Click. Post. Compromise?
September 9, 2025 – Defence Stories
Estimated read time – 0:45
In today’s digital age, even the smallest detail can cause a major breach. A single photo, date, profile update, or location tag can unknowingly reveal sensitive information and give adversaries the clues they need. With so many apps woven into our daily lives, it’s easy to share without thinking and even easier to overlook what you’ve revealed.
In uniform and as member of the Defence team, safeguarding what you share isn’t optional — it’s a critical part of the mission.
Watch the video and review the key points in the infographic to learn how you could be causing a security breach without realizing it and why every detail shared matters.
For more information on a variety of security topics, please visit the Security Awareness Toolkit, available through the Director General Defence Security (DGDS) intranet page.
Transcript
We scroll. We post. We share.
But what are we really revealing?
A quick selfie taken while on deployment during an operation…
A harmless video of your unit… Seems innocent.
Until that image or video — complete with time stamps and GPS coordinates unintentionally exposes your location to anyone watching, including adversaries.
Should you be posting that content?
As a Defence Team member, you have additional security considerations:
- Scrub metadata from images
- Turn off location services
- Avoid posting geotagged photos or videos
Infographic – Text version
Click. Post. Compromise?
Social media connects and communicates — but for the military and defence, it can pose serious security risks that are often overlooked. Oversharing can compromise missions, endanger lives, and expose sensitive information.
Three critical threats:
1. OPSEC Compromise & Malicious Targeting
Sharing personal/job-related details online exposes individuals
and the organization to malicious actors:
hostile intelligence services, cybercriminals or other adversaries
who exploit this information through tactics like phishing, social
engineering, or honey traps.
- Title
- Rank
- Unit
- Security clearance level
- Training history
Ex.: A defence member updates their LinkedIn profile to include their ROLE IN A CYBER INTELLIGENCE UNIT AND MENTIONS HAVING “TOP SECRET CLEARANCE.”
A malicious actor uses this information to craft a convincing phishing email, posing as a government official requesting sensitive data.
Helpful Tip: Avoid sharing personal identifiers. When sharing CV information, do so selectively and limit profile visibility with privacy settings.
2. Geolocation Exposure
Geolocation features can:
- Enable real-time tracking of personnel and operations
- Significantly increase the risk to missions and individuals operating in conflict areas
Ex.: A Defence member FORGETS TO DISABLE THEIR GEOLOCATING IN AN APP DURING A DEPLOYED OPERATION. This seemingly harmless oversight allows adversaries to identify troop presence and activity in the area.
Helpful Tip: Disable location services, avoid posting geotagged photos or videos and be aware of backgrounds that reveal sensitive locations.
3. Metadata in Photos
Photos can contain sensitive hidden data such as time, date, device information, and GPS coordinates — all of which can be exploited by adversaries.
Ex.: A group selfie taken during an operation without consideration for what is visible in the background is shared online. The action seemed harmless but IT REVEALED SENSITIVE INFO AND METADATA: TIME AND LOCATION.
Helpful Tip: Use tools to scrub metadata from images and be alert to your surroundings before uploading.
Page details
- Date modified: