16 days of activism 2026_DPI

Standing Up to Online Gender-Based Violence: Building Safer Digital Spaces for Women and Girls

by AdvocacyDigital SecurityWeb Applicationswomen@web

During the 16 Days of Activism, we are starkly reminded that violence against women does not begin or end offline. It follows them into their phones, their social media accounts, and every digital space where they speak, work, lead, or express themselves. In Uganda, women journalists, politicians, activists, and even students are facing a rising wave of online attacks that are not simply rude comments but deliberate efforts to silence, intimidate, and erase them from public life.

These attacks take an emotional, psychological, and professional toll. They push many into self-censorship, and some into withdrawal entirely, a process that weakens civic participation and harms democracy for everyone.

The New Digital Battlefield: Understanding Online GBV

Today, online gender-based violence (OGBV) has taken new forms that are faster, more invasive, and often anonymous. The attacks are rarely random; they are tools used to control women’s participation in leadership, public discourse, and community organizing. When a woman is silenced online, her influence in other spaces also shrinks, which affects the entire civic space.

Types of Attacks Women Commonly Face:

  • Harassment, insults, threats, and humiliating messages.
  • Doxxing, where private information is leaked to intimidate.
  • Non-consensual intimate imagery and sexualized abuse.
  • Impersonation on social media to spread misinformation or damage reputations.
  • AI-generated deepfakes targeting women in politics or media.
  • Manipulated photos and voice notes meant to scandalize or shame.
  • Targeted phishing attacks disguised as personal or work-related messages.
  • Cyberstalking and obsessive monitoring of online activity.
  • Lastly, Trolling and Coordinated Swarming: Where large groups are mobilized to overwhelm a woman’s account with abusive content, making platforms unusable.

Empowerment in Action: DPI’s Practical Safety Toolkit

Defenders Protection Initiative continues to meet women who feel overwhelmed by online harassment but are unsure where to begin or how to protect themselves. Strengthening digital safety is not just a technical process; it is an act of empowerment and resilience-building. Practical tools and safer habits can drastically reduce exposure to attacks and increase women’s confidence as they navigate digital spaces.

Useful Tools and Practices Women Can Adopt:

CategoryTool/PracticeBenefit
Secure CommunicationSignal, Proton MailSafer, encrypted communication and private email.
Password & AccessBitwarden, Two-factor authentication (Aegis, Authy, Google Authenticator)Managing strong, unique passwords and preventing unauthorized account access.
Privacy & AnonymityBrave Browser, Tor BrowserImproved anti-tracking protection and anonymity for high-risk users.
Verification & ReportingInVID, Deepstar and Reality DefenderTools for verifying deepfakes or manipulated images before spreading them.
Platform SettingsRegularly updating social media privacy settings, restricting who can tag or message you, and turning off real-time location sharing on all platforms.Taking ownership of your digital boundaries.
DocumentationTime-Stamped Evidence: Document harmful posts using screenshots and URLs, ensuring dates and times are clearly captured for legal reporting.Crucial for Legal Action: Provides the verifiable, immutable evidence needed for platform reporting, legal proceedings, and engaging with law enforcement or human rights bodies.

Responding to online abuse requires preparation and community. Beyond the tools, women should be empowered to report using platform tools, block accounts that escalate harassment, and seek support from trusted networks or institutions.

A Shared Responsibility for a Safer Digital World

Online violence thrives in silence, which is why the 16 Days of Activism is a powerful reminder that protecting women’s voices is a shared responsibility.

At DPI, we continue to provide digital security training, digital forensics, account-recovery assistance, and psychosocial referrals so that no woman has to face OGBV alone.

But the fight is bigger than us:

  • Organizations must invest in digital safety policies and provide robust HR support for targeted staff.
  • Men must actively challenge harmful online behavior and report abuse when they see it.
  • Platforms must strengthen their moderation systems and hold abusers accountable.
  • And as a community, we must make the internet a place where women feel safe enough to lead, express themselves, and participate fully.

A safer digital world is possible, but only if we work together to create it.

We urge you to share this post and commit today to challenging digital violence.
#EndDigitalGBV #16DaysOfActivism

hack-whatsapp-1024x682

WhatsApp 2FA: Secure Yourself From This Simple Hack

by Digital SecurityWeb Applications

Imagine someone has taken over your account, what would happen to you and the people who contact you on WhatsApp?

Just as it is easy to fresh install of WhatsApp for your new phone is also how easy an attacker would gain access to your WhatsApp and possibly start a conversation with your friends claiming it is you.

Most times, the direct risk is not to you if you’re attacked, but to your contacts. They can expect to receive requests for data or even emergency funds. This is social engineering at its best. We would trust an end-to-end encrypted platform, a message from a trusted friend and so are coded to have our guards down and rather feel pity in these circumstances.

The repercussions of this happening are beyond imagination. This can even further spread to more of your contacts having there WhatsApp accounts taken over.
With the account taken over, the attackers could then message contacts in the groups you are in as if from the account holder (you), as well as any other contacts whose WhatsApp messages were received after the take over. No legacy data is compromised. The target device remains untouched. WhatsApp has simply been ghosted onto an illegitimate device.

It is surprising how many people have not yet enabled the Two-step verification PIN in WhatsApp—almost everyone we have asked has yet to set it up. If you’re the same, then please take that minute and set it up now. 

The Question now is, How do we prevent this from happening to you for the first time or again?

WhatsApp introduced a feature where you can set a PIN of your own choice and even an email address just in case you forget your PIN. The PIN is your own verification to confirm that it is you even after inputting the SMS verification so you do not otherwise have to share your PIN with anyone.

You can find this feature in your WhatsApp setting > Account > Two-step verification: There you will be prompted to enable your PIN and confirm it, then you will also be asked to type in an email address to use to recover your account in case you forget your PIN

Http and https security certificates vector illustration. Web browser protocols isolated icons

SSL – What You Need to Know

by Digital SecurityDigital SecurityWeb Applications

We often hear about a padlock, green URL bar and several other ways people use to describe SSL. But the question would be, What really is SSL and how useful is to HRDs websites?

What is Secure Sockets Layer (SSL)?

SSL is a security protocol that assures users of the connection between their device and the website they are visiting. During a connection to a website so much information is shared between two computers (the visitor and there server for the website) including what may be highly confidential data such as credit card numbers, location data, user identification numbers or even passwords. Visitors have to make sure all the information passing is secure and not prompt to interception by third parties. This is why SSL has become a big deal in the cyber-powered world.

In cases where there is no SSL, the information shared between these two computers often show up as plain text. Which means, if there were to be an adversary, they would basically see all the communication and in this case, data could be stolen. SSL prevents this by encrypting this communication.

Why we need SSL?

When a visitor goes to your website and sees that you have an SSL it builds an enormours level of trust, this shows your visitors that whatever their activity on your website is secure. This trust is of more importance if it includes transactional relationship; where money is involved.

Even if not for transactional relationship, in the cyber-space of today “Data is the new Gold!” so That means everything we do online has to be secure.

To have this level of trust and security for your visitors requires the one key means – SSL. Since they assure users that the connection they have to that website is safe. For the end user, all they need to verify this is a simple icon shown on their browser (The padlock).

The padlock, or green padlock icon has become an assurance indicator to users that the website they are visiting takes their security seriously.

In case you haven’t realized the importance of having your website secured with SSL because you do not handle sensitive financial-related data, it is time to shift away from that. As mentioned earlier, hackers in these digital age would go after any data transmitted on the internet especially other personal identifying information.

Good enough, websites without SSL have been labelled “Insecure” some browsers show a red URL bar in order to protect and allow visitors to clearly identify these websites. Also, websites without SSL do not rank high on search engines as of today.

We shall be writing on how SSL works and Types of SSL to choose out from in the near future.