Security - Defenders Protection Initiative

The Caricature Trend and Its Impact on Digital Safety

February 13, 2026

by Noelyn Digital Security Digital Security Research Security

By Noelyn Nassuuna

Across social media platforms, caricature portraits and AI-generated avatars have quickly become a popular way for people to express themselves online. From activists and professionals to young girls exploring identity in digital spaces, many users are embracing these stylized images as profile photos or storytelling tools. While the trend looks creative and empowering on the surface, it also raises important questions about digital safety, privacy, and online protection.

A New Layer of Digital Identity

Caricatures allow individuals to present a version of themselves that feels artistic and less exposed than a real photograph. For many women and young users, especially those navigating online harassment or public visibility, avatars can feel safer. They create a sense of distance between personal identity and public presence while still allowing creativity and confidence to shine.

However, digital safety experts caution that caricatures do not always guarantee anonymity. Even stylized images may reflect recognizable features such as hairstyles, skin tone, or cultural symbols. When combined with usernames, captions, or location tags, it becomes easier for someone to connect the avatar back to a real person. This can create a false sense of privacy, where users share more information than they normally would.

The Hidden Risk of Facial Data

Many caricature tools require users to upload several photos to generate their artwork. These images may be processed by artificial intelligence systems, and sometimes stored on external servers. If the platform’s privacy policies are unclear, users may unknowingly give away biometric information such as facial structure or expressions.

For digital rights advocates, this raises concerns about data ownership and consent. Young people and first-time users may not fully understand how their images are used beyond creating a cartoon portrait. Over time, repeated uploads to different apps can expand someone’s digital footprint and increase exposure to data collection practices.

Identity Misuse and Online Harassment

Another growing concern is the potential misuse of caricatures. Screenshots or downloaded avatars can be edited or reposted without permission, which may lead to impersonation or misleading content. In online spaces where women, journalists, or activists already face targeted harassment, even a stylized image can become a tool for unwanted attention.

Digital safety practitioners emphasize the importance of maintaining control over how images are shared. Simple actions such as using trusted platforms, adjusting privacy settings, and avoiding oversharing personal details can reduce risks.

A Positive Opportunity for Protection

Despite these challenges, caricatures can also support safer online engagement when used intentionally. Some advocates choose illustrated avatars instead of real photos to lower direct identification risks. Organizations working with young girls or community leaders have also used caricatures to represent participants without exposing their real faces publicly.

The key difference lies in awareness and informed choice. When users understand the digital implications behind the trend, caricatures can become a creative safety tool rather than a vulnerability.

Building a Culture of Digital Awareness

As the caricature trend continues to grow, conversations around digital safety must grow alongside it. Encouraging users to read app permissions, understand data privacy, and think critically about online identity can help create a safer digital environment.

Caricatures are more than just a social media trend, they are part of how people shape identity and community online. By balancing creativity with caution, individuals and organizations can enjoy the benefits of this artistic movement while protecting privacy, dignity, and security in digital spaces.

The Digital Frontline: Safeguarding Your WhatsApp and Telegram from Emerging Hijacking Attacks

February 12, 2026

by Fred Drapari Digital Security Security Web Applications

In our line of work as human rights defenders, secure communication is not just a convenience, it is a necessity. For many of us, WhatsApp and Telegram are lifelines for organizing, documenting, and protecting those at risk. However, as our reliance on these platforms grows, so does the sophistication of those who seek to silence us.

At DPI, we have observed a sharp rise in account hijacking that doesn’t rely on complex hacking, but on social engineering. Attackers are now tricking users into “inviting” them into their accounts through legitimate features like device linking and mini-apps.

How the Attacks Work: Exploiting Trust

1. WhatsApp: The “GhostPairing” Trap
The most prevalent new threat is called “GhostPairing.” It exploits WhatsApp’s “Linked Devices” feature, which usually allows you to use WhatsApp on your computer.

The Bait: You receive a message from a trusted contact (whose account is already compromised) saying something like, “Is this you in this photo?” with a link.
The Trick: Clicking the link takes you to a fake page that looks like Facebook or a photo viewer. It asks for your phone number to “verify” you.
The Hijack: The attacker uses your number to request an official WhatsApp pairing code. They then display this code on the fake website and ask you to enter it into your WhatsApp app. Once you do, you have unknowingly authorized the attacker’s browser as a “linked device.” They now have full access to your chats and media in real-time while your phone continues to work normally.

2. Telegram: The “Mini-App” Phishing Lure
Telegram’s “Mini Apps” programs that run directly inside the chat interface are being abused because they lack a strict vetting process.

The Bait: You might see an “airdrop” or a “gift” offer from what appears to be a legitimate channel or celebrity.
The Trick: When you open the Mini App, it looks official because it’s inside the Telegram interface. It prompts you to “log in” by entering your phone number and 2FA code directly within the app.
The Hijack: Since the app is malicious, the attacker captures your credentials immediately. Because these apps don’t open in an external browser, users are often less suspicious, assuming Telegram has “verified” the app.

The Remedies: Hardening Your Digital Defense

To protect your work and your network, we recommend implementing these immediate security measures:

Audit Your Sessions Regularly: This is your first line of defense.
- WhatsApp: Go to Settings > Linked Devices. If you see a device or browser you don’t recognize (e.g., “Google Chrome on Windows” when you only use a Mac), log it out immediately.
- Telegram: Go to Settings > Devices. Terminate any sessions that aren’t yours. Use the “Automatically terminate old sessions” setting for added safety.
Enable Two-Step Verification (2SV): Set a custom PIN that must be entered when registering your number on a new device. This prevents attackers from taking full control even if they have your SMS code.
Trust the Platform, Not the Link: Official platforms will never ask you to enter a pairing code or OTP into an external website or a third-party Mini App.
Verify Offline: If a colleague or contact sends an urgent or strange link, call them on a traditional phone line to confirm they actually sent it before clicking.
Use Passkeys: Where available, set up Passkeys (biometric login) which are significantly more resistant to phishing than SMS codes.

The digital space is a critical arena for human rights work. By staying vigilant and securing our accounts, we ensure that our voices remain loud and our data remains safe. If you suspect your account has been compromised or need further training, reach out to us at Defenders Protection Initiative.

Why Small Civil Society Organisations Are Becoming the New Targets of Cyber Attacks

January 23, 2026

by Fred Drapari Civic Space Digital Security Security

For a long time, cyber attacks were associated with governments, big corporations, and major institutions. Small civil society organisations were often overlooked. They were seen as too small to matter, too insignificant to target.

That reality has changed.

Across Uganda and the wider region, Defenders Protection Initiative (DPI) is witnessing a steady rise in cyber attacks against small and medium-sized CSOs. These organisations, often operating with limited budgets and small teams, have become attractive targets for a wide range of actors.

Understanding why this is happening is the first step toward defending against it.

Small CSOs hold powerful information

Even the smallest organisation often manages sensitive data:

Lists of beneficiaries
Testimonies from survivors
Reports on abuses
Donor records
Financial documents
Contact details of activists
Internal strategies

For adversaries, this information is valuable. It can be used to intimidate individuals, disrupt projects, discredit organisations, or manipulate communities.

An attacker does not need to break into a ministry database if they can access the same information through a poorly protected NGO system.

Limited resources create easy entry points

Most small CSOs operate under serious financial pressure. They prioritise programme delivery over infrastructure. As a result:

Old laptops remain in use for years
Software updates are delayed
Free hosting is used without security support
Shared passwords become normal
Backups are neglected
Technical support is outsourced irregularly

These conditions create weak points that attackers easily exploit.

In many cases, a simple phishing email is enough to compromise an entire organisation.

Digital attacks are cheaper than physical repression

Targeting an organisation physically attracts attention and international scrutiny. Digital attacks are quieter and cheaper.

With minimal resources, an attacker can:

Take over email accounts
Delete important files
Monitor communications
Spread false information
Block access to systems
Leak internal documents

These actions weaken organisations without creating obvious evidence of repression.

For hostile actors, this is efficient and low-risk.

Small organisations are closer to communities

Grassroots CSOs often work directly with affected populations: land defenders, women’s groups, journalists, informal workers, and displaced communities.

This closeness makes them strategically important.

When a small organisation is compromised:

Communities lose trust
Beneficiaries become afraid
Documentation stops
Advocacy slows down
Networks fragment

By targeting small organisations, attackers disrupt entire ecosystems of activism.

The human factor remains the biggest risk

Most successful attacks do not begin with advanced hacking tools. They begin with human interaction.

We commonly see:

Fake donor emails requesting documents
Impersonation of partners
Messages pretending to be from management
“Urgent” compliance notices
Fake job offers or training invitations

Staff members, under pressure and working with limited support, respond quickly. One click can open the door to attackers.

This is not carelessness. It is a result of overwork and inadequate training.

Why awareness alone is not enough

Many organisations are now aware of cyber risks. Awareness, however, does not automatically translate into safety.

Without systems, awareness fades.

Effective protection requires:

Clear digital security policies
Defined access levels
Regular training
Incident response procedures
Secure backups
Leadership commitment
Budget lines for security

Security must be institutionalised, not improvised.

DPI’s approach to protecting small CSOs

At DPI, our work goes beyond emergency response. We focus on building long-term resilience.

Our approach includes:

Digital security assessments
Tailored trainings
Website and infrastructure hardening
Incident response support
Staff mentoring
Policy development
Network-based protection models

We work with organisations to strengthen their systems in ways that fit their realities.

There is no one-size-fits-all solution.

What small CSOs can start doing today

Every organisation, regardless of size, can begin with these steps:

Use strong, unique passwords and a password manager
Enable two-factor authentication on all major accounts
Separate personal and organisational devices
Update systems regularly
Set up automatic backups
Limit access to sensitive files
Document who controls what
Train staff at least once a year
Create a simple incident response plan
Know where to seek help

These actions are practical, affordable, and effective.

Conclusion: Security is now part of sustainability

Sustainability is not only about funding and programmes. It is also about protection.

An organisation that cannot protect its data, staff, and communications cannot sustain its work.

As digital threats continue to evolve, small CSOs must adapt. With the right support, systems, and mindset, they can remain strong, credible, and resilient.

DPI remains committed to walking this journey with civil society organisations, ensuring that defenders are not left alone in the digital battlefield.

WhatsApp Image 2026-01-22 at 11.36.37 (1)

Strengthening Digital Safety, Legal Awareness, and Mental Well-Being for Women Politicians and Journalists ahead of the Uganda 2026 elections

October 2, 2025

by Noelyn Advocacy Digital Security Digital Security FATF Mental health Security

Women journalists and women politicians increasingly operate in hostile digital and political environments where online harassment, surveillance, legal intimidation, and psychological pressure are becoming routine. To respond to these risks, Defenders Protection Initiative (DPI), in partnership with Pollicy, with support from Urgent Action Fund, conducted two tailored two-day capacity-building trainings focused on digital safety, legal implications and compliance, and mental health.

The trainings were delivered separately for women journalists and women politicians, recognising the distinct risk landscapes they navigate while grounding both engagements in shared principles of safety, rights protection, and resilience.

Addressing Real and Escalating Digital Threats

Participants shared experiences of online harassment, coordinated smear campaigns, account takeovers, surveillance, doxxing, and threats that often translate into offline harm. These attacks undermine professional work, personal safety, and emotional well-being. The trainings were designed to be practical and grounded, equipping participants with tools and strategies they could immediately apply in their work and daily lives.

Key Focus Areas of the Trainings

Over the two days, the sessions combined technical learning, legal literacy, and psychosocial support through interactive and participant-centred approaches:

1. Digital Safety Tools and Practices
Participants were introduced to safe and trusted digital tools for secure communication, strong account protection, password management, and safe data handling. Hands-on exercises supported participants in assessing personal and organisational risk and adopting safer digital practices without fear or overwhelm.

2. Legal Implications and Compliance
The training unpacked relevant legal and regulatory frameworks affecting digital engagement, journalism, and political participation. Participants explored compliance obligations, responsible online conduct, and ways to protect themselves legally while continuing to exercise freedom of expression and civic participation.

3. Mental Health and Psychosocial Well-Being
Recognising the emotional toll of digital attacks, dedicated sessions focused on mental health, burnout, and collective care. Participants discussed coping mechanisms, peer support, and referral pathways for psychosocial and mental health support, reinforcing the importance of well-being as a core component of protection.

Creating Safe and Supportive Learning Spaces

DPI intentionally created safe, feminist, and survivor-centered spaces where women could share their experiences openly, learn collectively, and rebuild their confidence. The approach affirmed that digital safety is not only technical or legal, but it is also deeply linked to dignity, agency, and mental well-being.

Outcomes and the Way Forward

By the end of the training, participants reported increased confidence in:

Using secure digital tools and safer online practices
Understanding legal risks and compliance responsibilities
Responding to online harassment and intimidation
Prioritising mental health and seeking support when needed

Through collaboration with Pollicy and the support of the Urgent Action Fund, DPI delivered a holistic intervention that recognises digital safety, legal protection, and mental health as interconnected pillars for women’s participation in journalism and politics.

Defenders Protection Initiative remains committed to strengthening the safety, resilience, and leadership of women human rights defenders, journalists, and political actors, ensuring they can continue to engage in public life safely, confidently, and with dignity.

Holding Regulators Accountable for Data Privacy and Protection in Uganda’s NGO Sector -DPI

September 9, 2024

by Noelyn Advocacy Advocacy Civic Space Projects/Our Work Section Research Risk Assessment Security

By Helen Namyalo Kimbugwe and Noelyn Tracy Nassuuna

As Uganda heads toward a pivotal election season, the release of sensitive financial statements for Non-Governmental Organizations (NGOs) like Chapter Four Uganda has sparked intense debate. These disclosures carry significant implications for donors, NGOs, and the public, shaping trust, transparency, and operational stability.

What does this mean for NGOs operating in Uganda, their donors, and the communities they serve? How can transparency be balanced with protection in such politically charged times?

To delve deeper into these issues, download the full article now and stay informed about the future of civil society in Uganda.

Holding Regulators Accountable for Data Privacy and Protection in Uganda’s NGO Sector -by DPI Download

Investing in Women’s Safety and Security

April 16, 2024

by Noelyn Advocacy Digital Security Digital Security Security

We hope you were celebrated or honored by the women in your life, and we encourage you to continue this appreciation beyond Women’s Day.

Speaking of Women’s Day, this year’s theme, “Invest in Women: Accelerate Progress,” underscores the critical need for increased financing in gender equality efforts, including funding gender-responsive, green energy initiatives, and support for female and feminist changemakers.

These challenges notwithstanding, as experts in the fields of security, safety, and human rights, we have witnessed firsthand how the unique security risks and threats faced by women impede progress not only toward achieving equity but also in improving their overall quality of life.

Here are four impactful ways in which we can invest in women to accelerate progress through enhanced security and safety measures.

Enhancing Responsiveness of Security and Justice Institutions

According to a 2020 Violence Against Women and Girls Survey (VAWG) conducted by UBOS, a staggering 95% of women surveyed reported experiencing physical and sexual violence. Shockingly, only 45% of those who had experienced intimate partner physical and sexual violence chose to report it, primarily due to a deep-seated mistrust in the judicial system.

Despite efforts such as the establishment of Gender-Based Violence help desks by Uganda Police, significant gaps remain in addressing these issues effectively. There is an urgent need to bolster the responsiveness of law enforcement and judicial institutions in apprehending and prosecuting perpetrators. Strengthening these mechanisms is crucial in not only delivering justice to survivors but also contributing significantly to deterring future occurrences.

GBV Toll Free Helpline 0800199195

Support, NOT Survivor Blaming

The UBOS survey also revealed that the other reasons why women opted not to report physical/sexual abuse were fear of being blamed for the incidents and the threat of continued abuse or worse consequences by their abusers if they spoke up.

In light of these distressing findings, it is clear that women who have endured abuse and violations, need tools and assistance to cope, recover, and pursue justice, to help them navigate these harrowing experiences and gradually rebuild a sense of safety and stability in their lives. This can be informed by psychosocial support or training in basic self-defense skills among others.

Equipping Women with Knowledge and Skills to Navigate the Evolving Digital Landscape

In today’s rapidly evolving digital world, it’s crucial to empower women with the necessary knowledge and skills to navigate cyberspaces safely. This includes providing them with the tools to prevent, recognize, and respond to cyber-attacks effectively. Explore our website for digital security support options/offerings.

As more aspects of our lives move online, women are increasingly vulnerable to various forms of digital abuse, including hacking, cyberbullying, harassment, and online stalking. By skilling women in cybersecurity and digital safety, we can empower women to protect themselves against such threats and confidently engage in online activities.

Investing in Gender-Inclusive Tech for Safety and Security

By allocating resources toward the creation and refinement of tech tools tailored to women’s needs, we can address existing safety concerns and foster a more inclusive digital environment.

Here are a few we like; digitalsafetea.com safebangle.org bitdefender.com

Child/Teen Online Safety Tips and Tools

March 12, 2024

by Noelyn Digital Security Security Security

More children and teenagers are actively engaging with the internet, and this trend is expected to persist. However, the online environment hasn’t always been tailored to cater to the needs of minors. Therefore, it is crucial to prioritise their safety. In honour of Safer Internet Month, here are some essential tips and tools parents, educators, and even the young netizens can use to guarantee online safety.

Online safety for children Infographic Download

What you need to know about Delayed Phishing/ Post-Delivery Weaponized URL

November 18, 2020

by Fred Drapari Digital Security Security

Truth is, most of us have ever been a victim of phishing before and with the abundant resources online and trainings that we have so far had, we have become sort of immune to phishing.

Click here to as well look at our blog post about phishing and what you need to know

Our immunity against phishing has so far been boosted by e-mail service providers, mail gateways and even browsers that we use which has all embedded in their systems anti-phishing filters and malicious address scanners.

With all these above, cybercriminals are constantly inventing new, and refining old, circumvention methods. One such method is delayed phishing.

Delayed phishing is an attempt to lure a victim to a malicious or fake site using a technique known as Post-Delivery Weaponized URL.

“As the name suggests, the technique essentially replaces online content with a malicious version after the delivery of an e-mail linking to it. In other words, the potential victim receives an e-mail with a link that points either nowhere or to a legitimate resource that may already be compromised but that at that point has no malicious content. As a result, the message sails through any filters. The protection algorithms find the URL in the text, scan the linked site, see nothing dangerous there, and allow the message through.”

Effecting the malicious link

Attackers operate on the assumption that their victim is a normal worker who sleeps at night. Therefore, delayed phishing messages are sent after midnight (in the victim’s time zone), and become malicious a few hours later, closer to dawn.

If cybercriminals find a specific person to attack, they can study their victim’s daily routine and activate the malicious link depending on when that person checks mail.

Technology behind Delayed Phishing

For delayed phishing to be effective, hackers use at least one of these 2 common methods:

Simple link: In this case, the hackers are the ones who are controlling the target site in that at the time of delivery, the site is safe so it can go through the several security levels it is scanned before it is delivered to your mailbox. At the time of delivery, the link leads to either a meaningless stub or (more commonly) a page with an error 404 message and the malicious version of the site is activated after delivery.
Short-link switcheroo: Several sites offer link shortening services to the world, with this you can get alternative links that are easy to remember and short instead of long and boring links. However, some of this services allow you to alternate the link behind these short links. So the cybercriminals take advantage of this in that, by the time they are sending the email, the short link it pointing to a legitimate site and is swapped to the malicious site after delivery.

Although there is a third technology that is not so common which includes a randomized and short link where there is a probabilistic redirection. That is, the link has a 50% chance of leading to google.com and a 50% chance of opening a phishing site. The possibility of landing on a legitimate site apparently can confuse crawlers (programs for automatic information collection).

– Spotting & fighting Delayed Phishing

Ideally, there is need to prevent the phishing link from getting to the user, so rescanning the inbox would seem to be the best strategy.

In some cases, that is doable: for example, if your organization uses a Microsoft Exchange mail server. Kaspersky Security for Microsoft Exchange Server is also included in our Kaspersky Security for Mail Servers and Kaspersky Total Security for Business solutions.

Maintain your Social Distancing

March 20, 2020

by Fred Drapari Security

Social Distancing is a practice intended to stop or slow down the spread of the Corona Virus. The purpose is to reduce the probability of contact between persons infected with #COVID19 and others who are not infected, so as to minimize it’s transmission.

8 Tips to Secure your Office

March 17, 2020

by Fred Drapari Risk Assessment Security

We dwell a lot on “CyberSecurity” forgetting about the physical security for organizations. We just thought we could throw in a few tips for you to secure your office space.
Security risks are trending amongest HRDs and it is so unfortunate that many organisations do not have the necessary office security measures in place to help protect their premises & assets from possible threats.
Trending risks to organizations include but are not limited to:

Posts in category: Security