Know the risks you take on while conducting a trust and safety investigation, how adversaries could retaliate and how to counteract these risks.
Protecting online communities and services from harmful content and inappropriate use is essential for maintaining user confidence and brand integrity. That’s the focus of a trust and safety team. In our earlier blog in this series, What is trust and safety, we highlighted the increasing importance of these teams, and key challenges they face in getting the job done.
Here we’ll take a look at the real risks involved when investigators need to collect evidence, and how they can leverage innovative tools for more secure, safe and efficient tradecraft.
Automated content moderation and fraud detection is no longer enough to effectively manage online environments. Trust and safety teams often need to dive deeper into issues, and that’s where the risks start piling up. Analysts don’t know where an investigation may lead. Digging below the surface could require interaction with bad actors and malicious sites, which can introduce significant risk — to the analysts, the organization and the integrity of investigations.
Let’s look at some common scenarios…
Dealing with untrusted content and environments is risky. Investigators need to gain a complete picture for analysis, and establish a chain of evidence — but do it safely and securely. If an analyst’s presence or identity is exposed, targets may get “tipped off” and disappear. Or worse, they might retaliate with anything from phishing, malware and DDoS attacks on enterprise networks, to threatening investigators personally.
Learn more in our white paper, Why online investigators need managed attribution >
Successful investigations require the ability to eliminate as much risk as possible — and that starts with securely isolating and anonymizing browsing. VPNs, private browsing and parallel networks cannot fully safeguard online researchers.
For the most stringent protection, investigations need cloud isolation and managed attribution, which enable analysts to separate research from the network and customize their online presence for hyper-secure anonymity. Combining these capabilities gives trust and safety teams the power to shield identities, devices and enterprise resources from risk.
Isolation enables investigators to work on the same computer they use every day, yet conduct online research via a secure cloud-based service. Cloud browsing and storage is isolated from the workstation and network, solving common problems such as:
Investigators are much more at risk than they realize. Browsers and websites track a user’s digital fingerprint in numerous hidden ways. Online presence can be identified through browser and device attributes such as device types, OS, software/plugins installed, time zone and language settings. Browsing behavior also helps identify a user, with fingerprinting based on search terms used, websites visited, time of use, social media connections and account activity.
Even VPNs and private browsing only conceal a fraction of the digital fingerprint. Many details — enough for an adversary to understand your identity and intent — are still conveyed to the sites you visit.
Learn more: What VPNs and Incognito Mode still give away in your online identity >
It’s nearly impossible to browse anonymously (and lack of any identifying details can also arouse suspicion). Instead, researchers need to holistically alter their online identity. That’s why managed attribution is vitally important for trust and safety investigators. It minimizes the risk of being tracked, identified and targeted. And it helps analysts avoid appearing to users as if they’re “snooping,” when maintaining due diligence over online communities and services.
With this powerful capability, trust and safety teams can increase the efficiency and effectiveness of casework, including:
The volume and complexity of trust and safety issues is constantly increasing, amplifying the need for more secure and efficient ways to conduct investigations. The key is to minimize risk, while making it easier for analysts to resolve cases faster. That’s where cloud isolation and managed attribution make a measurable difference.
Want to learn more about empowering trust and safety teams? Download our white paper.
See for yourself how analysts can conduct hyper-secure, anonymous investigations – request a Silo for Research demo.
And keep an eye out for the next blog is this series: Go-to tools for trust and safety analysts
A major tech company’s trust and safety analysts experienced retaliation from investigation targets due to improper attribution management.
Silo for Research (Toolbox) is a secure and anonymous web browsing solution that enables users to conduct research across the open, deep and dark web.
Learn the risks trust and safety investigators encounter in online research and what's needed to counteract them.