It is important to note that if you are experiencing online abuse then you should alert colleagues and, where appropriate, police. You should also alert the social media platform in question.
Social media is an important tool for you as an MP / prospective parliamentary candidate, enabling you to communicate and engage with your constituents and key stakeholders.
This online safety toolkit aims to support you in using it as safely as possible and in knowing what to do and where to go if you experience any online abuse.
It has the benefit of enabling you to share key messages and updates on your work without the need to go through a gatekeeper such as a journalist. It also enables you to respond directly to any questions your constituents may have.
Equally, there are a number of potential pitfalls and risks when it comes to using social media. An important thing to bear in mind here is that social media can be overwhelming, with messages and comments flying around at all times of the day and night.
As such, it is crucial to set boundaries to help protect yourself and to ensure your employees / colleagues support you in making best use of social media as part of your campaigning and work.
Agree on the times when you or your team will be checking in on your account/s. It is a good idea to include this in your bio. Any users should then be aware when they might reasonably expect a response from your accounts.
Some MPs make it clear in their bio that any requests for support need to be made via email rather than social media.
Vigilance against cyber attacks
As someone in a high profile role and privy to sensitive information, you are at greater risk of cyber attacks.
Among the potential means of cyber attack is something known as spear-phishing. This is when a communication is sent to a particular person and is designed to look like it has come from a known or trusted contact.
These can be sent to personal email addresses as well as business email addresses. Malicious links can be included in such emails through a URL or can be embedded into a document on something like Google Drive.
The victim can then be directed to a fake sign in page for what appears to be a legitimate service. Their details will then be used to sign into their own account and to forward any future correspondence to the cyber attacker.
If in doubt about whether an email is genuine then check via a different means. Also do a regular check to ensure there is no mail forwarding active on your account.
Be very careful about what, if any, personal information you share via social media. It could be used as part of a spear-phishing attack. Cyber attackers will often gather and use such information to devise persuasive and convincing emails.
Likewise, be cautious about connecting with people on social media, even when they appear to have mutual contacts. They could be fake accounts, set up to impersonate others.
Consider using a professional social media management service, which will enable colleagues or employees to create posts without the need for you to share your passwords.
Using a social media management tool enables an audit trail to be kept in terms of who has posted content. If using a social media management tool, ensure that account access logging is switched on, if it is available.
You should implement a content approval process, setting out how any draft social media content will be checked and signed off to guard against any problematic content.
Only authorised staff should have access to your social media accounts and social media management tools. Ensure that such access is removed before any staff members leave their role and change any passwords which they had access to.
You should also ensure you have an emergency recovery plan in place. This should set up what to do, for example, if an employee or anyone with access to your accounts has posted damaging content.
You need to know who to contact in advance of any such situations arising.
Ensure you lock any devices when not using them.
The National Cyber Security Centre advises the use of three different words combined to make a stronger password. This renders it more difficult to hack and easier for you to remember.
For more tips on using social media securely, visit:
https://www.security.gov.uk/guidance/social-media-guidance/
https://www.security.gov.uk/guidance/social-media-guidance/using-social-media-securely
https://www.security.gov.uk/guidance/social-media-guidance/perform-social-media-security-assessment
Guidance on recovering a hacked account:
https://www.ncsc.gov.uk/guidance/recovering-a-hacked-account
For more information on protecting what you post on social media, visit:
https://www.ncsc.gov.uk/guidance/social-media-protect-what-you-publish
Reporting a cyber attack
You can report any cyber attack incident via the link below:
Share this page:
