Doxing (Doxxing): Defined, Explained and tips to Stay Protected

About Doxing (Doxxing)

What is Doxing?

‘Doxing’ popularly known as doxxing gets its name from the term “dropping dox,” or “documents.” It is a form of cyberbullying that uses sensitive or secret information, statements to harass, expose or cause financial harm or other exploitation to the intended victim.

It is also an online attack revealing online information, such as their real name, home address, workplace, phone, profession, and other personal information. This information is then circulated without the victim’s permission to the public.

Doxing has existed for many years and it leverages the fact that documents containing information about people and things can be used as powerful weapons against them.

It initially gained popularity in the 1990s when hackers began dropping docs on people who had been hiding behind aliases. Hackers used this method to expose other attackers with whom they had been in competition. By removing their anonymity they were exposed to authorities and others who were trying to track them down. Doxing plays a predominant role in the modern culture war that involves people targeting or attacking those who support a cause or hold a belief in opposition to one they are trying to push forward.

Why would somebody dox someone?

The motivations behind doxing may vary from the hacker to hacker.
Doxing is used mainly for coercion, online shaming, extortion, and vigilante justice in context with cyber bullying. It is often used by online ‘mobs’ to intimidate or threaten the victim. It is also used as a threat to leak personal information to manipulate or blackmail someone into doing or saying uncomfortable things. When they feel attacked or insulted by their target doxing could be used as a means of seeking revenge. If someone has controversial opinions, they could be targeted by someone with opposing viewpoints. Other reasons include:

  • Victim shaming
  • Personal revenge
  • Publicity
  • Anger or disagreement with a particular community/cause
  • For scaring or intimidating victims

What is the impact of Doxing?

Doxing can affect someone in myriad ways. Not only does it affect mental, physical, and professional lives but can cause feelings of overwhelming anxiety .When someone’s doxed, the victim may feel like the entire world has gained access to their private life.

This may heighten anxiety levels for as long as the victim is still receiving harassment and abuse about that particular unauthorized disclosure. Long-term anxiety and distress can aggravate pre-existing mental health problems and potentially even lead to mental illnesses such as depression which in turn may lead to self-harm and suicidal tendencies.

The victim may become worried about leaving home if the victim’s home address has been shared leading to further problems such as employment or education problems. The victim’s reputation can be permanently tarnished by doxing, causing employment loss or embarrassment in front of family and friends.

They may also be vulnerable to various cyber-attacks once their financial details are available online.

What information are Doxers looking for?

What information are Doxers looking for?

Doxers aim to reveal information which includes:

  • Real name
  • Telephone number
  • Social Security number
  • Home address
  • Employer
  • Credit card numbers
  • Bank account numbers
  • Personal photographs
  • Social media profile
  • Workplace details
  • Personal phone number
  • Bank account or credit card information
  • Private correspondence
  • Criminal history
  • Embarrassing personal details
  • Payment card information,
  • Mortgage details,
  • Credit reports, etc.

Politicians, Celebrities, journalists and influencers are amongst those who have been doxed, resulting in their targeted harassment from online mobs, damage of reputation, and – in extreme cases – death threats.

Doxing caught mainstream awareness in December 2011, when hacktivist group Anonymous exposed details information about 7,000 law enforcement members’ as a response to investigations into hacking activities.

Examples of doxing

The most common doxing situations fall into these 3 categories:

  1. Releasing an individual’s private information online.
  2. Revealing previously unknown information of a private person online.
  3. Releasing information of a private person online could be damaging to their reputation and those of their personal and/or professional associates.

How does doxing work?

We live in an age of data. Data is the new oil. People often have less control over a vast ocean of personal information on the internet than they believe. Anyone anytime can turn that data into a weapon.

Since Doxing leverages the fact that nearly everyone has personal data floating around on the internet, it can be weaponized and used against the target.

Maybe you mention that you are traveling to South America for the first time. With this, the hacker will come to know you don’t live in that continent. Your online activity is a trail of breadcrumbs and by following that trail they can know where you live, your gender, age, and race. With this information, they can determine your identity.

Following methods are typically used to dox people:

1. Packet sniffing

Hackers use packet sniffing to their advantage while doxing someone. Data moves as packets across the internet. A Doxer intercepts information by packet sniffing which will tell what kind of information is within it. Through this, they can get passwords, bank account information, credit card numbers, and more. Doxers capture the data being transmitted through the network by connecting to a network, get past its security.

2. IP logging

IP logging is yet another method Doxers use to access data. IP loggers attach a code to the email which the victims can’t see. When the targeted victims open such emails, the code present in them tracks their IP addresses and sends them back to the IP logger. Using IP addresses other information can be obtained by hackers.

3. Reverse cell phone lookup

With just your phone number, hackers can find out a lot more about you. Reverse phone lookup services such as Whitepages let you type a telephone number — to find out the person who owns the number. Such sites charge fees to provide additional personal information.

4. Social media stalking

Anyone whose social media accounts are public is susceptible to doxing through cyberstalking. Private information such as house address, profession, friends, photos, likes and dislikes, places visited, family members, pets, and so on can be known using social media. A Doxer may find the answers to your security questions with the above information giving them access to other online accounts. People willingly share personal information on social media sites such as Facebook, Twitter, and Instagram such as vacations, new jobs, etc. They also provide key information about themselves when signing up for these sites which can be uncovered by Doxers. It is of paramount importance to keep your personal information safe on social media.

Be smart and vigilant when signing up for social media sites by not providing all the details.

5. Studying government records

There is a fair amount of information that can be found on government websites. Examples driving licenses, marriage certificates, birth certificates, real estate transactions, and voter registration logs – all of which contain personal information.

6. Phishing and Spear Phishing

Through phishing, hackers can get access to sensitive details and use your emails for a doxing attack. Then the targets are prompted to click on a link to a fake website to enter sensitive information.

The email may look like it comes from your bank, or some other service provider. The email might ask you to urgently click on a link to prevent your account from being closed down which can lead to the disclosure of confidential information.

Please refer to our detailed post regarding Phishing and Spear Phishing for more details. 

6. WHOIS

If someone owns a domain name their information will be stored within a registry. This registry is mostly available to anyone who does a WHOIS search. Usually, there is an option available to hide your information while signing up for a domain. If you do not opt for it, your name, phone number, address, business address, and email can be accessed easily without any special technology.

7. Tracking Usernames

Many times people use the same username on several websites. This is problematic since a doxxer can track your username across the Internet, finding your posts at online forums and websites and web applications. This makes it easy for cybercriminals, activists, or others to use the usernames to pinpoint accounts that belong to you. Data from each of these accounts will be used to create a portfolio of documents that reveal personal information regarding victims.

8. Tracking IP addresses

Doxers use various methods to discover IP address, which is linked to a physical location. After finding out the IP address hackers use social engineering tricks on the target’s internet service provider (ISP) to discover more information about the target. Then they use this information to file a complaint about the owner of the IP address or attempt to hack into their network.

9. Using data brokers

Data brokers are individuals or organizations that collect information and then sell it to obtain profit. A data broker will collect information about potential targets by going to several websites that contain public records. Data brokers leverage public records, online search histories, social media usage, and the purchases made to dig up information about the target.

By following breadcrumbs of information across the internet, doxers can build up a picture that leads to other important details, including the person’s name, physical address, email address, phone number, and more. Sometimes doxers buy and sell personal info on the dark web.

How to protect yourself from Doxing?

Almost anyone can be a doxing victim with an army of search tools and information available online. Posting on online forums, having social media accounts, signing online petitions are some of the various ways to make information publicly available. Large amounts of data are available through public databases, search engines, and other repositories.

Following  are the steps that can help you protect your information:

You can find out how easy or difficult is to dox yourself by checking what information can be easily obtained about you on the internet. You can use following steps to do that:

  • Google your name and identity
  • Audit your social media profiles, including privacy settings
  • Do a reverse image search.
  • Check to see if any of your email accounts were part of a significant data breach by using sites such as Haveibeenpwned.com.
  • Check CVs, and personal websites to see what personal information is visible.

There is no guarantee that you won’t ever get doxed but there are some strategies you can follow to lessen the odds.

Follow the below steps to reduce the risk of getting doxed:

1. Modify your privacy settings

Make your social media accounts private so that only selected people can view them. If you use social media to share private information review your privacy settings and change them. Updating privacy settings regularly can help keep information from being accessed by any attacker who can see your profile information, pictures, posts, or likes and dislikes. Review the privacy settings on your social media profiles, and double check that you are ok with the amount of information being shared and with whom.

Be strategic about which platforms you use for which purposes. If you are using a platform for professional purposes avoid including sensitive personal information and images.

2. Don’t provide personal information

When signing up for social media platforms, avoid providing personal details, like your date of birth, hometown, high school, or employer information.

3. Use a VPN

A virtual private network (VPN) encrypts data and sends them securely through the internet. On the receiving end, the encrypted data is decrypted so it can be read by the other party. When the data is in transit a doxer cannot use it unless they have the decryption algorithm. VPN can help shield your private information from doxers by hiding your real IP. Thus the hackers won’t be able to mine this address for your location or other identifying information.

4. Use different usernames on different platforms

If you are active on multiple social media sites, do not use the same usernames on each. People can be easily tracked with their history of posts on social media, especially if they have a single username across the Internet.

5. Be Vigilent about phishing emails

Doxers use phishing techniques to trick you into disclosing personal details using passwords. Be alert when you get an email that appears to come from a bank or credit card company, especially if they are asking for private information. Banks or other financial institutions will never ask for your personal information by email.

Additionally, be careful when clicking on a link to any website sent through an email asking you to enter personal information.

6. Use Strong Passwords

Your name, a predictable series of numbers or a word are all examples of weak passwords making it easy to guess by a doxer. Each of your accounts should have different passwords. Implement obscure combinations of letters, numbers, and symbols, or using a password manager that generates and stores passwords that are very hard to guess.

Strong passwords can keep hackers at bay, preventing them from changing your information on these sites, nabbing your account information, or posting their messages under your name. A strong password has a combination of lowercase and uppercase letters, numbers, and symbols.

7. Create Separate Email Accounts for Separate Purposes

Use different email addresses for social interactions, work, and spam. Whenever you sign up for an offer or subscribe to something use your spam email address. Personal interactions can be handled on your social email address. Using different logins and passwords for each makes it harder for a doxer to gain access. Since a spam email can often be used to go straight to a user account with details in the account profile it is important to make your spam email particularly difficult to hack into.

8. Be Mindful of Providing App Permissions

Usually while signing up for an app an option comes asking your permission to access your social media information. If the app does not have adequate security, a doxing hacker may penetrate their system and get all your personal information. It is recommended to sign up by providing a unique username and password instead of giving the app access to your social media accounts.

9. Protect Your Financial Accounts

A doxer may publish your financial information which can lead to a lot of complications. Therefore it is important that you take steps to make sure it is secure by using strong passwords and VPN to log in. If your account is compromised immediately reach out to your bank or credit card provider and make sure your accounts are closed or otherwise protected.

10. Watch out for Information Hazards

Following are some of the overlooked things which can leak out your private information. Watch out for these and similar applications:

  • While sharing Microsoft word files, excel spreadsheets, PowerPoint slides, etc. online restrict the files’ metadata, containing information such as author’s name, contributor’s name, revisions, etc
  • Websites like peoplefinder.com, whitepages.com, etc. will contain a lot of sensitive information about people. Anyone can access that information for free or by paying a small fee. One can request such sites to remove their information from their platform as the sites are legally obliged to follow the user’s request for privacy.
  • Remove your data from the Google Maps Timeline and delete activity history from google and other browsers frequently.
  • Hackers can find out a device’s physical location, internet provider’s name, search history, and other information just by knowing an IP address. Therefore use a virtual private network (VPN) to mask your IP address
  • It’s important to note that WebRTC has a vulnerability that can reveal your true IP address. Install an add-on or extension for your browser to mitigate this vulnerability.

11. Practice good cybersecurity

By using Anti-virus and malware detection softwares, you can stop doxers from stealing information through malicious applications. By regularly updating the software you can fill any security gaps that could lead to you being hacked and doxed.

12. Use multi-factor authentication

Multifactor authentication ensures that you need at least two pieces of information to verify your identity. Usually, a password and a phone number are used but biometric authentication can also be used. MFA makes it difficult for hackers to access a person’s devices or online accounts because knowing the victim’s password alone is not enough; they will also need additional factors to get access to information.

13. Hide domain registration information from WHOIS

WHOIS is a registry that contains information on all registered domain names on the web. This public database can be used to obtain information about a person or an organization that owns a domain. Make sure your personal information is private and hidden from the WHOIS database if you are planning to run a website anonymously without disclosing your real identity.

14. Ask Google to remove information

Individuals can request the removal of personal information appearing in Google search results from the search engine. It is a simple process through an online form. By doing this you can ensure your personal information does not come up when somebody enters a search query on Google.

15. Scrub your data

Remove your information from data broker sites to avoid getting doxed. Once the data is removed you need to regularly check even after your information is removed since it can be republished. You can also use paid services on sites like DeleteMe, PrivacyDuck, or Reputation Defender.

16. Set up Google alerts

Make sure you set up Google alerts for your full name, phone number, home address, and other private data so that you will be notified when that information appears online leading to doxing.

What to do if you become a victim of doxing?

When someone’s doxed, the victim may feel like the entire world has gained access to their private life. This may heighten anxiety levels for as long as the victim is still receiving harassment and abuse in relation to that particular unauthorized disclosure.

Doxing victims should take the following steps:

1. Report it at the Earliest

Reporting it the first and foremost step is to report the attack to the platforms on which your personal information has been posted. This can help contain the damage and the sites can look for security loopholes and fixed them.

2. Involve law enforcement

If the Doxer makes personal threats or if the information was leaked in a potentially illegal manner, immediately contact the police and let them know. The police will conduct inquiries regarding the attack and if proved, the Doxer will be punished.

3. Document what happened

It is important for the victim to document the attack by taking particular screenshots, downloading web pages, and recording the conversations between them and the Doxer. Make ensure that the date and URL are visible while taking screenshots.

This evidence consists of important information and is essential for your own reference and can help you keep track of what information was shared and help the respective authorities and others to address the attack. 

4. Protect financial accounts

As soon as you are aware of the attack it is important to immediately contact your credit card provider and notify them regarding the attack. This helps in further prevention of financial information from being used against you.

5. Lock down your accounts

To contain further damage Change your passwords, use tools such as password manager to ensure safe login to sites, enable multi-factor authentication wherever possible, and strengthen your privacy settings on every account you use.

6. Take the support of friends and family

Doxing can be mentally and emotionally taxing. Take the help of friends and family to assist you during such difficult times so that you don’t have to deal with it alone.

Conclusion

Doxing has existed for many years and it leverages the fact that documents containing information about people and things can be used as powerful weapons against them. Doxers aim to reveal information which includes: Real name, Social Security number, Telephone number, Home address, Employer, Bank account numbers, Credit card numbers, Personal photographs, Social media profile, Workplace details Personal phone number, Private correspondence, Criminal history Embarrassing personal details payment card information, mortgage details, credit reports, etc.

Doxers utilize social media profiles, Ip addresses, WHOIS records, usernames, IP logging, phishing, Goverment records, phishing, and other techniques to extract personal information to harass, manipulate and blackmail people. It is important to be aware of our online presence and what we share online to prevent doxing.

Other methods to prevent getting doxed include using VPN, multifactor authentication, set up Google alerts, scrub your data, delete your recent activities, practice good Cybersecurity methods, beware of app permissions, Create Separate Email Accounts for Separate Purposes, use strong passwords, modify privacy settings. It is important for organizations to use strong encryption techniques and train their employees to prevent cyber attacks. It is important to be careful and alert about what you post online, and never share private information online forums, or social media sites.

The internet gives people the freedom to say whatever they want which people use to express whatever opinions they want, no matter how controversial, with no chance of them being traced. Since that is not the case it is wise to be careful about what you say online.

About Chaithra M.J

Chaithra M.J
A Software engineer, a Cybersecurity blogger and enthusiast, currently pursuing writing as an independent writer. Along with writing, Tech, Philosophy, Self-help, Chess and movies are her interests.

Check Also

what is https ssl stripping

What is SSL Stripping: Defined, Explained and Explored

An attacker can remove the encryption from a client-server communication by using SSL stripping, aka …