What is Doxxing: Examples And How to Avoid It
What is doxxing? Doxxing is the act of publicly releasing someone’s personal information without their consent. This can include their name, address, Social Security number, or bank account details. Doxxing can be very dangerous for the victim, leading to identity theft, fraud, or even physical violence. This guide will discuss what doxxing is, how it works, and why it is illegal.
Doxxing usually starts with someone finding an online account that belongs to the victim. They will then look through the account for any personal information they can find. Once they have found some, they will release it publicly, often on social media or in forums. This can be very dangerous for the victim, as their personal information is now open for anyone to see.
How does doxxing work?
Information gathering techniques vary from simple information harvesting to sophisticated hacking. Combine an intense amount of private information with an inadequate level of protection, and voilà! An attacker may know quite a lot about you. The more common method is: Generally, WiFi networks are highly vulnerable to a hack attack. The passwords and usernames on your computer will likely be compromised. In a few minutes, an attacker can see the files and data.
Social media stalking
Most users search social networking sites for personal information. Not only are some users willing to post personal information on social sites like Twitter, Facebook, and Instagram — including vacation dates and work — but they can also provide a good list of important personal data that determines what they are looking to do and that can be discovered in a doxxing effort. This is the reason we need to protect your data with Facebook.
Studying government records
You might find it surprising how many things you may know from government data you have gathered. You have your birth certificate, which lists your birthday, your birthplace, your father’s name, and your physician’s name. Your local department of motor transportation may store personal identification information, including the driver’s identity. You can file the marriage certificates with the county clerk. The public has the right to view information about your partner, your marriage certificate, and the dates of your marriage.
Data brokers
Those willing to pay may use a data broker in your favor to get more information. A data database gathers information about you by browsing your social media profiles or acquiring purchases.
Types of doxing
The dox has various ways of collecting and sharing information on its targets. This can be used to get a phishing message from a user that reaches your email or phone or even intercept your web traffic from your computer.
Phishing refers to the misuse of unauthorized communication to get a person to reveal personal details. Doxers may target specific individuals to obtain a targeted spear-phishing attack. While many phishing attacks are identity thieves, they can also serve the purpose of cyber attacks. For even greater security, choose a top antivirus tool capable of blocking phishing attacks while preventing malicious email attachments.
Social media doxing
Social media doxing involves stealing data about a person using your social media accounts. It could include workplace location, friends, photographs, likes and dislikes, places you have visited, family members’ names, and animals’ names. It can even help your doxers answer your security questions and then use it on your other websites. You must create vague user names or email addresses using online networks such as Facebook, Google+, and Twitter.
IP/ISP doxing
IP doxing (iSP doxing) occurs when a doxer tries to steal your IP address. The doxer also uses social-hacking techniques to trick the ISP into providing you with more info. A call spoof application disguises its phone number behind a number belonging to the ISP. The doxer calls the ISP pretending to work for Tech Support. This service will use your IP Address to get other customers’ details, such as your full name, Email Address, Phone number, ISP Account Number, and Dates.
Sniffing is the act of intercepting Internet traffic between sending and receiving. Internet traffic is transmitted through packet-based networks, and sniffers are software and hardware tools capable of collecting and reading the contents of these packets. A doxer could also sniff internet traffic to get personal info. You can also install an encryption VPN that blocks your web browsing activity.
Doxing methods
Cybercriminals and trolls will use their resources to attack you. The searcher uses one clue and follows it until the clue has been broken up to expose the identity of someone slowly.
Metadata in Office files is similar to Excel files. These are information about the document that can be found by right-clicking on a Microsoft Office file. -> Properties. -> Details: These sections contain details about when it was written, the computer, the person creating it, and the editing duration. A simple look into the data will reveal much about you. This is a guide from Microsoft on restricting the information shared in a document. However, there are not only Microsoft Office files whose metadata has been retrieved, but even photos containing EXIF data.
Revealing your identity through the information you post
If we post more posts, we are at a greater risk of getting our private details exposed. If you are a Facebook user, then this can be very deadly. You can never say what your location is. For example, you posted on a blog saying your name was American. You say in a second that you want to visit a separate continent. Cybercriminals have guessed you were likely living in Europe in only two posts. You say Walmart is not in your nation, but the Carrefour brand dominates in retail.
Matching information
Hackers can match your online information to identify you by using your social media profiles. If your full name and hometown are listed on your social media profiles, it will be easy for a hacker to find out more about you. They can then use this information to create a fake profile or to hack into your account. Another way hackers can match the information you post online to identify you is by using your email address. If your email address is listed on your website or blog, a hacker can easily find out more about you by simply searching.
Is doxing illegal?
Doxes may cause a loss of life and expose people to online and real-world harassment. Are they legal? Typically no: It’s not illegal when the information exposed is public knowledge or was acquired legally. However, doxing can fall under some jurisdictions that have policies to prevent stalkers from harassing or threatening the public. It also varies with specific information discovered. The disclosure of real names isn’t as necessary as revealing their address.
Doxxing is illegal in many countries, as it is a form of harassment. In the United States, doxxing is considered a form of stalking and is punishable by up to five years in prison. If you are a victim of doxxing, you should report it to the police immediately.
Real-world examples of doxing
Doxxing examples include abortion providers, convicted gang members, and law enforcement officials.
2019 Hong Kong anti-police doxing
The protests lasted six weeks during the tenth anniversary weekend of the Hongkong riots on February 24, 2018. Journalists and protest groups themselves were doxed during protests. Although the ethical implications for doxing can be unclear — most information can be accessed online — the situation can rapidly turn nasty.
Antifascist doing
In 2017, white supremacist protests were held around Charlottesville, VA, encouraging counter-protestors to dox members. Several Neo-Nazis were fired as doxers publicly revealed that they participated in the demonstrations. But some innocents had incorrectly been suspected of participating and bombarded with hatemail threats.
Anti-abortion doxing
A campaign against abortion in America began in 1997. This doxing case involved websites such as Nuremberg Files, where the personal data of the abortion provider was included in hit lists. In 2002 court decisions found it had been used to induce violence.
Boston Marathon bombing dox
The 2012 Boston bomb attack led to a notable example of doxxing; thousands of Reddit users attempted to locate the suspect. Redditor officials ended up wrongly finding some suspects they suspected had never been involved in the bombing.
How to prevent doxing?
If you think you might be at risk of being doxed, there are some things you can do to protect yourself. First, don’t post any personal information online that you wouldn’t want to be made public. This includes things like your home address or phone number. Second, use strong passwords for all of your online accounts and make sure to change them regularly. Finally, consider using a VPN when browsing the internet, as this will help to keep your IP address hidden.
Hide your data from a website’s WHOIS
The ownership of a website will require using the personal data on your domain. Those data are also saved in a WHOIS-based database. The difficulty is that the database is publicly visible, meaning anyone can see the information required when registering for an internet website. You can conceal your private information from unauthorized persons in exchange for small fees. If you want to edit or delete a WHOIS record, please visit the domain registrar’s website.
Remove yourself from data broker websites
Some Web sites act as “yellow pages.” They search out data and collect everything in an instant online. This can include an e-mail, a Facebook address, or a photo. When you think it sounds impossible, just check websites. We warn you, however, that this data is quite creepy. Fortunately, many businesses offer an opt-out mechanism to eliminate all information stored on their site. Unfortunately, the situation hurts business, and they make it as hard and tedious as possible.
Don’t use your e-mail address
Most likely, your primary email will say this: [first name][/first name]. This combination is exquisite, simple, and professional. But you lose your identity when a friend knows you. The forums often lack strong security controls, and if compromised, hackers will be able to hack into the site to steal the account information. A hacker can only look at that profile if a website displays a private user-facing email. Use another email to sign up for a forum.
Google personal information
It is quite a challenge because you’ll have to face some mighty corporations. Search by keyword and see a list of websites where people can find you. Delete everything you encounter — including account details you no longer value or need. If no one is on your site, contact your website administrator. Can anyone give me some info about my search engine? It looks up Google history when you enter the web browser on an incoming Google page.
Don’t use the Login buttons
Most apps and websites require an initial registration using Facebook logins. This login method lets you register for an account with your Facebook account via email. You may also add the information to your Facebook and Google accounts. It’s not more accessible, but it gives us a way to control how much information the website holds.
Conclusion
There are many reasons why someone might want to dox someone else. They might want to embarrass or humiliate them, ruin their reputation, or even threaten them with physical violence. No matter the reason, doxxing is a severe invasion of privacy and can have devastating consequences for the victim. If you think you might be at risk, take steps to protect yourself and consider reporting it to the authorities if it happens to you. Let’s all work together to make the internet a safer place for everyone.
Originally published at https://viableoutreach.com on August 18, 2022.
