devices.Article:)How)to)Sync)Your)Browser)Data)in)Any)Browser)and)Access)it)Anywherehttp://www.howtogeek.com/139179/howBtoBsyncByourBbrowserBdataBinBanyBbrowserBandBaccessBitBanywhere/

Firefox"browser"– all"saved"usernames"and"passwords"can&be&accessed&and&viewed

Do"not"save"your"password"and"user"information"in"the"browser."Do"not"tick"‘Remember"my"password"on"this"computer’.

http://www.howtogeek.com/139179/how-to-sync-your-browser-data-in-any-browser-and-access-it-anywhere/

2018. 11. 9.

10


Using"Facebook"Safely

Infographic will.be.available.on.AskLOIS website


Resources

Network for)Surviving)Stalkingwww.nssadvice.org

Digital3Stalking)|)Self%help to*stalkingwww.digital>stalking.com

! Victims"Advice"– Internet,"Social"Networks"&"Mobile

http://www.digital>stalking.com/digital/

! Publication:"Digital)stalking:)A)guide)to)technology)risks)for)victims)(version)2,)Nov)2012),)Jennifer)Perry

Cyber(smart:)Glossary:"http://www.cybersmart.gov.au/glossary.aspx#C

http://www.nssadvice.org

http://www.digital-stalking.com

http://www.digital-stalking.com/digital/

http://www.cybersmart.gov.au/glossary.aspx

Documents

Ask-LOIS DV & Technology v3 - Done...2018. 11. 9. 1 ©"Women’s"Legal"Service"NSW"2013 DV#&#Technology Staying#Safe#in#an#Online#World Charissa"Sun,"Solicitor,"WLS"NSW 3"September"2013