Doxxing – Definition
Doxxing is searching for and publishing personal information about a person publicly with malicious intent. Doxxing includes the hacker analyzing information posted online about the victim in order to identify and then harass the victim. It can also involve exposing an anonymous account to reveal the person’s identity. The term “doxxing” comes from the expression “dropping dox” which refers to a method of revenge hacking that originated in the early 1990s. Hackers would “drop” malicious information on a rival using the internet.
Doxxing is usually meant to embarrass the victim, draw criticism towards them, get revenge or cause the victim physical harm. Doxxing is a very serious threat to your privacy and can ruin people’s lives. Larger doxxing attacks include public shaming and public humiliation on a large scale. Some people can lose their jobs, families or even their homes as a result of doxxing. Many are forced to change their identities and pay large sums of money to remove unwanted information online.
Where Does the Term Doxxing Come From?
Doxxing derives from the hacker word for “documents.” Documents shortened to “docs” and then “dox.” To “dox” someone means documenting their personal information. In the 1990s, hackers would “dox” an enemy or rival out of spite. This would involve hackers identifying the hacker and attempting to get the hacker arrested for illegal practices.
Nowadays, anyone can be doxxed because of the plethora of personal information that exists online. Hackers find out important information about you online such as your social security number, address, telephone number, social media accounts, name of relatives, etc.
What is the Purpose of Doxxing?
Individuals use doxxing as a weapon. The Anonymous group and movements alike use doxxing as a way to punish their enemies or people who disagree with what they stand for. They do so by posting on the message board 4Chan, which has millions of members and hosts hate campaigns. 4Chan has also included attacks in the form of fake telephone calls, an overload of abusive email and a plethora of unwanted text messages.
Similar to identity theft, doxxing usually entails digging up information on the person through stalking online accounts and attempting to hack their credentials. While identity thieves’ main objective is financial gain, the goal of doxxing is more personal. Doxxing is typically for retribution, harassment or humulation purposes.
Ways Doxxers Can Find Your Information
Every device has an IP address that details where the device is being used. Doxxers can use an IP logger to trace a victim’s online activities and determine where they are located. The IP logger tracks you and exposes your identity when it’s combined with searching for accounts in your name on certain websites.
Your information is dispersed throughout the web, especially if you have social media accounts or post public content. However, your information is also out there for people to find because of data brokers. Data brokers buy customer lists from other businesses, such as airlines, magazine subscription services and surveys or “enter to win” type sites. For example, you may have given one website your phone number, but now you receive dozens of calls a day from spammy or unknown callers.
The companies entice you to give your information for a reward and in their fine print or terms and conditions they state that they may sell your information. The data brokers then have the information readily available for doxxers and hackers to purchase. The good news is that some doxxers/hackers do not want to pay for the information, but to stay safe it’s important to remove yourself from data broker sites.
If you have created your own website, or use a website for your business, the registration information you used to receive the domain name becomes public to anyone using the WHOIS database. The data you have entered is accessible directly from the WHOIS website or through a domain sales broker. To ensure that you keep your data private, you can actually choose to obscure the information through your domain broker. You can also use an email that you use for subscriptions or an unimportant email address with a fake telephone number and fake information. It keeps you and your business safe and does not show up on the front end of your site.
Types of Doxxing
Now that you have learned what doxxing is and the ways that doxxers can find your information, you may be wondering how doxxing is performed. There are a few techniques that doxxers may use to retrieve information about an individual.
Common methods include:
- IP Logging: As mentioned above, this method uses an IP logger (a piece of code you cannot see). The IP logger is typically added to an email or a message to find out your IP address. Once a user has opened the message, the IP address is tracked and sent back to the doxxer.
- Packet Sniffing: Data you send over a WiFi network can be intercepted by a doxxer if they break into the WiFi’s security measures. The doxxer can then access valuable information such as emails, passwords and bank account details.
- Reverse Cellphone Lookup: This allows a doxxer to find a victim’s name, email, age and additional information by using their cellphone number.
- Social Media Stalking: The majority of internet users have social media accounts. Doxxers use these to access information such as names of relatives, birthdays, locations and more.
Real-Life Examples of Doxxing
Unfortunately, doxxing has become increasingly popular, and major incidents have occured due to this toxic hacking technique. Below are a few well-known doxxing incidents:
A man named Michael Brutsch was deemed Violentacrez, the username of a doxxer who posted illegal images of underage girls. He found images of young preteens and teens online and started a subreddit known as “Jailbait” that allowed users to post sexual images of underage girls. One user was fired for allegedly posting covert pictures of his underage students onto an inpatriate section of the subreddit.
Shortly after the Boston Marathon bombing in 2013, the Reddit community wrongly identified a few people as suspects. Even though the intent was to give law enforcement information on who to arrest, it ended up outing people who were not involved in the crime. This lead to harsh consequences for the individuals who were wrongly accused such as harassment on and offline.
Ashley Madison Data Breach
Ashley Madison is a well-known Canadian online dating service that is targeted towards people who are in committed relationships. In 2015, a group known as “The Impact Team” stole Ashley Madison’s user data. They copied personal information about the site’s users and threatened to release the information if the site was not immediately taken down. Because the site was not shut down, the group leaked over 25 gigabytes of company data. This caused public humiliation and shaming, along with a few unconfirmed suicides due to stress and hate crimes.
Anonymous Exposes Thousands
In 2011, detailed information of over 6,000 law enforcement officials was exposed by Anonymous as a response to investigations into hacking activities. This incident brought doxxing into the public eye through media coverage, online message boards and social media platforms. In 2015, Anonymous struck again and released an official list of supposed members and supporters of the Ku Klux Klan.
Another practice that is similar to doxxing is known as swatting. Swatting involves “prank calling” the police or SWAT units to someone’s home. If a person is getting doxxed online, it can lead to swatting. Malicious hackers will find the victim’s address and make false bomb threats or other serious situations that cause the police show up to the unaware victim’s home. Swatting is becoming increasingly common as a form of revenge and can cause serious consequences. In December 2017, swatting took place at the home of Andrew Finch.
Finch had previously been playing Call of Duty online and began fighting with a man named Tyler Barris. Then, another player with the username of “Miruhcle” escalated the issue to another level. Miruhcle gave out Finch’s home address and dared Tyler to do a swatting. Tyler Barris had participated in two swatting incidents before, making calls to the police about false bomb threats. However, in this case the swatting led to serious repercussions. Tyler sent police to Andrew’s house, reporting a murder and a hostage situation. The police then showed up at Andrew Finch’s house and when he opened the door he was shot and died on the spot. Tyler faces 11 years in prison if convicted as charged.
How to Avoid Doxxing
While the threat of doxxing may be daunting, it’s important to understand the actions you can take to prevent doxxing.
Increase Privacy Settings on Social Media
It’s important to keep information to a minimum on social media. Make sure you know each person you are friending on Facebook or letting follow you on Instagram. Only allow friends you know very well, and be wary of adding colleagues from work as competition could turn you into rivals. Set your accounts to private and remove any addresses, places of work and specific locations from your accounts. Choose for only friends to see your future posts and avoid discussing personal information that could be used against you. Never write where your children go to school, and avoid sharing images of your children.
Protect Internet Communications
Hackers can read your internet data even if your content is encrypted. Because every internet connection has an IP address, your location can be traced each time you go online. Installing a VPN eliminates this problem by keeping you anonymous online. Be wary of public WiFi networks as these could be fake hotspots put up by hackers to intercept your internet activity.
Doxware is malware or spyware, which can steal your personal information and passwords for online services. Because doxware is malware, it’s important to keep your computer up-to-date and secure. Install an antivirus and check for updates frequently to keep doxware from intercepting your device.
Doxxers will try to find anything they can to use against you and intercept your accounts. Prevent doxxing by creating strong passwords. They should be at least 14 characters, a variety of letters, numbers and special characters, and have no tie to personal information. This includes using a birthdate or social security numbers. Use a password manager like LastPass or 1Password to create secure, strong passwords for each account.
Protect and Update Your Email
Create a separate, “fun” email for all of those sites that require an email address for registration. This includes any kind of subscription service or email blast that you want to a part of, but don’t in your primary inbox. It’s a good idea to give away this email when you feel the site or service may not be very secure. Some of these websites may be doxxing harvesting sites, and if you use an unimportant email you are able to delete your account and information without a scratch. Be sure to make the email address unrelated to your name or your hobbies.
Create unique usernames for each individual website you hold an account with. If you are signed up for a controversial website or forum, make sure your username is anonymous and cannot be traced back to you. For social media, avoid using your first and last name in your handles.
Remove Your Information From the Internet (Self-Doxxing)
In order to find out if you are susceptible to doxxing, it’s important to know what information about you is online. The process of protecting yourself from information leakage is known as “self-doxxing.” This involves researching information about you that is publicly available on the web. Check out We Leak Info to find out where hackers can find you online. You can also check out the following list of data brokers and ask them to remove your data. Some require payment, some require you to mail in information, but once you have exhausted this list, you can feel more confident that your personal and private information is secure.
Avoid Posting on Controversial Forums
Because we have so much freedom online, it’s crucial that we are thoughtful with everything we share online. While it might seem like a good idea to voice your opinion on a public forum, try to avoid this. Posting controversial views on any internet database can be threatening to you and to your friends and family. If you still intend to share your strong views, be sure to take extra precautions to stay anonymous online. Use pseudonyms when posting comments online and never share your location or full name.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.