Learn How to Prevent Doxing

At its best, social networking allows families and friends to stay in touch or reconnect with people with whom they’ve lost contact. In addition, some online platforms permit a level of anonymity, where people can share opinions without revealing identities. Now, however, cyber attackers use “doxing” to unmask such users and expose them to nefarious acts such as public humiliation, vengeance and vigilantism.

What is Doxing?

Doxing is using the internet and its resources to find and reveal private information about previously anonymous users for the intent of online public humiliation, extortion and vigilante vendettas to hinder users’ lives.

By accessing online databases, social networking comments, public records and other online activity, cyber harassers discover the real name, address, telephone numbers, emails and work addresses of people who wish to remain anonymous.

Educators are particularly vulnerable, with 1 in 20 reporting that students or parents have threatened to or actually released their private information. This trend aligns with broader national patterns. Companies, particularly small and midsized businesses (SMBs), have also seen an uptick in doxing incidents as dissatisfied consumers take matters into their own hands. In any case, knowing more about the practice is the first step in preventing it.

Here are a few types of doxing:

• Exposing of Wrongdoing – Leaking private documents or photographs to prove that the target is guilty of an illicit act. This is a form of cyber vigilantism
• Identification Doxing – Posting pictures of people attending controversial events or behaving inappropriately in private photos; these are usually people whose privacy or reputation can be compromised by such revelations.
• Revenge Doxing – Releasing personal details about someone to exact revenge, often exposing their identifying information such as their real name, address, phone numbers, email addresses, other screen names, etc.
• Harmful Random Doxing – Randomly doxing someone as a destructive prank; it might be difficult to imagine, but these attackers are just doxing for the “fun of it” or just because they can.

Q: . What is doxing, and why is it dangerous?

A: Doxing is the act of publicly revealing someone’s personal information without their consent. This is often done maliciously to intimidate, harass, or harm the person. Once this information is out, it can lead to threats, stalking, identity theft, job loss, emotional distress or even physical harm.

How to Prevent Doxing and Protect Privacy Online

• Use Strong Passwords – Passwords are the guardians at the front gates in cyber security. Strong passwords, in tandem with multi-factor authentication, are the first step to help protect privacy online. The extra effort is worth the time for the protection it provides.
  • Change the Privacy Settings on Your Social Media Accounts
  • Do not list home or work addresses and general location information that could help someone piece together locales
  • Protect usernames and profiles, so they are not “public”
  • Set post visibility to “friends only"
  • Avoid posts and chats that could be portrayed as negative
• Use a Virtual Private Network (VPN) – A VPN provides a higher level of cyber security, reducing the chance of becoming a victim of doxing. Good VPNs use military-grade encryption to conceal data, hide the true location of IP addresses and protect privacy online
• Do Not Use the Same Password(s) Across All Online Platforms – Varying passwords across online platforms will help mitigate the impact of doxing
• Do Not List Domain Registration Contact Information – Domain databases, which serve as directories for all registered domains, should not display your contact information
• Install and Maintain Up-to-Date Cyber Security – Cyber security is not guesswork. A robust, layered approach to protecting data and identity is an essential part of online security

Q: What should you do if you become a victim of doxing?

A: Take the following steps:

• Document everything : Take screenshots of the exposed information and any threats or harassment
• Report the content : Notify the platforms where the doxing occurred (social media, forums, websites)
• Contact authorities : Report the incident to local police, especially if threatened
• Consider a credit freeze to prevent identity theft, and change passwords

What Is Swatting and Can Doxing Lead to Swatting?

Knowing the answer to what is doxing leads to the question of swatting.

Swatting is a byproduct of doxing, in which the attackers hijack addresses obtained through doxing to call in fake emergencies to police departments or medical services. The hackers make it seem as if the call is coming from the unwitting target’s address, sending responders to that address thinking they’re responding to a real emergency when, in fact, it’s a hoax.

Swatting is a criminal act and a federal offense. The FBI warns against the dangerous consequences of swatting and investigates and charges more swatting cases every year.

Q: How prevalent is doxing?

A: Last year, approximately 11 million Americans reported being victims of doxing. Victims feared for their personal safety, family safety, business reputation and financial consequences.

The increase in remote-access work has exposed many new network vulnerabilities and has produced new forms of cyberattacks. As the hackers get better, users must stay one step ahead in pursuing cyber threat protection.

For growing businesses, an expanding network adds more devices such as smart controls, wireless access and remote access, increasing network vulnerability and the need for regular network cyber security. From preventing doxing to protecting hard-earned network data from cyberattacks, businesses cannot afford to ignore these ever-evolving threats.

Contact an IT or cybersecurity professional to review network security and limit the amount of personal information you share online.