All about doxxing — and how you can protect yourself

Billions of people use the Internet every day for so many reasons. Some use it for social interaction, while others use it for business activities. This is why we have all kinds of social media platforms, websites, e-commerce sites, and forums to accommodate all intents. Due to the different activities we perform online, we may reveal all kinds of information about our lives, families, businesses, dreams, and personal data. Sometimes, you may be forced to disclose your location and your bank account details when you’re shopping online. So, whether you want to or not, as long as you’re using the Internet, you must reveal something about yourself. It gets even worse for people who use it for social interaction. Sometimes, you share your pictures, secrets, and embarrassing moments. If you belong to many platforms or use different websites, you may have dropped different information about yourself on each one. While all that may seem necessary, you may regret it when someone decides to dox you. If you’ve not heard about “doxxing” (also spelled “doxing”) or you have heard and don’t want to be a victim, this article is for you. We will tell you what doxxing is, how it works, and what you can do to protect yourself against it.

What is doxxing?

Doxxing is deliberate research on an individual to acquire and share sensitive information about him or her. The act is usually perpetrated to embarrass or shame the target online by exposing his or her private information collected from multiple platforms.

The term “doxxing” was coined from “dropping dox,” a term popular among hackers and vigilantes in the past. They used it to harass, intimidate, and in most cases, expose both private and public figures to public scorn or even put them in legal jeopardy. In addition, some hackers used it to strip other hackers of their anonymity as a form of revenge against them.

So, it has never been for noble intentions. These days, it has become terrifying as cyberbullies use doxxing to frighten innocent people. Nowadays, if someone doesn’t like your comments or the content you shared online, they may decide to dox you.

Even online gamers vindictively dox other gamers if they’re angry at something that happened during the game. This means that anyone is a potential target for doxxing. You no longer have to be a prominent or public figure to be doxed. Once a would-be doxxer somewhere discovers sensitive information about you, you’re gone. It could also affect your business and it could affect your job. If doxxers release unflattering details about your life, including where you work, your employers might find they have to answer embarrassing questions.

How does doxxing work?

Before doxxing anyone, the perpetrator starts by collecting crumbs of information from multiple platforms about the target. If you become a target of doxxing, doxxers can use many techniques to gather the details they need about you. Sometimes, cyberbullies can even hack your accounts to make sure they succeed.

Some of the common information-gathering methods they use are as follows:

Data brokers

One of the methods that cybercriminals collect information is through data brokers. These people often buy data from business datacenters and sell them to other businesses. Indeed, they don’t usually target individual buyers because they sell data in bulk. However, a desperate doxxer may acquire data in bulk and cross-reference it to get what they want.

Hacking

Someone who wants to dox you can go as far as hacking your accounts or devices to collect sensitive information. Hackers use many strategies to steal data from their target. They can send legit-looking emails embedded with malicious codes to infiltrate you via a phishing attack. Once you click on anything or download any attachment, they’ll gain access to you. Other ways they hack people includes:

IP logging

Hackers can send a malicious link to you, and immediately you click it, you’ve unknowingly launched a script that’ll reveal your IP address.

Packet sniffing

Hackers can mislead you on public WiFi to connect to a fake hotspot where they can monitor and access your online data. If you’re someone who uses an unencrypted connection on a public WiFi network, you’ve already exposed your sensitive information to them. They can get you login details and passwords and also know the websites you visit.

Social media

If anyone is desperate to dox you, they can stalk you on social media and gather information about you. We all belong to one social media platform or the other. Most times, we unknowingly expose ourselves to cyberbullies through the pictures and contents we share. They can get all the information they need to dox you by cross-referencing all your linked profiles. They can also analyze the EXIF data of the photos you share to get your location if you carelessly enabled your GPS.

How to protect yourself against doxxing

1. Avoid data broker websites

One of the ways to protect yourself against doxxing is by protecting your data. If they can’t find it, they can’t dox you. So, make sure you’re not on data brokers’ websites. Since they sell people’s data to others, you’re at risk of doxxing. You can use www.whitepages.com or www.peoplefinder.com to check if your data is on those websites. If it is, try hard to opt-out of there.

2. Don’t share sensitive information online

If you want to prevent doxxing, don’t open your door to it. Mind what you share online and protect your sensitive information from others.

Many people don’t see anything wrong with sharing their phone number, home address, or even every important event or achievement online. But if you don’t want to lose credibility because someone twisted your details, limit your information to a need-to-know basis.

If you’re unsure about what information you already shared unknowingly, try searching your name on a privacy-oriented search engine. Don’t depend on Google alone but expand your search a bit more. Once you notice that you have sensitive information out there, try to remove as many as possible.

3. Use strong your passwords — always!

The principal place that doxxers get juicy information about you is through social media accounts. Most people live half of their lives on social media. That means if a hacker gets hold of your password, you’re marked for doing.

So, make sure they don’t by protecting your accounts with strong passwords that no one can break. If you can’t create a unique password, use a password generator to get the best. But no matter what, don’t reuse any passwords. Instead, use NordPass or other password managers and password generators to simplify your life.

Another way to protect your accounts is by enabling two-factor authentication but not SMS authentication. Hackers could swap your SIM and overcome the barrier.

4. Your comments can come back to haunt you

Someone may decide to dox you because they didn’t like your comments. Even if you choose to use anonymous browsing while commenting, a serious doxxer can still search and get your IP address. So, if you must leave a comment on any website, don’t reveal too many details. If you can, avoid the option of using your social media account to log into any website. Also, use a VPN to access the Internet so you can easily mask your IP.

5. Always use a VPN

If you want to be safe from doxxing and other cybercrimes, make sure to use a VPN. A strong VPN network will hide your IP and encrypt your data online, and is especially important for small businesses. No doxxer or hacker will get you when you’re hidden behind a VPN’s network. The best part is that you can surf the web through public WiFi through a VPN network.

But then make sure that your VPN has strong security features, has a no-log policy, and can protect you from several cyberattacks such as doxxing and malware attacks, even evil twin attacks.

Is doxxing legal

Many countries may not mind doxxing, but there’re other countries where it is a severe crime. Any doxxing attack that damages someone’s reputation or endangers them physically is considered a heinous crime. Some countries, such as the United States, have state and federal laws that make it illegal.

Apart from the United States, many countries in the EU consider the act illegal and punishable by law. When someone exposes private information that shouldn’t be made public, these countries penalize such wrongdoers.

Can you dox yourself? Should you?

You can dox yourself to find out the information you’ve exposed about yourself online. Once you get that, you can remove what you don’t want others to use against you. So, if you’re going to give it a try, do the following:

1. Google your name and re-edit some of your information, like your name if you want. You can also visit Facebook to unlink search engines from your account.
2. Narrow down your search by searching your name together with, say, your address, phone number, and other personal details by typing something like “your name+phone number+address.”
3. Search for your images to see if any of your pictures are appearing on sites you didn’t use.
4. When searching, use your actual email, address, nicknames, phone numbers to see if you can find them anywhere together. If you do, it may likely be a data broker’s website.

If you find your information compiled in a file online, you can ask the website to delete your information. But if you’re living in the EU, you can do it legally because they have the GDPR (General Data Protection Regulation) rules to support you.

Final words on doxxing

The best action you can take against doxxers is to thwart them. Don’t give anyone the weapon to dox you. Instead, always protect your information, passwords, and use a VPN to browse online. That way, you can be sure that no one will compromise your privacy and embarrass you or your company unnecessarily.

Featured image: Shutterstock