What is Doxing and How to Avoid Getting Doxxed
Table of Contents
- By Rita
- Apr 14, 2022
The internet has proven to be both a friend and a foe. One peculiar thing about it is that often users need to reveal personal information before accessing most of its features.
This information ranges from photos, locations, preferences, banking details, and other forms of data. With these, we usually give the online world a clear idea of who we are and what we do.
However, malicious people can put this information together to build a data-based profile without our knowledge. This can be risky, especially when this personal information gets into the hands of criminals to be used for doxing.
What is Doxing?
The term "dox" comes from the expression "dropping dox", a revenge tactic used by hackers decades ago. It has roots in the hacker communities of the early internet, and it was a shorthand for "dropping documents" for their communities to share freely.
Anyone with any form of malice against another person online can carry out such an attack. From online gamers to cyberbullies, anyone can do you.
Simply put, it’s the collection of an individual’s personal information across multiple platforms by an unauthorized individual who then publishes the information without the victim’s consent. The goal is usually to harass, blackmail, shame, or extort.
Most of us aren't too careful with what we share online. We usually leave behind a trail of breadcrumbs that a cybercriminal can use to find our real identity and then deploy a string of malicious attacks. Even CIA Director John Brennan was successfully doxed by a pair of teens in 2015.
This was a man leading an intelligence agency in one of the world’s most dominant countries, and even he wasn’t safe. What’s to keep the same from happening to you?
How is Doxing Used Against You?
The most common ways people use doxing are:
- Encouraging general harassment.
- Extortion by using the threat of releasing information.
- Making people feel unsafe or scaring people to create panic.
- Vigilantism against public figures.
- Exposure to facilitate legal prosecution.
- Embarrassment by releasing information the victim would prefer to keep confidential.
Most incidents occur between people in smaller interpersonal circles, even if the information exposed on the internet is seen, consumed, and acted upon by a wider network of unconnected individuals. However, the strongest version of this attack is when there's no apparent motivation.
Kinds of Information Used to Dox People
When an attacker releases a dox, the contents are rarely identical from one incident to the next. Depending on the target and the availability of personal information, the materials they unleash can vary. Most doxes will include:
- Full legal name.
- Home addresses.
- Mobile phone numbers.
- Financial details like active bank accounts or credit card numbers.
- Linked social media accounts.
- Employment information.
- Usernames and passwords for various online accounts.
- Personal correspondence, including SMS, social media messages, emails, letters, etc.
- Private or embarrassing media like photos and videos.
- IP addresses.
Even just a few pieces of this information, if released online, can have devastating effects on the victim.
How Does Doxing Work?
Your online activity is like a trail of breadcrumbs. Anyone determined enough can follow that trail until they find out information about you, including your address, age, gender, race, and other personal information. The aim is to abuse this information and cause harm.
The most common doxing techniques include:
Public Wi-Fi networks are vulnerable to hacking. A doxer can easily intercept the internet connection and obtain real-time data from you, like the websites you browse. Sensitive personal data, such as login details and passwords, can be compromised in this way.
ISP (Internet Service Provider) Doxing
While ISPs have become more vigilant against scams, human employees can’t stay on guard all the time. All ISP doxing takes is one burnt-out or negligent employee to share a customer’s personal information unwittingly.
First, Doxers learn their victim’s IP address. There are many ways to access someone’s IP address, from borrowing their phone to luring them onto a website and checking the server logs. A dedicated doxer has many options.
Each IP address is tied to a person’s physical location and is used by the ISP to identify individual customers. Using this stolen IP address to boost their credibility, doxers call ISPs while impersonating a support team member and request additional information on a “client.”
This way, they can collect a lot of personal information, including full names, contact information, exact address, date of birth, and much more. It’s unlikely they’ll get any financial information, but stealing money this way isn’t typically a doxer’s goal.
Some hackers usually go the extra mile and slip an IP logger (an invisible piece of code) into your device through an email or message. This allows them to sniff out your IP address.
Cybercriminals can also rely on phishing emails to gather information about you. Often, you'll receive an email that seems to come from your credit card provider, bank, or other reliable sources. The email might ask you to click on a link or download an attachment.
If you click on the link, you're redirected to a webpage that will ask for your personal information. If you provide this information, you'll be sending your personal information to the attacker. Also, if you download an attachment, malware is loaded onto your device, which the attacker can then exploit to acquire your personal information.
Analyzing File Metadata
By simply examining your file metadata, an attacker can get a lot of information about you. For instance, the details section of a Word file will reveal who created or edited it and possibly even when and where it was created.
Also, photos have EXIF data. It shows the model of the smartphone or camera that took the picture, the resolution, and the time when you took it. What's more, it could go as far as revealing your location if you had enabled GPS when taking the photo.
If hackers gain access to this information, they can learn a lot about you and do a great deal with it.
Sifting Through Government Records
One of the ways doxers can carry out an attack is by sifting through publicly available information. While most personal records are not visible online, there’s still a fair amount of data that can be gleaned from government websites. Some examples include databases of business licenses, county records, marriage licenses, DMV records, and voter registration logs.
Social Media Stalking
If your social media accounts are public, an attacker can cyberstalk you to find out information about you. This information can include your location, workplace, friends, photos, likes and dislikes, places you've been to, names of family members, and much more.
A doxer can even work out the answers to your security questions using this information. This would help them break into other online accounts where they can get even more information about you.
The Many Goals of Doxing
Having sensitive information on a person is like having a knife at their throat. Doxers hold significant power over their victims, and they can use it to negotiate or destroy. Here are a few of the most common reasons to dox someone.
Damaging a Business
The value and trajectory of a business is primarily decided by the people running it. So, it's exceptionally damaging when compromising information about a company's leadership gets leaked. Many consumers will "vote with their wallets" and boycott companies run by those they disagree with.
In other cases, the business itself could get doxed, which displays a lack of competence or reliability, such as in the case of the 2014 Sony attack.
A North Korean hacking team used ransomware to steal information from Sony Pictures. This attack was likely in response to Sony's upcoming movie, The Interview. The film blatantly mocked the North Korean regime with a plot built around assassinating the country's leader.
In a landmark turn of events, the FBI got involved, and the Sony incident became the first cyberattack formally condemned by an acting U.S. president. Massive data stores were raided, including future movie scripts, customer information, company strategy, and countless emails.
The overall cost to Sony was estimated at $41 million.
While this attack occurred on a massive scale, the same could happen to small businesses. Doxing is a tactic aimed at destroying a reputation in the court of public opinion. If an individual is no longer trusted or liked in their community, their business will suffer.
Doxers could be anyone from a disgruntled customer to the rival pharmacy across the street.
Being influential doesn't make a person immune to cyber threats. Many times, it paints a larger target on their back. Doxers frequently target high-ranking politicians and public officials to reduce their power or force them to resign altogether.
In 2011, doxers leaked private Twitter messages from New York representative Anthony Weiner. A mostly nude image of Weiner appeared briefly on his account, and he later admitted the picture was sent to a 15-year-old girl. This scandal led to the obvious end of his congressional seating and 18 months served in prison.
Weiner made an unsuccessful play for the New York mayorship, but could not escape his past offenses. This is only one of many political attacks that shifted an election cycle.
Digital Vigilantism or Revenge Doxing
Some call it doxing in the name of justice. These cases usually reveal the morally unacceptable or questionable beliefs of an individual. Then, the doxers wait for an eager community to tear their target apart. The social maiming is commonly characterized by stalking them, sending death threats, or physical violence.
Digital vigilantism is often performed by those deeply invested in hot-button issues such as racism and women's rights. If the doxer finds someone who disagrees with their beliefs, then they collect their opponent's personal information and release it to the public. This exposes the other party and opens them up to public attack in everyday life. Doxers also attack individuals they feel have "escaped punishment," as in the case of Walter Palmer.
A British paper reported on an illegal lion hunt in Zimbabwe. Cecil the lion was lured away by a group of guides and eventually killed by Walter Palmer, a dentist from Minnesota. It didn't take long for people to find and release Palmer's personal information, including his family information and place of work.
Palmer was eventually forced to shut down his dentistry practice out of fear of the daily protests. His vacation home address was doxed and vandalized with the epithet "lion killer" spray-painted on his garage.
It's worth noting that Palmer claims not to have known he was engaging in an illegal hunt. He'd assumed his guides had obtained the proper licenses for the trip. Factors like these open up questions about the ethics and fairness of doxing.
Can Doxing be Ethical?
It's hard for some people to see the problem with doxing. We all get a small rush of satisfaction when we see an evil person getting what they deserve. However, doxing often comes from a place of malice which leads to hasty and emotional decisions.
For starters, doxers aren't held to any journalistic standard. If they make a mistake, the person they undeservedly doxed must bear the consequences.
Kyle Quinn was misidentified as one of the people at the infamous Charlottesville rally. He was demonized as a Neo-Nazi and attacked and threatened by communities nationwide. All because a doxer made a hasty connection. Some studies show that people mistake similar-looking people up to 30 percent of the time.
Others also use doxing to fuel their hate crimes, like in the case of a Jewish victim named Tanya Gersh. A prominent member of an online Nazi group doxed Gersh and posted her information on white nationalist forums.
Gersh was met with a "Neo-Nazi Storm" that forcibly relocated her family, shut down her career, and endangered her teenage children. This is an extreme example of how one person can use doxing for evil based on their personal beliefs.
The relatively open wilderness that is doxing law allows for irresponsible, reckless, and hateful doxing. More and more states are seeing the dangers and punishing the malicious release of people's information.
Is Doxing Illegal?
The answer to this question depends on:
- The kind of information the doxer releases
- How the doxer obtained the information
- The intention of the doxer
- The impact on the victim.
It is primarily illegal, especially if the published information isn’t publicly available and the culprit illegally obtained it.
There isn’t a direct doxing law explicitly written for these attacks in the United States. The rules around these attacks constantly evolve and aren’t always clear-cut. However, federal prosecutors use two federal statutes to charge individuals suspected of doxing.
The first statute (18 U.S. Code §119) makes it illegal to knowingly expose the restricted personal information of a covered person or their family member. A covered person includes:
- Employees and officers of the U.S. government or its agencies.
- Employees and officers of local or state government agencies involved in a federal criminal investigation.
- Witnesses and jurors in court.
- Witnesses and informants in a federal criminal case.
Restricted personal information, in this case, includes home addresses, telephone numbers, personal email addresses, and social security numbers.
The second statute (18 U.S. Code §2261A) was initially written to target stalking. However, the wording allows it to apply to cyberstalking and dox attacks. It facilitates charges to be filed against anyone who uses an electronic communication service or interactive computer service to:
- Place someone else in reasonable fear of death or serious bodily harm.
- Injure, intimidate, harass, or surveil someone else.
- Cause or attempt to cause substantial emotional distress to a person.
How to Prevent Doxing
While there’s no foolproof way to guarantee an attacker won’t ever do you, here are some tips you can follow to lessen the odds:
- Use a VPN - A virtual private network can help you shield your personal information from doxers. A VPN will hide your IP address, and hackers won't be able to get this address for your location or other personally-identifying information.
- Avoid oversharing - Don’t overshare on social media, online forums, or message boards. Sharing too much of your information online gives doxers a lot to work with.
- Use Multi-factor authentication - This authentication method requires the user to provide two or more verification factors to access an account rather than just asking for a username and password. This decreases the likelihood of a cyber-attack.
- Ensure best password practices - Keep snoops and attackers away from your personal information by using strong and varying passwords for all your accounts, such as your bank account, credit card portals, work dashboard, and social media accounts.
- Avoid phishing emails - Be wary of emails that supposedly come from your bank or credit card provider and requests for your personal information. Financial institutions never ask for this information via email. So don’t open any suspicious emails and avoid clicking on any malicious links or downloading attachments found in emails.
- Protect your devices - Keep your systems secure and up to date. Get an antivirus program to protect your devices from malware, ransomware, and other threats. Check your settings to ensure your security software checks for updates and install them automatically. Scan your system regularly because this will notify you of any security threats.
- Avoid third-party login options - Many sites will ask you to sign in with Facebook, Google, or another third-party service. You should avoid doing this. Otherwise, these websites can request more information about you. The more sites you connect with your accounts, the easier it is for an attacker to compile your personal information.