What Is Doxing and How Can You Prevent It?

We reveal a great deal about ourselves since we live our lives online. Personal information, photographs, and geotags tell the world who you are and where you are on your favorite websites and social media networks. Your digital footprints are visible all across the web. You may become a victim of doxing if someone dislikes you and is ready to collect the breadcrumbs.

What is doxing?

Doxing is the act of obtaining, hacking, and publicizing the personal information of others, names, addresses, credit card numbers, and phone numbers, for example. Doxing might be directed at a single person or a whole organization. There are various reasons for doxing, but coercion is one of the most common. Because documents are frequently downloaded and shared, doxing is a slang term derived from the word ".doc."

Hackers have devised various methods for doxing, but one of the most prevalent is locating the victim's email address. After obtaining the victim's email, the hacker attempts to decipher the password and access the victim's account to obtain further personal information.

How does it work?

Data may be collected in a number of ways, from simple data harvesting to sophisticated hacking. Combine a high amount of self-disclosure with a low level of security, and you've got yourself a recipe for disaster. An attacker can discover a surprising amount about you in a short amount of time.

The following are the most popular techniques −

Sniffing of Wi-Fi (packets)

Hackers can easily gain access to public Wi-Fi networks. A doxer may easily intercept your internet connection and view real-time data, such as your browsing websites. This means that your personal information, such as login credentials and passwords, is in danger of being stolen.

Examining the metadata of files

An assailant can find out a lot about you just by glancing at your file information. If you go to the 'Details' part of a Word file, for example, you may see who made it, who updated it, when it was created, and possibly even what company it came from.

EXIF data is also present in photographs. This displays the model of the smartphone or camera used to capture the shot and the resolution and time it was taken. It can also expose your location if GPS was turned on when the shot was taken.

Logging of IP addresses

Hackers can also send an IP logger - an unnoticed bit of code – to your device by email or text message, allowing them to track your IP address.

Doxing's Dangers

Typically, doxing is a targeted attack. Someone's social media post could go viral, or they could be well-known in a specific hobby group or social circle. Perhaps they have differing viewpoints on sensitive or political issues from the doxer. And the consequences can be far-reaching.

The most alarming is referred to as "Swatting." Special units are dispatched to the scene when someone phones law enforcement with a tip about a violent criminal or another person. The person being harassed has no idea what's going on, and this miscommunication could result in severe consequences.

A user may be forced to change email addresses and phone numbers depending on the severity of violence and disruption. Due to the level of disturbance and fraudulent reporting, it may result in job termination if their workplace is discovered.

How can you avoid being doxed?

Thanks to the huge diversity of search tools and information readily available online, almost anyone can become a doxing victim.

If you've ever left a remark on an internet forum, joined a social networking site, signed an online petition, or purchased real estate, your information is publicly available. Furthermore, anyone searching for information in public databases, county records, state records, search engines, and other repositories will uncover a wealth of data. While this information is available to individuals who are truly interested in finding it, there are several steps you may take to keep your data protected. These are some of them:

Use a VPN to hide your IP address.

A VPN (a virtual private network) offers superior security against IP address leakage. Before reaching the public internet, a VPN encrypts the user's internet traffic and sends it via one of the service's servers, allowing you to surf the online anonymously. Kaspersky Secure Connection keeps your conversations private and protects you from phishing, malware, viruses, and other cyber risks while you use public Wi-Fi.

Good cybersecurity is a must.

Doxers can't steal information through malicious applications using anti-virus and malware detection software. Regularly updating your software helps avoid security 'holes,' which might lead to you being hacked and doxed.

Make use of strong passwords.

A strong password combines capital and lowercase characters, numbers, and symbols. Use multiple passwords for different accounts and change them on a regular basis. If you have difficulties remembering passwords, use a password manager. For different platforms, use different usernames. Utilize distinct identities and passwords for each service if you use online forums like Reddit, 4Chan, Discord, YouTube, etc.

Create different email accounts for different needs.

Consider separating your professional, personal, and spam email accounts. Avoid giving out your email address to the general public. It should only be used for private communication with close friends, family, and other trusted contacts. Use your spam email to sign up for accounts, services, and promotions. Finally, your professional email address can be made public whether you are a freelancer or linked with a certain organization.

Examine and update your privacy settings on social media sites.

Examine your social media privacy settings to make sure you're okay with the quantity of information you're sharing and with whom it's shared.

Think about the platforms you'll use for various tasks. If you're using a platform for personal purposes, tighten your privacy settings (like sharing images with friends and family on Facebook or Instagram). Let's pretend you're utilizing a platform for business (such as monitoring breaking news on Twitter and tweeting links to your work). In such a case, you might wish to make some of the settings public avoid posting important personal information or photographs.

Multi-factor authentication should be used.

This means that you — and anybody else attempting to log into your account — will require at least two pieces of identification to access your account, typically your password and phone number. Hackers will require access to a PIN in addition to the victim's password, making it more difficult for them to obtain access to a person's devices or online accounts.

Keep an eye out for fraudulent emails.

Doxers may use phishing scams to deceive you into providing personal information such as your home address, Social Security number, or even passwords. Be cautious when you receive a communication claiming to be from a bank or credit card business and asking for your personal information. A financial institution will never ask for this information by email.

Request that information from Google's search results is removed.

Individuals who discover personal information in Google search results can request removal. Google simplifies the procedure by providing an online form. Many data brokers provide this type of information online, mostly for background checks and criminal background checks. Create Google alerts.

Set up Google alerts for your complete name, phone number, home address, or any other private information you're concerned about so you'll know if it comes online unexpectedly.

Updated on: 15-Mar-2022


Kickstart Your Career

Get certified by completing the course

Get Started