We admit, we are still learning a lot about what LGBTQ+ means and how we can support that part of our community that struggles with the same difficult mindsets, as women do. When we first heard that there is an online safety guide for LGBTQ+, the question that popped into our minds was “Why LGBTQ+? Surely online safety is the same for everybody, isn’t it?” So, we dug deep and we think (or hope) we have a better understanding now. And yes, there is indeed a difference.
We would like to share our findings about what the difference between LGBTQ+ and straight Online safety with our community – be it for helping the LGBTQIA+ community or just to increase understanding what that target group has to deal with. And of course, to make anyone’s time online a little bit safer as all the tips are applicable to anyone, regardless of their identity.
You can jump directly to a part of the article by clicking either of the buttons or just keep reading.
One thing that is not addressed in this article but can be annoying if not outright hurtful is the fact, that nowadays a lot of online forms still give a choice of gender options restricted to “male/female”. Imagine you would be a man who had to constantly choose “female” because there is no “male” option – how would you feel? Disrespected in your identity? You would be right. So, this is an appeal to any service or product provider to update your forms. It is long overdue…
Why Online Safety Matters
When you are moving through online channels, your data is along for the ride. Websites remember everything thanks to Cookies following your every move. They are mostly designed to make your online experience easier for you. Still, not everyone “watching” has good intentions. In fact, online hazards can have severe, costly, even tragic consequences. And it is hardly just one person in the network falling victim to one of the dangers, but rather anybody in their network will suffer the consequences, too.
It starts with kids, actually. For kids, the Internet can be a wonderful place to learn, shop, play games or just talk to their friends. Kids may not always think about the consequences of their actions, which can cause them to share too much information about themselves. Unfortunately, kids are sometimes specifically targeted by cyberbullies or predators, making it important for parents and their kids to be aware of the dangers. A survey conducted by Google in 2018 about kid’s online experiences proves that online safety awareness should start very early:
39.1% Seen inappropriate content online
23.8% Overshared information on social media
15.6% Scammed by an email or by a bad link online
13.8% Cyberbullying
13.6% Account hacked
Recommended age to begin learning about online safety and digital citizenship: 8 years old
You can find online resources to further increase your understanding of the risks kids face online and how to deal with the topic, like this tutorial for parents Teaching kids about Internet safety.
The Dangers
Cyberbullying
Cyberbullying is bullying with the use of digital technologies. It can take place on social media, messaging platforms, gaming platforms and mobile phones and is designed to hurt, threaten, embarrass, annoy, blackmail, or otherwise target another person. While on the playground, you had to face your victim, online bullying can be done quite anonymously, making the bullying often times much worse than any physical confrontation ever could. The anonymousness can also cause feelings of being alone in the victim. The inflicted psychological damage can be severe to the extent of causing self-harm and suicidal behaviors.
Experience of cyberbullying is also associated with the development of mental health issues like low self-esteem, depression, anxiety, family problems, up to academic difficulties, delinquency, school violence, besides suicidal thoughts/attempts (Hinduja). The internet never forgets, meaning the bullying is there for others to see for a much longer time than in the real world. This causes the victim a more public and permanent embarrassment. And “anytime, anywhere” translates into victims might feel there is no safe haven anywhere, as the digital nature of cyberbullying allows it to even find you in your home.
According to enough.org, as of February 2018, nearly half of all young people had been the victims of cyberbullying.
You think nearly half is a lot? Try being LGBTQ+: More than 8 in 10 students who identify as LGBTQ experienced harassment or assault at school. In fact, cyberbullying is a major online threat to the LGBTQ+ community.
If you think that’s sobering, check out the key findings of the 2018 report “The impact of cyberbullying on children and young people’s mental health” by the European Commission’s Joint Research Centre (JRC):
47% of young people have received intimidating, threatening or nasty messages online
Children and young people are using social media for longer periods, and using multiple profiles
Underage (<13 years) use of social media is common place
There is a connection between intensive social media use and mental ill health
Of children currently experiencing a mental health problem, over 2/3 (68%) say they experienced cyberbullying in the last year
Cyber Predators
A cyber predator is a criminal who uses the Internet to steal personal information or search for victims. Crimes that involve online predators include identity theft, stalking, kidnapping and (child) sex abuse.
Cyber predators mostly prey on people when they are going about their normal Online business: taking advantage of unsuspecting participants by persuading them to trust them enough to share vital information that can then be used for criminal purposes. This can be information that helps them:
access financials,
extort somebody into sexting (getting or even forcing somebody to send sexually explicit photos via smartphone),
do a physical meet-up with intent to abuse,
get somebody to send money, or
get somebody to share personally identifiable information (e.g. address, vacation dates), etc.
Phishing
Phishing is basically cybercriminals posing as legitimate institutions. They often do this via email, to obtain sensitive information from the targeted individuals by trying to trigger strong emotions like fear or stress to provoke a reaction like clicking a malicious link. Some typical examples include mails stating that:
your account with xyz has been blocked/suspended
something bad or uncomfortable happens if you do not complete information by a specific date (which tends to be close to immediately), like an account will be blocked, a shippment will not be delivered, etc.
your CEO has or needs important information
your IT has made an evaluation of websites used by employees during working hours and there might be consequences for individuals doing more surfing than working
you have been hacked and your password needs changing
you need to provide authentication
your package cannot be delivered due to missing information or payment
your refund is waiting
you have won money
etc.
If a message (email, text or WhatsApp) makes you want to resolve it immediately out of fear or stress, take a minute to think and check some things before clicking anything.
A good way to check for legitimacy of the sender and their message is to hover your mouse over any links. This will give you a preview of where the URL is going to lead you. Check carefully for spelling of the link, email addresses and names as the names look legitimate, but if you look carefully, you might find spelling mistakes or characters that have been exchanged for numbers, e.g. ”o” has been replaced with a zero. If in doubt, call the company and ask if they sent the email.
Remember: no legitimate institution is ever going to ask you for account details in an email.
Privacy Protection
Privacy protection is keeping the information you would like to keep to yourself from getting into the wrong hands, e.g., companies, hackers, government organizations, and other groups.
It is important to understand, that the definition of privacy protection varies from person to person. Privacy is an individual’s ability to determine for themselves when, how, and for what purpose their personal information is handled by others. Your data is yours and yours only and nobody besides yourself should determine what is being done with. Protecting one’s privacy is key to ensuring human dignity, personal safety and self-determination. It allows to freely develop one’s own personality.
Not protecting your own privacy can result in social, psychological, monetary and believe it or not: even physical damage. For the LGBTQIA+ community, lack of privacy protection is especially dangerous if an individual is not out yet in the workplace and at the same time has not protected their privacy enough online.
Put some thought on which online channels you use for which purpose (private vs. professional network)
Read the privacy policy, even or especially when you are in a hurry
Check your privacy settings regularly, including who can tag you and who sees what
Never post anything that either gives out information you don’t want to share (long-term) or that can help crack your passwords or even steal your identity
Report the use of your pictures or private information without your consent
Dark Pattern
A Dark Pattern (aka Deceptive Design) is a user interface that has been carefully crafted to trick users into doing things and not necessarily what they want to do. It describes instances where designers use their knowledge of human behavior and the desires of end users to implement deceptive functionality that is not in the user’s best interest. There are different Dark Patterns to be aware of and they are even used by some companies that are perceived as being trustworthy. Read our article ”Tricked by Dark Patterns?” to learn more.
Longevity of Information
The Internet truly does not forget. Posts can come back even years later to haunt you, for example while applying for a new job or trying to find a new partner.
Put some thought into which online channels you use and for which purpose (private vs. professional network)
Take some time to set the privacy settings of your Online profiles according to what you want people not connected with you to see (or not to see)
Never post anything that either gives out information you do not want to share long-term or that might come back to haunt you
Be mindful of your online comments as much as you are with your real-life comments
Report cyberbullies, abusive or hateful posts
Scams
By now, everyone must have heard of the “long lost relative scam” or the “family member in distress needing bail-out” that some perpetrators used mostly on the elderly in the real world. The same principle applies with online scams. The perpetrator tries to make you believe in a great reason why you should give them money, either directly or putting you in a position, where your data is ransomed. Here are some examples of common scams:
Heir Scam – a rich person has died and you can be the beneficiary as the person did not have heirs and nobody else but the sender of the email knows about the money. He promises to generously split it with you 😉
“Love scam” – by befriending people on social media, getting them to fall in love (or just spark their more carnal desires) and have them send money to enable a meet (plane ticket or similar).
Pet scam – classified ads selling a pet and having you send the money to an account (often in another country) before receiving the pet. This scam is most commonly done with dogs or horses.
Tech Support Scam – the tech support of e.g. Microsoft tells you about a distress signal from your laptop that is currently being hacked. This scam tries to get you to give access to the “tech support” who will install ransomware (a special type of malicious software that blocks access to devices or encrypts data contained on them) and demands a ransom if you want to gain back access to your data. They will convince you with reading numbers of your computer to you to legitimate their call. These numbers are not unique to a user but rather the product ID number of e.g. the software, so of course it will be the same number 😉
According to Kaspersky, only 29% of victims that paid ransom ever got all their data back. Technical faults in the ransomware itself can make it impossible to recover all (if any) data and in too many cases, the data is never released back to the victim. Yes, even hackers can be slobs…
Please use common sense and remember that Microsoft is not calling you for any reason, ever. Check out Social Engineering which is often used in the context of scams.
Social Engineering
We speak of Social Engineering when psychological manipulation is used to trick users into making security mistakes or giving away sensitive information. Or put differently: social engineering is an attack vector used for gain (financial or through access) by using psychology rather than using technical methods like hacking. This includes a broad range of malicious activities accomplished through human interactions. While phishing is a common form of social engineering, there are even more elaborate schemes.
Somebody might befriend you on social media and try to give you the sense of common ground or a sense of familiarity, like growing up in the same village. And of course, some rather sexy pictures often help . They might even try to raise your (love) interest up to the point where for some very unlucky turn of events (of course) they need money or access to something.
Online Safety Guide
VPNMentor published The LGBTQ+ Guide to Online Safety that helps the community to be aware of dangers and to understand how to protect themselves. It contains advice on topics like:
controlling your identity before and after transition,
reinventing your identity,
(Online) dating while queer, and
all other topics in between.
We have also put together 11 Quick Tips to be Safe Online (will be published on 20 June 2023).