What Is Doxxing And How Can You Protect Yourself From It?
In a digital age marked by globalization, we live a significant part of our lives online and reveal information about ourselves at a scale never seen before. Your favorite websites and social media networks are all filled with personal information, photos, and geotags telling the world who and where you are. Your footprints are all over the internet. If someone doesn’t like you and is eager to collect the breadcrumbs, you may become a victim of doxxing.
Doxxing: What is it?
Searching for, collecting, and publicly sharing any personally identifiable information against a person’s consent is termed as doxxing. Its commonly done to intimidate someone or for harassment purposes. Doxxing is most commonly used by cyberbullies and online gamers.
Nowadays, doxxing is mostly employed by cyberbullies and online gamers. Someone might dox you because they didn’t like the content you posted on social media or forums, or maybe they disliked you because you beat them at an online game. You don’t need to be a public figure – anyone can become a victim if information about them is available.
To what extent can doxxing be dangerous?
Doxxing might not seem harmful. What could someone do with your data if it already exists somewhere on the internet? Your personal details, like your home address, phone numbers, email addresses, and social security numbers, could be scattered across many platforms. But what if someone adds network data, financial documents, embarrassing photos, signed petitions, and publicly shared opinions to the mix? Small, cherry-picked pieces of information can form a negative portrait of anyone.
Doxxing is more than just a violation of your privacy. It can also:
- Negatively impact your personal or professional reputation;
- Result in identity theft;
- Pave the way for harassment and death threats;
- Lead to prank calls and swatting (fraudulent reporting of incidents such as hostage situations at your residence).
How is doxxing done?
The most common doxxing techniques include the following:
1. Wi-Fi (packet) sniffing
Public Wi-Fi networks can be easily hacked and doxxers can intercept your internet connection without much effort and view your real-time data, for instance the sites you visit. It means that all of your sensitive data including login details and passwords could be at a significant risk of being stolen.
2. Analyzing file metadata
By simply looking at your file metadata, an attacker can learn a great deal about you. For example, if you go to the ‘Details’ section of a Word file, you will see who created, who edited it, when and possibly even from what company.
Similarly, photos have EXIF data. This shows the model of the smartphone or camera used to take the photo, its resolution, and the time when the photo was taken. Moreover, it can also reveal your location if GPS was enabled when the photo was taken.
3. IP logging
Hackers can also slip an IP logger – an invisible piece of code – into your device through an email or a message so they can sniff out your IP address.
Is Doxxing Illegal?
Doxxing legality (or illegality) depends on your region. However, if you reside in the US, there are federal and state laws that consider doxxing illegal, especially when it intentionally damages someone’s reputation or threatens their safety. Many EU countries also consider doxxing illegal, especially if the information was private or difficult to obtain and it was a violation of someone’s privacy and infringed on that person’s rights.
Can you dox yourself?
Doxxing yourself is a sure-fire way of discovering exactly how much of your personal information exists out there. It enables you to remove or have removed any piece of information you don’t want available publicly.
- You can start by Googling your name. Your social media accounts will probably pop up first. While there’s not much you can do about most of them (apart from changing your name to a nickname), some will allow you to hide your profile from search engines. For example, you can do so on Facebook by unchecking the box which says “Do you want search engines outside of Facebook to link to your profile?”.
- Additionally, you can perform a targeted search. Google your name together with other keywords, such as “phone number” or “address.”
- Check the image results as well. If you don’t have a lot of photos online, you can do a reverse image search to see if it was posted where it shouldn’t have been.
What should you do with the information you find about yourself online?
If you live in the European Union, you can demand that your personal data be erased from the website, by taking advantage of the GDPR rules.
Unfortunately, it’s not as straightforward elsewhere in the world. You can still ask the website to delete information about you, and many will likely agree to do so. As for everything else, you will at least know what information about you is available online. And from this point onwards, you can exercise better caution. Ensure that your new email, phone number, or home address do not end up on an online website, thanks to reckless communication with a shady website. Control what you and others post about you on social media, and be more careful with your data in general.
How To Avoid Doxxing
There are many steps you can take to avoid doxxing or at least minimize the risks.
1- Limit information you share online
Have you ever tried entering your name into a search engine? Give it a try because it’s the first place cyberbullies will go to collect information about you. Try using a privacy-oriented search engine. Why? Because Google provides search results based on your ‘user profile’ and your preferences, meaning you may not see the same information a hacker would.
Once you know what info about you exists out there, try eliminating as much of that content as possible. Doing so can be challenging! A good chunk of that information will most likely reside on Google’s platforms along with your social media profiles. You can use these guides to make your social media more private and get off the Google grid.
2- Think before you comment
Forums or news websites that allow you to post anonymous or pseudo-anonymous comments still collect data about you like your IP address, which can reveal your location and your identity. If you feel the need to leave comments on websites, never enter your personal details that could reveal your identity, don’t log in with your social media accounts, and use a VPN to change your IP address.
3- Install a Virtual Private Network (VPN)
When you connect to a VPN service, your online data is encrypted and the real IP address is replaced by one belonging to another region of the world. It ensures that any malicious elements are not accessing your intercepting your connection and infringing on your privacy, while also providing enhanced security on public Wi-Fis.
When choosing a VPN service, pick the one that follows a strict no-logs policy, like Ivacy VPN.
Try Ivacy VPN now with a 30-day money-back guarantee!