Doxxing, also spelled doxing, is when a threat actor publishes Personally Identifiable Information (PII) about their target online. This can include publishing the target’s place of employment, home address, credit or debit card numbers and any other sensitive information. The purpose of the threat actor publishing another person’s PII varies, but most commonly has to do with harassment.
Continue reading to learn more about doxxing and what you can do to protect yourself from getting doxxed.
Where Did the Term Doxxing Start?
The term “doxxing” came about in the 1990s from the word “documents.” Documents was shortened to “docs” and then “dox” which is where the phrase “dropping dox” came from. Cybercriminals used dropping dox as a way to expose the real names of other cybercriminals they were in competition with. By revealing their real names, they removed their anonymity – exposing them to authorities and anyone else who was trying to track them down.
How Doxxing Works
Doxxing starts with a threat actor first gathering as much information as they can about their target. They’ll search their target’s name online to see what they can find on public websites and also check their social media platforms. Checking someone’s social media can reveal where their target works, which they can then use to carry out their attack. If the threat actor knows how, they can even determine their target’s IP address to see where they live.
The more information a threat actor gathers about their potential target, the more damage they can cause. While some doxxing attacks are harmless, like sending a random pizza delivery, other doxxing attacks can involve online harassment, swatting, identity theft, reputational damage, physical assault, loss of employment or real-life stalking.
Types of Doxxing Methods
Here are a few of the methods threat actors use to dox their targets.
Phishing is a type of social engineering attack that aims to trick a victim into revealing sensitive information. Threat actors who attempt to dox someone will send them phishing scams so they can gather as much information as possible about their potential victim.
Packet sniffing is when a threat actor intercepts and reads sensitive data that is passing through a network. With packet sniffing, threat actors mainly target sensitive information like login credentials, financial information and email messages that are unencrypted. Packet sniffing most commonly occurs when a victim is connected to public WiFi since anyone can join the network.
Internet Protocol (IP) doxxing, also known as Internet Service Provider (ISP) doxxing, is when a threat actor obtains your IP address and uses it to track down your physical location. After finding out your IP address, the threat actor can then use social engineering techniques to convince your ISP to divulge more information about you.
How Common Is It To Get Doxxed?
Doxxing has become increasingly more common in the digital age. According to a 2022 research report by Safehome.org, over 43 million Americans have personally experienced doxxing. While 52% of doxxing victims reported that their attack stemmed from online disputes with strangers, 25% of threat actors personally knew their victims.
Doxxing can happen to anyone who is active online, so it’s important to learn how to keep yourself safe from doxxing attacks.
How Can I Protect Myself From Doxxing?
Here are a few ways you can protect yourself from doxxing.
Use strong, unique passwords
A threat actor who attempts to dox you may try to break into your online accounts. This makes it easier for them to gather even more personal information about you so they can publish it online. To keep your accounts and data protected, always use strong passwords for each of your accounts and avoid reusing the same password across multiple accounts.
It’s also recommended you enable Multi-Factor Authentication (MFA) whenever possible. This adds an extra layer of security to your accounts by requiring additional authentication. MFA prevents anyone but you from being able to access your accounts.
Before a threat actor targets a victim in an attempt to dox them, they usually start with a deep dive into their target’s life. This can include looking through their social media, Googling them, sending phishing scams and even purchasing information from data brokers.
You’d be surprised how much information someone can find about you simply by searching your name due to your digital footprint. Your digital footprint is all of the information that exists about you online as a result of your online activity. Your digital footprint includes both the information that you are unaware is being collected, such as a site tracking your IP address (passive digital footprint), as well as anything you purposefully share such as a social media post (active digital footprint).
To make sure you’re keeping your digital footprint clean and prevent it from being used maliciously, you need to start with a Google search of your name. If you see any websites that have your personal information such as your home address or phone number, contact the site it appears on and request that they remove it. Some other steps you can take to clean your digital footprint include deleting and deactivating any old accounts you don’t use anymore, adjusting your social media and device privacy settings, and avoiding oversharing personal information online.
Use a VPN
One of the ways a threat actor can dox you is by finding out your IP address. With your IP address, anyone can see the geographic location of your device. If you’re home when someone tracks your IP address, they now have your home address, which is an invasion of your privacy.
The easiest way to prevent anyone from being able to discover your IP address is by using a Virtual Private Network (VPN). A VPN encrypts your connection and hides your IP address from anyone who may attempt to dox you.
Learn how to spot phishing scams
Phishing has gotten more sophisticated over the years, which has made phishing scams harder to spot. However, there are some signs you can look out for, such as the following:
- Poor spelling and grammar
- Emails, text messages or pop-ups asking you to reveal sensitive information
- An email address that doesn’t match the sender’s name
- Unsolicited links and attachments
Be cautious about what you post online
It can be tempting to post everything about our lives online, but it’s important to keep ourselves safe. Avoid sharing anything that can be used maliciously against you. For example, if you’re traveling, stray away from posting where you are while you’re there.
For extra security, keep your social media profiles private. This protects you in case a stranger attempts to dox you.
What To Do If You’ve Been Doxxed
Here are the steps you should take if you become a victim of doxxing.
Secure your accounts
One of the first things you’ll need to do, if you haven’t already, is secure your accounts. Change your passwords to ones that are strong and unique. To help you in generating strong passwords and securely storing them, it may be necessary to invest in a password manager. A password manager is a tool that aids you in generating, managing and storing your passwords securely so the only password you’ll have to remember is your master password.
As mentioned above, make sure to add MFA to your accounts to further secure them. A good password manager can aid you in storing your two-factor codes and auto-filling them when needed, so adding 2FA to your accounts won’t be an inconvenience.
Document as much as you can about the attack
Once your accounts are secured, you’ll want to make sure you document as much as you can about the doxxing attack. Take screenshots and try to include the dates and the URL of the website where your information was posted, if you can. All of this evidence will help you when reporting the attack.
Report the attack
The first place you’ll want to report the attack to is the website where the attack occurred or is occurring. Doing this will let the website know that they should remove any content that is related to the attack and that it is posing a risk to your online security.
If the doxxing attack escalates and you are worried about your physical safety or the safety of your identity, contacting law enforcement will be necessary. Depending on the case, doxxing can be considered illegal, however, you’ll need to contact law enforcement to see if your case rises to the level of the threat actor breaking the law.
Don’t Be a Victim of Doxxing
Doxxing can happen to anyone who’s online, but there are steps you can take to keep yourself protected from becoming a victim of this type of attack. Remember to keep your accounts secure with strong passwords, enable MFA, clean your digital footprint and be cautious about what you post online. Taking these steps minimizes the damage a threat actor can do if they attempt to dox you.