Important: This resource provides general information, not personal advice. Every situation is different. The actions suggested here may not be safe in your specific circumstances — particularly if the person causing harm could notice changes to your devices or accounts. Always consider your physical safety first.
If you need personalised support, contact 1800RESPECT (1800 737 732) or your local specialist domestic violence service. If you are in immediate danger, call 000.
This framework is under active development. View full limitations & methodology.
| ID | Name | Description | |
| SAFE-T-0083 | Account Takeover | Gaining full control of victim's accounts including email, social media, banking, government services, or utilities by changing credentials and recovery options. Complete takeover denies victim access while giving perpetrator full control over the account, including stored data, communications, and financial functions. | |
| SAFE-T-0091 | Administrative Access Abuse | Using parental controls, family administrator privileges, or enterprise MDM capabilities to exert control over an adult victim's devices and accounts. Exploits legitimate administrative tools designed for child safety or corporate security to restrict an adult's digital autonomy. | |
| SAFE-T-0088 | Backup/Cloud Access | Accessing victim's personal data through cloud backup services such as iCloud, Google Drive, OneDrive, or device backups. Cloud backups often contain comprehensive copies of messages, photos, contacts, browsing history, and app data, providing extensive surveillance capability from a single access point. | |
| SAFE-T-0082 | Credential Theft | Obtaining victim's passwords, PINs, or authentication credentials through shoulder surfing, guessing based on personal knowledge, social engineering, checking common password patterns, or accessing written password records. Intimate partners often have enough personal knowledge to guess passwords or know where credentials are stored. | |
| SAFE-T-0086 | Device Lockout | Remotely locking victim's phone, tablet, or computer through device management features such as Find My iPhone, Google Find My Device, or enterprise MDM tools. Can render devices completely unusable, cutting victim off from communication, navigation, banking, and emergency services. | |
| SAFE-T-0090 | Device Sabotage | Deliberately damaging, corrupting, factory-resetting, or wiping victim's devices or data. May involve physical damage, remote wipe commands, malware installation, or deliberate corruption of important files. Destroys evidence, disrupts victim's ability to communicate, and causes emotional and financial harm. | |
| SAFE-T-0084 | Password/Recovery Change | Changing passwords and recovery options (backup email, phone number, security questions) on victim's accounts to lock them out and prevent recovery. This technique ensures persistent denial of access even if victim attempts account recovery procedures. | |
| SAFE-T-0085 | Session Hijacking | Maintaining persistent access to victim's logged-in sessions by keeping devices logged in, copying session tokens, or exploiting 'remember this device' features. Allows perpetrator to monitor accounts without triggering new login alerts, making detection more difficult. | |
| SAFE-T-0089 | Shared Account Weaponization | Using legitimately shared accounts for streaming services, utilities, subscriptions, or household management to exert control or punish victim. Includes changing shared passwords, cancelling shared services, monitoring usage patterns, or using account features to track victim's activity and preferences. | |
| SAFE-T-0087 | Two-Factor Interception | Intercepting two-factor authentication codes through SIM swapping, access to victim's authenticator app, interception of SMS codes, or control of backup codes. Defeats security measures designed to protect accounts, enabling unauthorized access even when victim has changed passwords. | |