What is Doxing?
Doxing is a method by which someone harvests personal information about an individual by searching the Internet, social media, cellphone number, etc. Most of the highly personal information that is harvested by doxxers is information which is easily accessed because of the individuals own self-disclosures.
Social media platforms like Facebook, Twitter, LinkedIn, Instagram etc. provide a wealth of information that can be scraped by a doxxer. Things such as sharing photos, sharing vacation information, employment information. phone numbers, email addresses, names of restaurants frequented, cellphone numbers, and other information posted by individuals on social media platforms can be a deep and ready resource for doxxers.
Here’s a good definition and explanation of doxing from Wikipedia:
Anyone can harvest information from the internet about individuals. There is no particular structure in place for doxing, meaning someone may seek out any kind of information related to the target.
A basic Web search can yield results. Social media platforms like Facebook, Twitter, MySpace, and Linkedin offer a wealth of private information, because many users have high levels of self-disclosure (i.e. sharing their photos, place of employment, phone number, email address), but low levels of security. It is also possible to derive a person’s name and home address from a cell-phone number, through such services as reverse phone lookup. Social engineering has been used to extract information from government sources or phone companies.
In addition to these, a doxxer may use other methods to harvest information. These include information search by domain name and location searching based on an individual’s IP address.
Once people have been exposed through doxing, they may be targeted for harassment through methods such as harassment in person, fake signups for mail and pizza deliveries, or through swatting (dispatching armed police to their house through spoofed tips).
It is important to note that a hacker may obtain an individual’s dox without making the information public. A hacker may look for this information in order to extort or coerce a known or unknown target. Also, a hacker may harvest a victim’s information in order to break into their internet accounts, or to take over their social media accounts.
The victim may also be shown their details as proof that they have been doxed in order to intimidate. The perpetrator may use this fear and intimidation to gain power over the victim in order to extort or coerce. Doxing is therefore a standard tactic of online harassment and has been used by people associated with 4chan, the Gamergate controversy and anti-vaccine activists.
The ethics of doxing by journalists, on matters that they assert are issues of public interest, is an area of much controversy. Many authors have argued that doxing in journalism blurs the line between revealing information in the interest of the public and releasing information about an individual’s private life against their wishes.
You can make it a lot harder for someone to dox you by limiting the amount of information you post online – especially on social media. Some things you should give careful thought to before you post them on social media are:
- Your Home Address & Phone Numbers
This should be number one on your list. Your home address and your phone numbers should never be posted on your social media account or anywhere. You should share your phone numbers and your home address offline and only with those you trust.
Don’t send open invitations such as “Join us for picnic at Blaine Park in Columbus Ohio on Tuesday April 10, 2018.” Not only does this tell everyone where you’ll be an when, most likely if you share something like this on social media, a lot of your “friends” live hundreds of miles away and are not going care about your picnic.
- Financial Information
Do you have a platinum American Express card? A Visa card with a $100,000 limit? Did you buy a new car that cost $85,000 or a new boast that you paid $250,000 for? That’s great, but that’s not something you should share on social media… for a lot of reasons. No one is interested in financial bragging except someone who is out to get your money.
- What you had for lunch and where you ate
Not only does no one care where you had lunch or what you ate. Taking pictures of yourself at your favorite restaurants just opens you up to all kinds of things.
- Your Precise Location
Making it easy for stalkers or scammers or thieves to follow you doesn’t make a whole lot of sense, does it?
You may not be able to prevent all forms of doxing, but you sure can make it much more difficult by using common sense and controlling the amount or personal information you share online.
And even if your social media profile is “private”, don’t assume that only your friends can see what you’ve posted. Always assume that someone who shouldn’t be seeing what you post is seeing what you post.
Social media sites can be a great way to connect with people. And the one person who can control how much information is shared online about you is… YOU!