What Is Doxxing And How Can You Prevent It?
The term “doxxing” originates from the word “documents.” 1990s hacker culture shortened the term to “docs” and then “dox,” with “dropping dox” referring to collecting personal documents or information, such as a person’s physical address, and then publishing them online.
Doxing may be carried out for various reasons, including inflicting harm, harassment, online shaming, extortion, coercion, business analysis, risk analytics, aiding law enforcement or vigilante versions of justice.
Recently, doxing has become a tool in the culture wars, with rival hackers doxing those who hold opposing views on the opposite side. Doxers aim to escalate their conflict with targets from online to the real world, by revealing information which includes:
- Home addresses
- Workplace details
- Personal phone numbers
- Social security numbers
- Bank account or credit card information
- Private correspondence
- Criminal history
- Personal photos
- Embarrassing personal details
Doxing attacks can range from the relatively trivial, such as fake email sign-ups or pizza deliveries, to far more dangerous ones, like harassing a person’s family or employer, identity theft, threats, or other forms of cyberbullying, or even in-person harassment.
Celebrities, politicians, and journalists are amongst those who have been doxed, making them suffer from online mobs, fearing for their safety, and – in extreme cases – death threats. The practise has also spread to prominent company executives; for example, when Proctor & Gamble’s Gillette released its, We Believe ad, which claimed to target toxic masculinity, Chief Brand Officer Marc Pritchard’s LinkedIn profile was shared on 4chan — with the poster calling others to send angry messages to him.
Doxing entered mainstream awareness in December 2011, when hacktivist group Anonymous exposed 7,000 law enforcement members’ detailed information in response to investigations into hacking activities. Since then, Anonymous has doxed hundreds of alleged KKK members, and their most recent targets have included Q-Anon supporters.
The motivations behind doxing vary. People feel they have been attacked or insulted by their target and could be seeking revenge as a result. If someone becomes known for their controversial opinions, they could target someone with opposing viewpoints. However, this tends to be the case when the topic is especially polarized, rather than everyday political disagreements.
Intentionally revealing personal information online usually comes with the intention to punish, intimidate, or humiliate the victim in question. That said, doxers can also see their actions as a way to right perceived wrongs, bring someone to justice in the public eye, or reveal an agenda that has previously not been publicly disclosed.
Regardless of the motivation, the core purpose of doxing is to violate privacy, and it can put people in an uncomfortable situation — sometimes with dire consequences.
How To Protect Yourself From Doxing
With the vast array of search tools and information readily available online, almost anyone can be a doxing victim. If you have ever posted in an online forum, participated in a social media site, signed an online petition, or purchased a property, your information is publicly available. Plus, large amounts of data are readily available to anyone who searches for it in public databases, county records, state records, search engines, and other repositories.
While this information is available to those who really want to look for it, there are steps you can take to protect your information. These include:
Protecting Your IP address By Using A VPN
A VPN or virtual private network offers excellent protection against exposing IP addresses. A VPN takes the user’s internet traffic, encrypts it, and sends it through one of the service’s servers before heading out to the public internet – allowing you to browse the internet anonymously.
Use Strong Passwords
A strong password normally includes a combination of uppercase and lowercase letters, numbers and symbols. Avoid using the same password for multiple accounts, and make sure you change your passwords regularly. If you have problems remembering passwords, try using a password manager.
Use Separate Usernames
If you are using online forums like Reddit, 4Chan, Discord, YouTube, or others, make sure you use different usernames and passwords for each service. By using the same ones, doxers could search through your comments on different platforms and use that information to compile a detailed picture of you. Using different usernames for different purposes will make it more difficult for people to track your movements across multiple sites.
Create Separate Email Accounts
Consider maintaining separate email accounts for different purposes — professional, personal, and spam. Your personal email address can be reserved for private correspondence with close friends, family, and other trusted contacts; avoid publicly listing this address. Your spam email can be used to sign up for accounts, services, and promotions. Finally, your professional email address
This means that you — and anyone else trying to access your account — will need at least two pieces of identification to log onto your site, usually your password and your phone number. It makes it harder for hackers to access a person’s devices or online accounts because knowing the victim’s password alone is not enough; they will also need access to a PIN number.
Ask Google To Remove Information
If personal information appears in Google search results, individuals can request its removal from the search engine. Google makes this a simple process through an online form. Many data brokers put this type of data online, usually for background checks or crime check information.
Doxing is a serious issue made possible by easy access to personal information online. Staying safe in an online world is not always easy, but following cybersecurity best-practices can help.