We assume that the term doxing does not tell you much at first. It is not a concept that we use every day; wow. However, doxing refers to a type of cyberattack or cyberbullying that is increasingly common on the Internet.
With this article, we want you to know first-hand what this practice is based on and how you can protect yourself from doing.
What is doxing, and what does it consist of?
The term doxing first arose in the hacker world, back in the 1990s, when anonymity was held sacred.
The continuous disagreements between the hackers sometimes resulted in one of them deciding to “expose docs” on another person, who, until then, was only known by his username or nickname. “Docs” became “dox” and later a proper verb, without the “expose” prefix.
Although this term is still used to describe the action of exposing anonymous users, this aspect is less and less relevant since most of us use our real names on different social networks.
Doxing (sometimes also written as doxxing) consists, therefore, in revealing personal and confidential information of a person through the Internet, such as their name, telephone number, home address, place of work, financial data,… or any other information of a personal nature.
Doxers (people who carry out this practice) seek to foster or escalate the conflicts they have with other people on the network by taking it out into the real world and revealing personal information, including social security number, bank account information, private correspondence, background criminal, … which enlarge the already long list of personal data that these profiles can provide.
Normally, doxing is the result of revenge. The one who carries it out gathers all the information and personal data of his victim to make them public on the network, often inciting other people to harass his victim and even becoming real threats against security and integrity. Physical of the victim.
How does doxing work?
We live in the information age. There is a huge and wide range of data and personal information available on the Internet, and we often have less control over it than we think. This implies that anyone with enough time, interest, and incentives to turn that data into a way to harm, can do so.
Some of the ways used to attack people through doxing are the following:
- Track usernames. More than a few of us use the same username for a wide variety of services we access on the Internet. This makes it easier for potential attackers to form an image about our interests and how we spend our time online.
- Perform a WHOIS lookup in relation to a domain name. Everyone who owns a domain name has their information stored in a registry that is often available through a WHOIS lookup. If the person who bought the domain name did not keep their private information hidden during the purchase, that personal information (name, address, phone number, etc.) is available on the Internet for anyone to find.
- Identity theft (phishing). If you use an unsecured email account or fall victim to phishing, sensitive emails can be discovered and posted online.
- Bullying on social media. If your social networks are publicly accessible, anyone can obtain information about you, being able to find out your location, place of work, photos, friends, personal tastes, places you have been, relatives, etc.
- Tracking of IP addresses. Doxers can use various methods to detect your IP address linked to your physical location. Once they find out, they can use various social engineering ploys with your Internet service provider to get more information from you.
- Packet analysis (sniffing). This concept usually goes in combination with doxing. Through this method, doxers intercept your Internet data and look for your passwords, credit card and bank account numbers, old email messages, etc. They do this through a connection to a network, whose security measures they decipher to later get the data that enters and leaves the network. One way to protect your privacy on the Internet and protect yourself from packet sniffing is by using a VPN.
- Through the use of data brokers. They are dedicated to the collection of information about other people and that they later sell for profit. They usually sell this data to advertising companies, but several search sites offer complete records on other people for relatively small amounts of money. If the doxer is willing to pay this price, he’ll get the information he needs about his victim.
Doxing Goals
Despite what it may seem, the goal of doxing is not to blackmail victims into getting money for not posting personal information. This practice aims to harm the victim by posting this information on the Internet.
This is mainly because behind doxing, there is a need for revenge. However, it can also be focused on causing harm to people with a certain notoriety and with whom they have differing opinions or points.
This means that, although anyone can become a victim of doxing, the most common are politicians, popular or well-known people in the media and with a presence on social networks, journalists, etc.
It should be noted as a fact to take into account that, according to studies carried out in this regard, the victims are mostly women.
Consequences of doxing
The main consequence of doxing is the loss of anonymity on the Internet since once we are victims of a doxer, our information and personal data will appear in the main forums, social networks, and Internet pages, leaving us exposed, both to us and to our family, friends,…, as well as the place where we live, reaching extremes such as knowing our routines, customs, etc.
If we add to this that another possible result of this harassment is incitement to harassment and threats towards the victim, the consequences of this practice can become really harmful and harmful, both personally, with family, work, etc.
What to do if you are a victim of doxing?
Since doxing consists of collecting information about the victim through the Internet, the best way to protect yourself is to protect our privacy as much as possible when we surf the Internet and try to avoid leaving a digital footprint that is too easy as possible. to follow.
Among the measures you can take to protect your privacy on the Internet, we recommend the following:
- Protect your IP address using a VPN.
- Establish good security measures. Antivirus and malware detection software can prevent doxers from stealing information through malicious applications.
- Use strong passwords. A strong password is one that typically includes a combination of uppercase letters, lowercase letters, numbers, and symbols. Avoid using the same password for several different accounts and change them regularly.
- Use different usernames within each platform. This will help you prevent doxers from being able to search for your comments on different networks and use that information to create a detailed profile about you.
- Create separate email accounts for different purposes. You can use your personal email address to communicate privately with close friends, family members, and other trusted contacts; another for spam in order to create user accounts and subscribe to services and promotions, and another for the professional field.
- Review and make the most of the privacy settings on social networks, adjusting it to the level you consider.
- Use two-variable authentication. If you want to access your account, this will mean that you need at least two different forms of identification to log in, usually your password and your phone number.
- Get rid of outdated or no longer used profiles. Check how many sites have information about you and delete those you no longer use or do not access regularly.
- Be alert to phishing emails. Doxers could use phishing scams to trick you into divulging your home address, social security number, or even your passwords.
- Ask Google to remove the information. If personal information appears in Google search results, people can request its removal from the search engine. In this article, we explain step by step how to do it.
- Take special care with the permissions of apps and questionnaires on the network.
- Avoid revealing certain types of information. Avoid divulging personal information, such as your social security number, home address, and any information related to bank accounts or credit/debit card numbers. Remember that hackers can intercept email messages, so you should not include private data in your messages.
- Set up Google alerts. Create Google alerts for your full name, phone number, home address, or other private information that concerns you. In this way, if such information appears suddenly, it could mean that you were a victim of doxing.
- Turn to specialized services.
- And above all else, avoid giving hackers reasons to be your victim. Be careful what you post online; never share private information on forums or social networking sites.