When I was a senior in high school, I was doxxed by a high-profile domestic terror group for speaking out against the KKK and other hate groups coming to my hometown to recruit. My photo was plastered all over the internet, and I was sent graphic death threats as well as explicit threats of a sexual nature. I never was the same since then and I had terrifying nightmares for years after that incident. I had to delete almost all of my accounts, and for years after, I would receive messages from members of these groups.

It fundamentally changed the way I see social media, activism, and terror groups. From then on, I started to study disinformation, technology, privacy, and cybersecurity. I started to train self-defense. I joined an MMA gym. I started to have sleeping issues. Eventually, many of the leaders of this group were locked up in prison after the terrible events in 2017 in Charlottesville, VA, and the January 6th, 2021 domestic terror attacks on our nation’s capital. 

Now, as an information privacy expert, I want to stress the importance of making sure that you and your colleagues are safe whenever you engage in activism. 

Many of these dangerous groups include hackers—colloquially known as hacktivists. No teenage girl should have to have the conversation I had to have with homeland security and the FBI. It terrified me to my core. 

By taking basic steps to secure your information, you can prevent things such as this from happening as best you can. Our nation is at its best with everyone engaged in exercising their rights in the political process. No matter if you’re a campaign volunteer, a candidate, or just a high school senior planning a protest in the city park like me…in this digital world, you need to protect yourself.

1. Think of all the different accounts you have. Make note of them. If you share any files or accounts with anyone—make note and consider that as a risk factor.
2. Employ a password manager app and do not use the same password for any two accounts.
3. Use 2-factor authentication. A physical “key” is best, but consider an authentication app. Sim-swapping attacks are now becoming popular among hackers, where they will obtain your phone number by fraudulently obtaining your phone service plan from the carrier. Email 2-factor does nothing to prevent a hacker from accessing your account that already has obtained access to the email account. Authentication apps work with the device itself, so they are a better option.
4. Be aware that end-to-end encryption apps do not protect against lateral attacks. The encryption acts do nothing for you if your device itself is compromised by an attacker via spyware or another malicious software.
5. “Scrub” your social media of anything that you aren’t okay having it screenshotted or sent around. Google yourself to see what shows up and if there’s any information that shows up that you were unaware of. It could be that a friend posted a photo of the two of you in front of your house that gives away your home address… Check everywhere.
6. Download antivirus, spam-blockers, and use a VPN on all personal devices (including phones and portable devices). ZTNA is best for organizations, but that’s harder to get as a single person.
7. Be wary of any strangers messaging you—even if they are volunteering to help you. They could be malicious actors in disguise. Consider giving out a second phone number instead of your own— that connects to an app such as Google voice or another app that gives you a “burner phone number.” Likewise, don’t use the same email account for all purposes. The email you use for your bank accounts and other important matters should not be the same one you regularly give out or post online for contacting you. Better yet, use an encrypted email service or use an encryption app that integrates with your existing account whenever possible.
8. Don’t click on any unexpected attachments or open any files you aren’t expecting. It’s good to confirm that the person sending them actually attached the file.
9. Make sure the people around you are being safe as well.
10. This isn’t an exhaustive list, but it’s a start. You should look up the best cyber security hygiene habits regularly. The threat landscape is constantly changing.

Good luck out there!

Ariana Velasquez is a CIPP/US, and a JD/MBA student. She is based in Appalachia in the United States.