What is Doxing?

Doxing definition

Doxing which is short for “dropping dox” (“dox” being slang for documents), is the malicious practice of gathering and publicly releasing someone’s personal information, such as their home addresses, phone numbers, financial information, or other personal details, without the victim's consent. 

With the rise of social media and readily accessible online data, doxing has become a popular tactic that is often used to harass, intimidate, or harm individuals. This is typically motivated by personal vendettas, ideological conflicts, or a desire to cause harm to the victim. 

How Doxing Works

Doxers employ a range of tactics to compile personal information from publicly accessible or poorly protected sources:

Tracking Usernames

Consistent usernames across platforms make it easy for attackers to connect online profiles and build a comprehensive picture of a target’s online activity.

Social Media Profiling

If your Social Media accounts are public, anyone can find out information that you post on these accounts. This can include details like location tags, family or friend’s photos, job details and even something as simple as your pet’s name. This information can provide valuable clues that doxers can use to piece together personal profiles or even help doxers to answer security questions to hijack other accounts that you own.

Tracking IP Addresses

Doxers can use several methods to discover a target’s IP address to approximate their location. They can then use social engineering techniques on the target’s internet service provider (ISP) to gain more information about the victim.

Data Scraping and Aggregation

Attackers use software to collect and compile small data points from different sources, building an in-depth profile of their target from seemingly insignificant details.

Reverse Mobile Phone Lookup

By entering a phone number into lookup services, doxers can then associate that number to a name, address and possibly other sensitive information.

Running a WHOIS Search on a Domain Name

If a target owns a domain name their information will be stored within a registry. If the target hasn’t chosen to hide their data on the registry, doxers can use a simple WHOIS search that can reveal registered contact information such as name, phone number, addresses, email and other personal information.

Phishing

Fake emails or messages can be used to trick targets into revealing private details like login credentials or contact information, which attackers will then use to further exploit their victim.

Packet Sniffing

If a Doxer can get access to your network they can use packet sniffing to monitor and intercept specific data packets which can contain sensitive information like passwords, bank account details, credit card numbers and other information they might like to take.

Using Data Brokers

Data brokers collect, analyze and sell or license consumer information to other companies generally for marketing purposes. These Data Brokers usually create a profile for an individual containing things like interests, hobbies, demographics and other data they can get access to. 

They typically get information from public sources, third party companies, surveys and several other sources. 

Unfortunately, this information can end up on the dark web and then can be utilized by doxers for a small fee. 

What Information Are Doxers Looking For?

Doxers typically seek out various types of personal information to build a complete profile on their target, often with harmful intent:

Home Addresses

One of the most common data points doxers look for is a person’s home address. Access to this information allows them to escalate harassment or threats to a physical level, making the victim feel unsafe at home.

Phone Numbers

Phone numbers enable doxers to directly harass victims through calls or texts. They can also use reverse lookup services to uncover additional personal details or perform social engineering attacks by impersonating the target.

Email Addresses

Email addresses are a gateway to further harassment, phishing attacks, and spam. With an email, doxers can attempt to hack into the target’s online accounts, often leading to further data leaks.

Employment and Job Title

Knowing where someone works allows doxers to target their professional life, sometimes by contacting the victim's employer to spread false information. This type of harassment can damage reputations and even jeopardize employment.

Financial Information

Sensitive financial details like bank account information or credit card numbers are highly valuable to doxers. Access to financial data can lead to identity theft, unauthorized transactions, or blackmail.

Social Security Number (SSN) or National ID Numbers

With a Social Security Number or national ID, doxers can commit identity theft, open credit accounts in the victim’s name, or impersonate the victim to access other sensitive data, causing long-term financial and legal consequences.

Legal and Ethical Perspectives on Doxing

The legality of doxing varies by jurisdiction. In some regions, laws explicitly prohibit doxing, while in others, it falls into a legal gray area. For example, the U.S. has laws against harassment and cyberstalking that can apply to doxing, but not all cases meet the legal criteria for prosecution. The European Union’s General Data Protection Regulation (GDPR) also protects individuals from having personal data exposed without consent, adding another layer of defense against doxing.

Ethically, doxing is widely condemned as a harmful invasion of privacy. While some individuals argue for transparency or “information freedom,” exposing another person’s information without their consent is generally seen as both dangerous and unethical.

How to Protect Yourself against Doxing

  • Preventing doxing starts with proactive online privacy practices:

Review Social Media Privacy Settings

Restrict profile visibility and be selective with friend requests. Limit the amount of personal information displayed publicly.

Use Strong Passwords and Two-Factor Authentication (2FA)

Protect your accounts with secure passwords and enable 2FA for an added layer of security.

Limit Personal Information Shared Online

Avoid posting details like your home address, phone number, or location on social media or other public platforms.

Use VPNs

A Virtual Private Network (VPN) can obscure your IP address, making it more difficult for attackers to track your online activities or locate you physically.

Regularly Monitor Online Presence

Search your name and personal details periodically to check for any unauthorized information posted online.

Hide Domain Registrations

Use domain privacy protection to conceal personal information in WHOIS records, reducing the risk of doxers accessing your contact details.

By adopting these practices, individuals can reduce the risk of being doxed and maintain greater control over their personal information.

Steps to Take if You’ve Been Doxed

  • If you discover that you’ve been doxed, immediate action is essential:

Contact the Platform or Website

Request the removal of your information from any site where it’s been posted.

Report the Incident to Authorities

For cases involving threats or harassment, file a report with local law enforcement or cybercrime agencies.

Notify Friends, Family, or Colleagues

Inform those close to you of the situation, especially if there’s potential for them to be targeted as well.

Monitor Online Accounts and Credit Reports

Check for any unusual activity on your accounts or credit report, as doxing can lead to identity theft or financial fraud.

Seek Professional Help if Needed

In severe cases, consider reaching out to a cybersecurity expert for further assistance and guidance.

Doxing