What is Doxing?
‘Doxing’ popularly known as doxxing gets its name from the term “dropping dox,” or “documents.” It is a form of cyberbullying that uses sensitive or secret information, statements to harass, expose or cause financial harm or other exploitation to the intended victim.
It is also an online attack revealing online information, such as their real name, home address, workplace, phone, profession, and other personal information. This information is then circulated without the victim’s permission to the public.
Doxing has existed for many years and it leverages the fact that documents containing information about people and things can be used as powerful weapons against them.
It initially gained popularity in the 1990s when hackers began dropping docs on people who had been hiding behind aliases. Hackers used this method to expose other attackers with whom they had been in competition. By removing their anonymity they were exposed to authorities and others who were trying to track them down. Doxing plays a predominant role in the modern culture war that involves people targeting or attacking those who support a cause or hold a belief in opposition to one they are trying to push forward.
Why would somebody dox someone?
The motivations behind doxing may vary from the hacker to hacker.
Doxing is used mainly for coercion, online shaming, extortion, and vigilante justice in context with cyber bullying. It is often used by online ‘mobs’ to intimidate or threaten the victim. It is also used as a threat to leak personal information to manipulate or blackmail someone into doing or saying uncomfortable things. When they feel attacked or insulted by their target doxing could be used as a means of seeking revenge. If someone has controversial opinions, they could be targeted by someone with opposing viewpoints. Other reasons include:
- Victim shaming
- Personal revenge
- Anger or disagreement with a particular community/cause
- For scaring or intimidating victims
What is the impact of Doxing?
Doxing can affect someone in myriad ways. Not only does it affect mental, physical, and professional lives but can cause feelings of overwhelming anxiety .When someone’s doxed, the victim may feel like the entire world has gained access to their private life.
This may heighten anxiety levels for as long as the victim is still receiving harassment and abuse about that particular unauthorized disclosure. Long-term anxiety and distress can aggravate pre-existing mental health problems and potentially even lead to mental illnesses such as depression which in turn may lead to self-harm and suicidal tendencies.
The victim may become worried about leaving home if the victim’s home address has been shared leading to further problems such as employment or education problems. The victim’s reputation can be permanently tarnished by doxing, causing employment loss or embarrassment in front of family and friends.
They may also be vulnerable to various cyber-attacks once their financial details are available online.
What information are Doxers looking for?
What information are Doxers looking for?
Doxers aim to reveal information which includes:
- Real name
- Telephone number
- Social Security number
- Home address
- Credit card numbers
- Bank account numbers
- Personal photographs
- Social media profile
- Workplace details
- Personal phone number
- Bank account or credit card information
- Private correspondence
- Criminal history
- Embarrassing personal details
- Payment card information,
- Mortgage details,
- Credit reports, etc.
Politicians, Celebrities, journalists and influencers are amongst those who have been doxed, resulting in their targeted harassment from online mobs, damage of reputation, and – in extreme cases – death threats.
Doxing caught mainstream awareness in December 2011, when hacktivist group Anonymous exposed details information about 7,000 law enforcement members’ as a response to investigations into hacking activities.
Examples of doxing
The most common doxing situations fall into these 3 categories:
- Releasing an individual’s private information online.
- Revealing previously unknown information of a private person online.
- Releasing information of a private person online could be damaging to their reputation and those of their personal and/or professional associates.
How does doxing work?
We live in an age of data. Data is the new oil. People often have less control over a vast ocean of personal information on the internet than they believe. Anyone anytime can turn that data into a weapon.
Since Doxing leverages the fact that nearly everyone has personal data floating around on the internet, it can be weaponized and used against the target.
Maybe you mention that you are traveling to South America for the first time. With this, the hacker will come to know you don’t live in that continent. Your online activity is a trail of breadcrumbs and by following that trail they can know where you live, your gender, age, and race. With this information, they can determine your identity.
Following methods are typically used to dox people:
1. Packet sniffing
Hackers use packet sniffing to their advantage while doxing someone. Data moves as packets across the internet. A Doxer intercepts information by packet sniffing which will tell what kind of information is within it. Through this, they can get passwords, bank account information, credit card numbers, and more. Doxers capture the data being transmitted through the network by connecting to a network, get past its security.
2. IP logging
IP logging is yet another method Doxers use to access data. IP loggers attach a code to the email which the victims can’t see. When the targeted victims open such emails, the code present in them tracks their IP addresses and sends them back to the IP logger. Using IP addresses other information can be obtained by hackers.
3. Reverse cell phone lookup
With just your phone number, hackers can find out a lot more about you. Reverse phone lookup services such as Whitepages let you type a telephone number — to find out the person who owns the number. Such sites charge fees to provide additional personal information.
4. Social media stalking
Anyone whose social media accounts are public is susceptible to doxing through cyberstalking. Private information such as house address, profession, friends, photos, likes and dislikes, places visited, family members, pets, and so on can be known using social media. A Doxer may find the answers to your security questions with the above information giving them access to other online accounts. People willingly share personal information on social media sites such as Facebook, Twitter, and Instagram such as vacations, new jobs, etc. They also provide key information about themselves when signing up for these sites which can be uncovered by Doxers. It is of paramount importance to keep your personal information safe on social media.
Be smart and vigilant when signing up for social media sites by not providing all the details.
5. Studying government records
6. Phishing and Spear Phishing
Through phishing, hackers can get access to sensitive details and use your emails for a doxing attack. Then the targets are prompted to click on a link to a fake website to enter sensitive information.
The email may look like it comes from your bank, or some other service provider. The email might ask you to urgently click on a link to prevent your account from being closed down which can lead to the disclosure of confidential information.
Please refer to our detailed post regarding Phishing and Spear Phishing for more details.
If someone owns a domain name their information will be stored within a registry. This registry is mostly available to anyone who does a WHOIS search. Usually, there is an option available to hide your information while signing up for a domain. If you do not opt for it, your name, phone number, address, business address, and email can be accessed easily without any special technology.
7. Tracking Usernames
8. Tracking IP addresses
9. Using data brokers
Data brokers are individuals or organizations that collect information and then sell it to obtain profit. A data broker will collect information about potential targets by going to several websites that contain public records. Data brokers leverage public records, online search histories, social media usage, and the purchases made to dig up information about the target.
By following breadcrumbs of information across the internet, doxers can build up a picture that leads to other important details, including the person’s name, physical address, email address, phone number, and more. Sometimes doxers buy and sell personal info on the dark web.
How to protect yourself from Doxing?
Almost anyone can be a doxing victim with an army of search tools and information available online. Posting on online forums, having social media accounts, signing online petitions are some of the various ways to make information publicly available. Large amounts of data are available through public databases, search engines, and other repositories.
Following are the steps that can help you protect your information:
You can find out how easy or difficult is to dox yourself by checking what information can be easily obtained about you on the internet. You can use following steps to do that:
- Google your name and identity
- Audit your social media profiles, including privacy settings
- Do a reverse image search.
- Check to see if any of your email accounts were part of a significant data breach by using sites such as Haveibeenpwned.com.
- Check CVs, and personal websites to see what personal information is visible.
There is no guarantee that you won’t ever get doxed but there are some strategies you can follow to lessen the odds.
Follow the below steps to reduce the risk of getting doxed:
1. Modify your privacy settings
Make your social media accounts private so that only selected people can view them. If you use social media to share private information review your privacy settings and change them. Updating privacy settings regularly can help keep information from being accessed by any attacker who can see your profile information, pictures, posts, or likes and dislikes. Review the privacy settings on your social media profiles, and double check that you are ok with the amount of information being shared and with whom.
Be strategic about which platforms you use for which purposes. If you are using a platform for professional purposes avoid including sensitive personal information and images.
2. Don’t provide personal information
3. Use a VPN
4. Use different usernames on different platforms
5. Be Vigilent about phishing emails
Doxers use phishing techniques to trick you into disclosing personal details using passwords. Be alert when you get an email that appears to come from a bank or credit card company, especially if they are asking for private information. Banks or other financial institutions will never ask for your personal information by email.
Additionally, be careful when clicking on a link to any website sent through an email asking you to enter personal information.
6. Use Strong Passwords
Your name, a predictable series of numbers or a word are all examples of weak passwords making it easy to guess by a doxer. Each of your accounts should have different passwords. Implement obscure combinations of letters, numbers, and symbols, or using a password manager that generates and stores passwords that are very hard to guess.
Strong passwords can keep hackers at bay, preventing them from changing your information on these sites, nabbing your account information, or posting their messages under your name. A strong password has a combination of lowercase and uppercase letters, numbers, and symbols.
7. Create Separate Email Accounts for Separate Purposes
8. Be Mindful of Providing App Permissions
9. Protect Your Financial Accounts
10. Watch out for Information Hazards
Following are some of the overlooked things which can leak out your private information. Watch out for these and similar applications:
- While sharing Microsoft word files, excel spreadsheets, PowerPoint slides, etc. online restrict the files’ metadata, containing information such as author’s name, contributor’s name, revisions, etc
- Websites like peoplefinder.com, whitepages.com, etc. will contain a lot of sensitive information about people. Anyone can access that information for free or by paying a small fee. One can request such sites to remove their information from their platform as the sites are legally obliged to follow the user’s request for privacy.
- Remove your data from the Google Maps Timeline and delete activity history from google and other browsers frequently.
- Hackers can find out a device’s physical location, internet provider’s name, search history, and other information just by knowing an IP address. Therefore use a virtual private network (VPN) to mask your IP address
- It’s important to note that WebRTC has a vulnerability that can reveal your true IP address. Install an add-on or extension for your browser to mitigate this vulnerability.
11. Practice good cybersecurity
12. Use multi-factor authentication
13. Hide domain registration information from WHOIS
14. Ask Google to remove information
15. Scrub your data
16. Set up Google alerts
Make sure you set up Google alerts for your full name, phone number, home address, and other private data so that you will be notified when that information appears online leading to doxing.
What to do if you become a victim of doxing?
When someone’s doxed, the victim may feel like the entire world has gained access to their private life. This may heighten anxiety levels for as long as the victim is still receiving harassment and abuse in relation to that particular unauthorized disclosure.
Doxing victims should take the following steps:
1. Report it at the Earliest
2. Involve law enforcement
3. Document what happened
It is important for the victim to document the attack by taking particular screenshots, downloading web pages, and recording the conversations between them and the Doxer. Make ensure that the date and URL are visible while taking screenshots.
This evidence consists of important information and is essential for your own reference and can help you keep track of what information was shared and help the respective authorities and others to address the attack.
4. Protect financial accounts
5. Lock down your accounts
6. Take the support of friends and family
Doxing has existed for many years and it leverages the fact that documents containing information about people and things can be used as powerful weapons against them. Doxers aim to reveal information which includes: Real name, Social Security number, Telephone number, Home address, Employer, Bank account numbers, Credit card numbers, Personal photographs, Social media profile, Workplace details Personal phone number, Private correspondence, Criminal history Embarrassing personal details payment card information, mortgage details, credit reports, etc.
Doxers utilize social media profiles, Ip addresses, WHOIS records, usernames, IP logging, phishing, Goverment records, phishing, and other techniques to extract personal information to harass, manipulate and blackmail people. It is important to be aware of our online presence and what we share online to prevent doxing.
Other methods to prevent getting doxed include using VPN, multifactor authentication, set up Google alerts, scrub your data, delete your recent activities, practice good Cybersecurity methods, beware of app permissions, Create Separate Email Accounts for Separate Purposes, use strong passwords, modify privacy settings. It is important for organizations to use strong encryption techniques and train their employees to prevent cyber attacks. It is important to be careful and alert about what you post online, and never share private information online forums, or social media sites.
The internet gives people the freedom to say whatever they want which people use to express whatever opinions they want, no matter how controversial, with no chance of them being traced. Since that is not the case it is wise to be careful about what you say online.