Threatening and Anonymous Communications

October 2024

Organizations routinely receive a variety of communications from the public and employees. While most messages involve legitimate inquiries or reasonable complaints, a small percentage are bizarre, angry, or inappropriate. Some may contain direct or indirect threats, posing risks that range from reputational or financial damage to actual violence. Such communications should not be dismissed; they require evaluation, assessment, and cataloging to gauge potential risk. Research shows that the medium of communication is less important than the content itself. Written messages, phone calls, emails, and social media commentary should all be evaluated equally for content.

Organizations should establish screening and reporting protocols for departments likely to receive these types of messages, such as customer service, human resources, and other public-facing or employee-related departments.

Assessment of Threatening Communications

Communications containing direct or indirect threats should be immediately assessed by threat management professionals. Messages with the following themes may also indicate risk and require review:

• Extreme or escalating anger
• Highly personal pursuit of “justice”
• Suicidal or homicidal ideation
• Sexually aggressive language or explicit fantasies
• “Last resort” language (e.g., “You’ve left me no choice”)
• Demands for organizational change that exceed legitimate complaints
• Unreasonable demands for money or apologies
• Bizarre language or signs of a mission-like mentality

Assessors should also consider the persistence and intensity of the communicator’s efforts. Persistent or escalating troubling communications can be a significant risk factor, particularly in stalking cases. Any escalation in disturbing, bizarre, or threatening content should trigger an updated assessment.

Triage and Initial Assessment Factors

When conducting a triage or initial assessment, assessors should consider:

• How many communications have been received? Over what timeframe?
• Is this a single instance or a series of messages?
• Is the threat actionable? (e.g., “I will destroy the planet” versus “I’ll be waiting for you in the parking lot”)
• Who are the potential targets, named or implied?
• Are any referenced locations or dates significant?
• If addressed to a specific individual, what is known about the relationship between that individual and the communicator?

Best Practices for Handling Anonymous and Threatening Communications

Handling these types of communications requires a structured approach to ensure safety, compliance, and effective response. Here are best practices:

1. Document and Preserve Evidence: Record all threatening messages (e.g., take screenshots, save emails or texts) to ensure accurate reporting and provide evidence for authorities if needed. Avoid editing or deleting any part of the message. Store messages in a centralized location, such as a security or risk management platform, according to organizational policy.
2. Evaluate Threat Level: Engage your Threat Management Team to assess the communication for signs of immediate danger. Key indicators include specific language, targeted threats, or personal details about the recipient. Threats indicating imminent harm should be prioritized.
3. Avoid Direct Engagement: Refrain from responding directly, as this may escalate the situation or reveal additional information to the sender. Only authorized personnel should handle communications if engagement is required; your Threat Management Team can offer engagement strategies.
4. Notify Authorities: Contact your Threat Management Team and involve local law enforcement if necessary. If electronic media are involved, notify data security or insider threat teams as well.
5. Strengthen Digital Security: In cases of online harassment or data exposure, review and update digital security measures, including enabling multi-factor authentication, monitoring accounts for suspicious activity, and securing personal information.
6. Communicate Internally: Inform relevant personnel within the organization as needed, particularly if the issue affects broader security concerns. Develop a clear communication plan so all employees understand their role and the importance of discretion.
7. Provide Support to Affected Individuals: Offer counseling or mental health support to those impacted by threatening communications. Emotional support helps alleviate stress and reinforce organizational resilience.
8. Develop a Contingency Plan: Have a protocol in place for handling anonymous threats, including guidelines for escalation, internal communication, and recovery. Regularly train staff to recognize and report suspicious communications promptly.
9. Engage Legal Counsel: Seek legal advice to understand your organization’s legal obligations and protections. This is particularly crucial for handling threats that involve harassment or defamation.
10. Engage a Trained Threat Assessment Professional: The assessment of threatening communications should be conducted by trained threat assessment professionals, either internal staff or external experts.

By following these practices, organizations and individuals can enhance safety, improve response effectiveness, and reduce risks associated with anonymous and threatening communications.