Every situation is different, but it's never your fault. You may feel helpless, but you can take action. Here are some tested strategies for people experiencing cyberstalking or worried that it might happen.


Mobile Phones

Protect your data


Take care with intimate photos. Phones are easily lost and stolen, which makes their data vulnerable. Transfer sensitive photos to a more secure location, such as a USB stick, as soon as you can. While they are on your phone, encrypt them and keep them in a password-protected file.

  • Turn off automatic cloud saving. Every photo you take on your iPhone is automatically uploaded to Apple’s iCloud. To turn off iCloud sharing, go into Settings > iCloud > scroll down to Photos and slide the option to off To disable iCloud completely, go to the bottom of the menu and hit “delete account.” On Android phones, photos can be backed up to the Google+ cloud service, but this will be off when you first set up a Google account. Double check your settings going to the Photos app > select General Settings > slide Auto-Backup to Off. Check your cloud frequently to know exactly what is stored there.

  • Erase data before recycling. If you plan to pass your phone on, first make sure none of your info is on it. Remove the SIM card. Return the phone to its factory settings. For Android, go to settings > privacy > select Factory Data Reset. Instructions vary with different models, so consult the manual or the internet.

Guard your privacy

  • Password-protect your phone. This will keep your data safer if you lose your phone or someone tries to use it without your permission.

  • Be aware of itemised telephone bills. Some telephone bills itemise numbers dialed and messages sent.

  • Consider an alternate SIM card for private calls. Turn your phone off, switch out SIM cards and restart your phone. Don't forget to remove the private card when you're finished and keep it in a safe place.

  • Know the trade-off between security and convenience. When you install apps, they may be convenient, but they can make you (or your friends) vulnerable. Think of all the times installing an app using your Facebook password requires you to give away your list of contacts to the app maker. Do you know how they use that info?

Hide your location

  • Only enable GPS settings when you need them. The majority of smartphones have GPS chips that can geo-locate the phone in seconds. Do you need this on all the time? You usually activate GPS in Settings > Privacy > Location.

  • Disable the GPS on your mobile camera. This geographic info can be embedded in photos pinpointing exactly when and where the photo was taken. Together with the content, it can be easy to discern where you live, work or play. Check your manual for instructions. For example, on an iPhone, go to Settings > Privacy > Location, and disable the option of ‘Camera’.

Social media


Think about what you share online. It is very easy to glean information about where you live, the places you love to go to in your area and the people you care about from posts and pictures. Treat your email and/or internet account like you would your credit card, ID or passport numbers – very carefully.

Account registration

  • Create a different email account for site registration. This will help avoid spam, and your personal email won't be revealed if the online service doesn’t have good privacy practices.

  • Leave optional fields blank. When registering online, only fill in the required fields and leave certain identifying information such as birthdate blank.

  • Use a profile photo that doesn’t identify you. Choosing images that also protect your location can keep you from being recognised or found.

  • Choose a screen name that isn't personal. Many people have screen names that do not give away identifying characteristics. You might want to consider a user name that is gender-neutral.

  • Check your privacy settings. Services such as Facebook change their privacy policy all the time, so check in regularly to make sure you are sharing the information you want to share only with people you trust. Some sites have options for you to test how your profile is being viewed by others. You can find social networking privacy settings here.

  • Use sites with good privacy policies. Make sure that your the providers and platforms you use have acceptable privacy policies that prohibit cyberstalking or online harassment. If they have none, suggest they create them and/or switch to a provider that is more responsive to user privacy concerns. See how Take Back the Tech! has evaluated Facebook, YouTube and Twitter.


Online practices

  • Never post your personal contact details publicly. And don't share anyone else's. People often post their phone numbers in Facebook comments without considering that everyone else can see it. Use direct messaging instead.

  • Search yourself. Do a regular internet search on your name to monitor where you appear online or set up an alert.

  • Choose a screen name that isn't personal. Many people have screen names that do not give away identifying characteristics. You might want to consider a user name that is gender-neutral.

  • Reset passwords regularly. Yes, it's a pain, but critical. Security-in-a-box has a good chapter on strong passwords and tricks for remembering them.

  • Keep your technology updated and secure. Read our tips for tools and install (and update!) the relevant software. Choose open source when you can.

  • Know the trade-off between security and convenience. Do you really need to install that new app if you aren't 100% sure it won't make your device vulnerable?


Blogs & websites

  • Use an alternative address to register domain names. When you register a domain name, your contact information is made public and available for anyone to see. This is a transparency requirement in many countries. While domain proxy services exist for a fee to protect privacy, these have proven unreliable in the face of legal or public pressure to reveal registry information. You might use an organisational address and phone number or one that does not reveal your home location. Create an email account exclusively for managing the domain.

  • Don’t post your email address. Instead, create a simple contact form where users can submit their information in order to contact you.

  • Require accounts in order to post comments. You can also activate the option to track IP addresses of commenters.


Denouncing stalkers and seeking redress

  • Move fast to block the stalker. Lots of people don't take action because they think they are overreacting, but repeat attacks may paralyse you. Record incidents (time, place, event). If you take action quickly and block the stalker's opportunities to harass you, they may lose interest.

  • Make it clear that you do not want to be contacted. Warn that any further contact will result in a police report. Communication may stop right there. Write once and document it.

  • Save copies of all communication. Even though the immediate desire might be to delete the communication and try to forget about it, record-keeping is crucial. Take screenshots and back up evidence on a USB stick or external hard drive. You'll need electronic copies, as the coding that accompanies all cyber communications is the only way to verify authenticity.

  • Report, block or filter emails. You can filter a particular email address so that it goes directly to “junk” or to a folder that you specify. That means you don't need to read the emails, but they are still available as evidence. Learn how to turn on filtering and blocking capabilities. Gmail has a reporting mechanism if a stalker is using their email service.

  • Block blog and chat room trolls. You can block unwanted chat room contacts by checking the chat room instructions. If you own a blog or website and someone posts harassing comments continuously, you can block them using an ‘IP address block’. Blog providers like WordPress offer installable widgets. Or check with your website provider.

  • Unpublish abusive posts, but don't delete them. These are part of the evidence that you will want to provide to the police or the internet provider. If you are receiving harassing phone calls, record them for evidence.

  • Contact the stalker's ISP. Contact the harasser's internet service provider. Most ISPs prohibit using their service for abusive purposes. An ISP can often intervene by directly contacting the stalker or closing the account. Document this contact.

  • Ask a friend to moderate abusive comments. Save your energy for what is important and have trusted friends moderate the crap.

  • Go to the authorities. More women being harassed online are choosing to go to the authorities, which has led to changes in legislation. If the harassment involves hate groups, threats of death or bodily harm and/or public postings of your location or contact information, you should contact law enforcement right away. The more evidence you have collected, the faster they can act.

  • Get emotional support. Tell your family and friends you are being stalked. Their support is critical during the stalking and in the aftermath to help you cope.

  • Inform your employer if necessary. If you think this person may harass you in the workplace, it's important to notify your employer. Your boss will be more likely to back you up if they later receive communication from the stalker, and they may be able to mitigate professional damage and providing evidence.

  • Clean up the damage. If your internet searches reveal that the stalker published information about you, Take a look at “How to delete things from the internet” for more information. Key steps:

    • Request that websites take down of the information

    • Contact Google to remove information

    • Rebuild a positive online reputation to “bury” the negative search results

    • Report legal violations to search engines

    • Make a legal case for defamation