Editor’s note: This story is part of 'Systems Error', a series by CNN As Equals, investigating how your gender shapes your life online. For information about how CNN As Equals is funded and more, check out our FAQs.
Digital guides: How to protect yourself online
How do I... secure my device?
Use a strong password
Your password should be complex and avoid using common words or personal information that someone might be able to guess.
Use different passcodes and PIN codes for different devices and apps.
Know when to use biometric logins
Biometric logins, such as fingerprints or FaceID, are generally a good way to secure a device.
However, in some scenarios, thieves and law enforcement agents have been known to use to biometric logins to bypass passwords. Higher-risk users, including those routinely travelling across borders, should consider disabling these functions.
Software updates help protect you from malware
Malware -- software designed to cause disruption -- uses vulnerabilities in the software on your devices to steal your data, monitor your activities, or install “ransomware,” which shuts down your device unless you pay the attacker.
Protect yourself by updating the operating system on your computers, tablets and phones, and making sure your apps are always up-to-date.
Know the limits of anti-virus software
Anti-virus software can be a useful tool for securing your devices. However, it only works against malware that is known to the company that provides it.
Malicious software is constantly being developed, so you should keep your antivirus software up-to-date, and be alert against phishing.
What is full-disk encryption?
If your device is stolen or seized, it could be possible for someone to directly access the hard disk to get at your data, bypassing your passwords or pin codes.
Full-disk encryption prevents this by converting all of the disk’s data into a format that will require a key to decode.
Activating full-disk encryption means that others are unable to read the files on your device without the password or PIN code.
How can I enable full-disk encryption?
Most Android and iOS devices have full-disk encryption enabled by default.
Windows computers, and Android devices that use an SD card may not, so users need to enable it manually.
Understand main vs side-loaded apps
Operators of the main app stores have worked to remove a lot of dangerous apps from their stores -- though some apps may still be sharing more data than you would like.
Side-loaded apps (downloaded from outside of a mainstream app store) may be higher risk.
Consider a burner phone for some apps
In environments where the government or law enforcement are subject to fewer checks and balances, state-backed apps may include backdoors that allow for greater data collection or surveillance.
Some people in higher-risk contexts use “burner phones”: secondary devices on which they install apps that they need to use but which could be compromised.
You should also delete old apps that you no longer use.
When should you share your location?
If an app is asking to access your location, consider where that data may be going, and for what purpose.
Maps, ride hailing and food delivery apps may need to use your location, but consider giving the app permission to see your location only when you are using the app, so it won’t be able to record your movements.
When should you share your camera or contacts?
If an app asks for permission to access your calendar, contact book, camera or microphone, consider whether that is necessary for what it does. A messaging app, for example, may need these features, but others may not.
You can check in your settings which apps have permission to access your data.
How could the permissions you give be used?Companies may use your data to try to build a picture of you for marketing purposes, but they could also sell your data on to others. Data leaks could also provide malicious actors with information they could use to scam, impersonate or harass you.
One of the easiest ways for someone to get hold of your data, or to install spyware or stalkerware is to physically access the device that you use.
It may seem obvious, but do not leave your device open and unattended, or give access to someone you don’t trust.
If it happens though, here’s what to do
Consider a ‘factory reset’ of your device
If someone you do not trust has been able to access your device, it can be very difficult to tell if they’ve installed something that could further compromise your data.
A factory reset will wipe any information, including malicious software, from your device – but, it will also wipe all of your data. You may want to back your data up to the cloud before you reset.
Change all your passwords
Someone with access to your device may have been able to gain access to your accounts. Changing your passwords, and setting up new two-factor authentication, can help to make them secure again.
Look out for stalkerware and spyware
Spyware allows someone else to access data on your phone, such as images, location or emails. So-called “stalkerware,” allows an individual or an organization, to whom you’ve not given permission, to monitor your movements or messages.
Some stalkerware or spyware can be directly downloaded from app stores or “side-loaded” -- downloaded from an unofficial app store -- and they may not appear on your home screen.
Look out for and remove spyware
You can find advice on how to detect and delete spyware online, at the Clinic to End Tech Abuse website (in English).
If you are a victim of intimate partner abuse, help and support is available.
How do I... browse the internet securely?
When you are using the web, information about your activities may be visible to the company that provides your internet access, such as your employer.
Sometimes, governments or law enforcement agencies are also able to access that information, including web pages that you have visited or messaging services you have used.
Why should I use a VPN?
A virtual private network, or VPN, re-routes your internet traffic, often using a server overseas, to make it look like you are accessing the internet from another country.
Using a VPN makes your internet activity harder to track and allows you to see websites or use messaging services that may be restricted in your country.
Which VPN should I use?
Be aware that using VPNs is illegal in some countries, and that some VPNs may not be as secure as others. They also slow down browser speeds.
Some security experts advise using a paid-for VPN service, as some free services may themselves collect your data for commercial purposes.
What is Tor?
Tor is a free piece of software that routes your internet traffic via an international network, which conceals where you are accessing the internet, and what you are doing online.
How do I... secure my online accounts?
Use strong, unique passwords
Strong passwords are usually long, complex and avoid using common words or personal information that someone might be able to guess.
Use different passwords for different accounts
You should use different passwords for each of your accounts and devices.
This means that if one account is compromised, for example if a website is hacked or leaks your information by accident, an attacker won’t be able to use that login to access your other accounts.
Use a password manager if you need to
If you don’t want to remember lots of passwords, a password manager generates and holds secure passwords across your accounts and will often warn you if your passwords have appeared in data leaks.
How 2FA works
Two-factor authentication (2FA) is a security technique that requires you to take a second step to verify your identity when you log into a service.
This means inputting a code that has been sent to you via:
- a physical device, such as a key fob
- a specialist app, such as Google Authenticator or Microsoft Authenticator
How does 2FA help?
2FA makes it much harder for someone to get into your accounts, because even if they have your password, they would need to have access to your physical device to complete the login process.
“It’s really, really good to enable [2FA] on any accounts that you can,” Cooper Quintin, senior staff technologist at the Electronic Frontier Foundation, told CNN. “This will prevent somebody who just guesses your password from being able to log into your account, and it’ll help protect you against phishing attacks where somebody tries to trick you into typing your password into the wrong website.”
How do I... handle online abuse?
Online abuse has become disturbingly widespread, with a 2021 survey by the Pew Research Center finding that 41% of Americans have suffered some form of harassment online. Online violence against women in particular is estimated to be 85% globally.
Mentally prepare yourself
“Knowledge is power,” says Hera Hussain, founder of Chayn, a non-profit that helps people facing abuse and gender-based violence online and offline. “Understanding that these kinds of behaviors can manifest online is a really important way of mentally preparing yourself that it may happen.”
Here are some of the more common ways social media apps and messaging services can be used to target people:
Some users of social media or messaging apps may use them to call you names, humiliate or intimidate you. They can encourage other people to join in, or use automated accounts, or “bots” to amplify the abuse, as a way to harass you or force you off platforms.
People may use social media or messaging platforms to harass you because of your gender or sexual identity. This includes making misogynistic, transphobic or homophobic comments, “outing” people without their consent and making threats of violence. They may also send unwanted images, including intimate images.
“Cyberstalking” is a form of harassment in which someone uses social media or other online platforms to monitor you, or to repeatedly send unwanted communications. They may use social media or other tools to find private information about you.
Sharing your private information
“Doxxing” or sharing private information, such as your phone number or address is a form of harassment that can have very serious consequences. It can be used to physically threaten you, or to escalate harassment over the phone or in person.
Other forms of private information can also be used in abuse, including details of your private life. People can take private information, such as social media posts or images, and share them without your consent, or out of context, in order to intimidate or humiliate you.
Non-consensual sharing of images or videos, particularly those of an intimate nature, is a form of abuse. This can include images taken from your online accounts, images that you have shared with an intimate partner, images stolen via a hack, or “deepfakes”: synthetic images or videos.
Anyone can be a victim
Anyone can be a victim of online abuse, but the risks are greater for some people, and knowing this may help you to prepare or report it more confidently.
Globally, women are 27 times more likely to suffer online abuse than men.
Minorities face greater risk
Research by Amnesty International found that in the U.S. and U.K., black female politicians and journalists were 84% more likely to receive abuse on Twitter, compared to their white peers.
A 2020 survey by LGBT+ charity, Galop, found that 78% of LGBT+ people had faced abuse online due to their gender or sexuality.
Control who sees your social media
Platforms often allow you to control who can view or interact with your content. You may be able to set these so that only people you know can follow you or comment on your posts.
Different companies have different sharing settings and accessibility, so check the platforms’ FAQs to understand how their privacy settings work.
Private accounts and messages aren’t foolproof
Setting your social media account to private isn’t foolproof. It may not, for example, prevent someone from within your group sharing your content outside of it by taking screenshots.
The same applies to messaging apps. Messages or images sent to individuals or private groups, or via disappearing messenger apps such as Snapchat, can still be shared by other users without your consent.
Be sure you can trust the people you’re sending things to
If you are sharing sensitive information or sending intimate images, be sure you trust the person you’re sending them to. May someone else have been able to access their accounts or devices?
Pause before posting or sending
Think carefully about what you reveal online, such as sensitive personal information or anything that might reveal your location.
Malicious users can use your pictures to work out where you go and the people you socialize with.
Don’t face it alone
Harassment online can have serious effects on your health and wellbeing and can lead to offline harm. To help with feelings of alienation and isolation, experts recommend reaching out to people you can trust for support.
If you feel that you are physically at risk, contact the police, or an organization that can help get you support.
Ways to report it
If you experience abuse online, you can report it to the police, and to the platform on which it appears.
Law enforcement and social media companies typically require you to provide evidence of harassment before they take any action against your abuser.
Try to keep records -- for example, by taking screenshots -- of any abuse you have suffered such as abusive posts, as social media platforms sometimes take down harmful content.
Also keep emails and document how the abuse affected you.
Online safety charity Glitch has a simple guide to reporting abuse.
How do I... deal with image-based sexual abuse?
It’s a growing problem
Image-based abuse is a growing problem online. A 2020 study found that a third of people surveyed in Australia, New Zealand and the U.K. had been victims of image-based abuse.
Young people are more targeted
The research found that young people, particularly those in their 20s, are the most likely to be targeted and that while men and women both reported being victims of image-based abuse, women experienced higher levels of harm, and men are more likely to be perpetrators.
Non-consensual sharing of intimate images
Sometimes referred to as “revenge porn,” this is the distribution of nude or sexually explicit images or videos of a victim without their consent.
This includes images obtained illegally, using hidden cameras, hacking or recording of sexual assaults, as well as images that were originally obtained with consent, but then distributed without it.
Sometimes referred to as “sextortion,” this involves a perpetrator who coerces you into doing something you don’t want to do (such as giving them money, or sharing nude images) by threatening to distribute explicit images of you.
Perpetrators of image-based sexual abuse can use software to manipulate videos, for example, transposing a victim’s face into a pornographic video. These are known as “deepfakes.”
Being targeted can be a distressing and alienating experience. You don’t have to deal with it alone. Ask people you trust for help and, if accessible, consider seeking support from a mental health professional.
If you feel that you are physically at risk, contact the police, or an organization that can help get you support.
The Cyber Civil Rights Initiative maintains a list of organizations around the world that support victims of image-based sexual abuse.
Know your rights
In many countries, image-based abuse is an offence. You may decide to approach the police directly or seek advice from a legal professional.
Find out what the law is where you are.
Document and report abuse
In order to file a complaint with the police, or to convince platforms to take action, you may need to provide evidence.
Experts advise keeping digital and physical copies of all messages and emails, Google search results, links to and screenshots of pages relating to the abuse -- do this before content is taken down.
Without My Consent, an online privacy initiative, has produced a sample evidence chart, which can help to organize your evidence.
Report and remove
Many social media and video hosting platforms have created mechanisms for victims to report abuse.
The Cyber Civil Rights Initiative has compiled a list of platforms’ policies and reporting mechanisms.
Organizations that work with victims of cyber abuse may also be able to support you in filing requests for content to be removed.
Don’t ignore it
Cyber abuse is so common on social media that we often scroll past it. A survey of more than 4500 people in the U.K. found that a quarter of people had witnessed racist abuse online.
Platforms often rely on their users to police, record and report abuse, meaning it’s important to not ignore it when you see someone being targeted.
Show your support to the person being targeted either with a direct message, or by making a public post expressing solidarity.
Don’t join in
“Don’t be a vulture,” says Hera Hussain, founder of Chayn, a non-profit that helps people facing abuse and gender-based violence online and offline.
If you see someone being targeted with abuse, or an intimate image published, don’t boost it or share it, and try to convince others in your networks to refrain from sharing it as well.
Document and report
Don’t be a passive bystander. The more people report abusive users and posts, the more likely a social media platform is to take action.
Online safety charity Glitch has a simple guide to reporting abuse.
How do I... protect my mental health online?
There are things you can do
Trying to hold yourself to the standards projected on image- and video-sharing social media platforms can have a negative impact on your mental health, but there are things you can do to prevent this and protect your self-esteem.
Understand how these platforms work
Most image- and video-based social media platforms allow users to apply filters that alter how they look to meet particular, idealized standards of beauty that are unobtainable for most people.
“The filters that are available on these platforms … make the beauty ideals more and more narrow and harder to attain,” says Dr. Jasmine Fardouly, an expert in body image and social media at the University of New South Wales in Sydney, Australia.
Know that algorithms are controlling what you see
Platforms use algorithms to make decisions about what content you see and many researchers believe that they often reward celebrities and influencers who promote these idealized standards of beauty.
Know it’s not just you feeling this way
Research conducted by Facebook, leaked in 2021, showed that 32% of teenage girls who felt bad about their bodies said that Instagram made those feelings worse.
In 2019, a survey by the Mental Health Foundation in the UK found that 40% of teenagers said that images on social media made them worried about body image.
Step away when you need to
Experts advise taking regular, extended breaks from social media. Various studies have found a link between reducing social media use and better mental health.
Signs that you might need to step away include when you:
- find yourself constantly comparing yourself to other people online.
- realize that you are opening social media and starting to scroll without consciously thinking about what you’re doing.
- are scrolling, but not getting any joy from what you’re seeing.
Find effective ways to limit your exposure
To be more conscious of the content you consume, you can try:
- setting periods where you don’t look at social media.
- monitoring how long you spend on platforms.
- creating small barriers that stop you instinctively opening social media, such as a placing an elastic band around your phone.
Curate your social media experience
Influence what the algorithms show you by following accounts that promote more varied body types and those that have nothing to do with physical appearance.
“Giving yourself as few opportunities as possible to make those harmful comparisons and to be shown content that promotes narrow beauty ideals is likely to make your experience on social media more positive, Dr Fardouly says.
What is doomscrolling?
It can be hard to look away from the onslaught of information we are exposed to.
Compulsively scrolling through bad news on social media is known as “doomscrolling.”
Doomscrolling isn’t harmless
There is still not a great deal of research into the mental health effects of doomscrolling, but some experts say that there are indications that consuming large amounts of negative news and polarized opinions is associated with mental and physical health problems.
“It is putting yourself into a constant state of alertness, which is really bad for anxiety,” says Dr. Ruth Plackett, a research fellow in public health at University College London.
Recognize when you’re doomscrolling
Signs that your media consumption may have become unhealthy include:
- You compulsively check the news many times a day.
- You feel anxious when you haven’t checked the news or social media in a while.
- You are “catastrophizing,” finding yourself thinking only about the most extreme or worst-case scenarios that might result from events that you’ve read about.
Understand why you doomscroll
Algorithms often prioritize content that generates emotional responses from users. As a result, you keep getting served negative news or people’s extreme responses to events.
It’s important to remember that what you’re seeing on social media may be skewed to emphasize a more negative, even catastrophic, version of reality.
Take a break
It can be hard to stop doomscrolling. Some experts recommend:
- making sure you set limits on your use of social media.
- building breaks to pursue offline activities.
- avoiding the news for periods of time.
Be an active, rather than a passive user
It is also important to think about how you use social media.
“Are you using it actively, to message, post and connect, and connect offline as well? Or are passively; just browsing and not really engaging?” Dr. Plackett asks.
There is evidence that actively using social media, as a tool for communication and interaction with community, can be positive for your mental health.
Tune in to your feelings
“You have to reflect on how you’re using social media, and how it’s making you feel,” Dr Plackett says. “If you are feeling that it is leading you down a route of negative emotions, can you take more control over your use, to be more active, more social, and use it in a positive way?”
There are steps you can take
Images and videos showing violence, injury or people in distress are prevalent online, often shared with the intention to raise awareness or call out injustice. But exposure to graphic or upsetting content can be relentless, and traumatic for the viewer.
Here are steps to help you cope.
Understand the risk
“Anytime we see something horrible, regardless of if we see it in reality, or we see it on the TV, there is part of us that sees it as real,” says Professor Arash Javanbakht, director of the Stress, Trauma, and Anxiety Research Clinic at Wayne State University’s School of Medicine.
Seeing images or videos that show violence or injury, or hearing or reading accounts of mental or physical trauma can have a serious impact on your mental health.
The emotional harm caused by viewing or hearing challenging content can be cumulative.
Be aware of your feelings
Different people have different reactions to challenging content, but it is important to take note of how it is affecting you.
“The best compass is our emotional reactions,” Professor Javanbakht says.
In most instances, it is best to try to avoid viewing disturbing content altogether.
Many social media platforms now obscure graphic imagery or require use of trigger warnings. Experts advise considering whether you really need to view challenging material and prioritizing your mental health over a desire to engage with it.
“A lot of times people have this kind of unjustified moral argument in their head: that if I'm not watching it, I'm being indifferent,” Professor Javanbakht says. “Anything that is too disturbing should be avoided.”
Experts recommend taking regular breaks from social media, particularly during periods where the news may be particularly intense or alarming.
If you are experiencing symptoms of trauma which can include loss of sleep, nightmares, flashbacks to images or sounds, or other signs of emotional distress, seek advice from a medical professional.
If you can’t look away
For some people, it is part of their jobs to engage with disturbing content.
If your work involves coming into regular contact with challenging material and stories, experts recommend a range of techniques that can help you reduce or mitigate the impact. These include:
- Take steps to emotionally prepare yourself before beginning work.
- Take regular breaks at work.
- Create a routine that includes ample time away from your devices, particularly before you go to sleep.
- Build and use your support networks of colleagues and friends.
- Take up hobbies offline and outside of work and offline to help you relax.
For more advice, the mental health charities Mind and Headlines have compiled an online resource for people working with traumatic content.
How do I... message securely?
Only some have strong security
Not all messaging tools and applications have strong security to prevent someone intercepting or reading their content.
SMS messages are not considered secure.
A message that you send via SMS can be read by someone at the telecoms company that provides your service, or someone who has access to their records, such as a government or law enforcement agency. The length of time they are stored varies but is usually between one to six months.
Some messaging applications, such as Facebook Messenger, are also not fully secure by default. Unless you enable end-to-end encryption, the companies that provide them can read the content of the messages that you send. Snapchat texts aren't end-to-end encrypted.
Companies are sometimes forced to give up user data to governments or law enforcement agencies. They are also sometimes subject to data breaches, which can put the contents of your messages at risk.
End-to-end encrypted messaging
Experts advise using messaging apps, such as Signal and WhatsApp, which use end-to-end encryption. This is a technique that means only the sender and recipient can see a message.
With end-to-end encryption, if the messaging company was forced to hand over data, no one would be able to view the content of your messages.
What are disappearing messages?
Some messaging apps have a built-in feature that deletes the messages you send automatically after a set period of time.
This reduces the risk that sensitive messages will be intercepted if your's or the recipient’s devices are accessed.
If you do not want to lose your records of conversations, enable this exclusively for sensitive exchanges. However, disappearing messages do not prevent someone from taking a screenshot or saving a photograph from your message onto their device.
When could this help?
A secure messaging system will conceal the content of your messages, but it may still be possible for someone to see when and where you are sending them.
For people at higher risk of surveillance, or in environments where authorities ban, restrict or are suspect of secure messaging apps, it may be sensible to disguise your location using a virtual private network, or VPN.
How do I... protect myself from phishing?
What is phishing?
Phishing is when criminals try to steal your data or install malware -- software designed to cause disruption -- on your computer.
They do this by getting you to click on a link that directs you to an automatic download, sending you malicious files by email, or tricking you to hand over your login or personal details.
But there are steps you can take to protect yourself.
Who sent it?
Attackers often pretend to be contacting you from a social media site, company administrator, email provider or bank, to get you to give them access to your account or company network.
Think about who sent the email or message and look at the email address that it came from.
If it claims to be from a company, but the email comes from a private address, it is unlikely to be genuine.
They want you to panic
A common strategy is to send messages that claim that your account has been hacked or suspended, telling you to log in or call them immediately.
Creating a sense of urgency undermines your ability to think critically about the risks.
Don’t click too fast
Phishing messages may direct you to links that mimic the login page of a real site to get you to enter your details.
The best defense is to habitually stop and think about what you are clicking on or opening.
What to check on a link
Check the url to make sure it is a legitimate site.
Make sure the domain matches that of the site you’re expecting to log into. If, for example, you are being directed to Facebook, the domain should be Facebook.com.
What to check with attachments
Ask yourself if you know the person sending it, whether you are expecting it, and whether the message that it is attached to it is likely to be genuine. If in doubt, call the company directly.
“Most of us have a bit of an intuition for danger,” Cooper Quintin, senior staff technologist at the Electronic Frontier Foundation, says. “If those little hairs stand up, take it take a second to stop and think.”
Who is a more likely target?
Phishing attacks are often random, but sometimes, attackers can target you directly because of where you work or the information they think you have on your phone, known as “spear phishing” or “social engineering” attacks.
If you handle sensitive data or consider yourself at risk of being targeted due to your work or political or social activity, you should be alert to more sophisticated attacks.
Who may attackers pretend to be?
Attackers may impersonate people, such as law enforcement, donors, recruiters or others in order to convince you to hand over details or give access.
It’s also sensible to take steps to secure your devices and secure your accounts.
How do I... spot a catfish?
What is catfishing?
Catfishing is when someone creates a fake identity online, often on social media or on dating apps or sites, in order to deceive people.
Victims of catfishing risk losing money, or having their private information compromised. It can also be damaging to their mental health, leading to anxiety, depression and a loss of trust in others.
Someone may impersonate you or they may pretend to be someone else.
When someone creates a fake profile so that they can “be someone else” online, they often use it to explore other identities or preferences, or to talk to people outside of an existing relationship.
To get money
Sometimes, catfishing is used for financial gain, through extortion or fraud. In the U.S., in 2020, financial losses from catfishing were more than $600 million, according to the Federal Bureau of Investigation.
Some catfish scams involve “sextortion”, where a catfish convinces someone to send private images, then threatens to release the pictures and demands payment.
In a 2021 report, the Revenge Porn Helpline in the UK said cases of extortion almost tripled between 2019 and 2020, from 200 to almost 600 cases, and victims were more often male.
Young people can be particularly vulnerable to sextortion scams. In the U.S., more than 3,000 minors were targeted in 2022, according to the Department of Justice.
Some signs to look out for
- They don’t have many connections on their social media accounts. They may have few friends and followers, and post infrequently.
- They don’t have a wider online presence. If you put their name into a search engine, you don’t find many results. You may consider putting their picture into Google’s reverse image search to see if it has been used on any other social media accounts.
- They avoid face-to-face contact. They never want to meet in person or to video call. They may say they are shy, or that their camera won’t work.
- There are inconsistencies in their stories. They may claim to have been to a certain school, served in the military, or to live in a particular town, but then change their story when asked later.
- They confess to intense emotions very quickly. You may have only been speaking for a few days, but they tell you that they love you.
- They ask you to send intimate images.
- They ask you for money.
Question and challenge them
Experts advise not to be afraid to ask direct questions, and to challenge someone who claims they want a relationship, but isn’t willing to speak to you face-to-face.
You should think very carefully about sending explicit images to someone you don’t know and trust and never do it if you feel pressured.
If you have been the victim of a catfishing scam, experts recommend you stop interacting with the perpetrator. Criminals who use catfishing to extort money often target many people and will focus on the ones that continue to engage with them.
Don’t send money
The Cyber Civil Rights Initiative, which works with the victims of cyber abuse, recommends not sending money to a blackmailer, since they are likely to simply demand more.
Secure your online accounts
If you have been a victim of catfishing, even if the perpetrator didn’t ask for money or explicit images, you might want to make sure your online accounts are secure.
You should also seek help and support.
How do I... know if I am more likely to be a target?
Some people may be more likely to be targeted or harassed online due to their political or social activities, their gender or sexual identities, their work as activists or journalists, or because they handle sensitive information.
Use enhanced security settings on your phone
Apple’s “lockdown mode” and Google’s “advanced protection” modes disable certain functions, such as automatically opening image files, or viewing links on certain messaging services, which can be used by hackers to get access to your device.
You can enable these modes via the settings menu on your device.
Use secure messaging services
Certain messaging platforms, such as WhatsApp and Signal, use end-to-end encryption, meaning that it is difficult for anyone other than the sender and recipient to snoop on messages.
Enable disappearing messages
Whatsapp and Signal also allow you to enable disappearing messages, which automatically deletes messages for both the sender and the receiver after a set duration.
This means that even if someone were to access your device, they would not be able to read any sensitive messages.
You can enable disappearing messages via the settings menu on the messaging app.
Consider using a secondary, or “burner” phone
A burner, or secondary, phone can be useful if a government or company requires that you download apps that you are concerned may give unauthorized access to your data.
You can install that software on a burner phone, keeping your personal device clear of less trusted apps.
Back up and remove sensitive material
Consider backing your phone up to the cloud and removing any sensitive material from the device itself when travelling.
Know when to disable biometric log ins
Some experts recommend disabling biometric logins, such as Face ID or fingerprint scanning, when crossing borders.
This is to prevent them being used to open your device without you giving up your passwords.
Further resources for high-risk individuals are available at the Electronic Frontier Foundation.