What is Doxxing? Everything Yon Need to Know, with Examples

Doxxing refers to the act of publicly revealing private or identifying information about an individual without their consent, often with malicious intent. This can include sharing addresses, phone numbers, email addresses, or other personal details, potentially leading to harassment or other harm.

Unfortunately, today it is challenging to avoid data leaks — even if you carefully hide your data and share it with a particular circle of people. This is because cybercriminals have become very greedy – now publicly available information is not too valuable, so they resort to buying personal data, account passwords, credit cards. In this article, we’ll explain what is doxxing in detail and provide relatable examples.

Conspiracy

May 24, 2024

9 min read

Get the week’s best marketing content

Why is doxxing dangerous?

Even though exposing your personal information doesn’t look dangerous at first glance, it gives doxxers an opportunity to do the following:

Damage your personal or professional reputation
Humiliate and embarrass you
Cause a potentially nightmarish social backlash
Lead to identity theft
Increase the risk of future cyber attacks
Put you at risk of physical harm
Invite ongoing harassment and death threats
Result in prank calls and swatting (false reports of serious incidents at your home address).

Types of doxxing

There are numerous ways how stalkers can use your personal information against you. Let’s review the most common types of doxxing:

Basic personal information exposure: This involves revealing basic details such as full name, home address, phone number, or email address. Often, this information is used to harass or intimidate the individual. During the Gamergate controversy in 2014, game developer Zoe Quinn was doxxed after her ex-boyfriend posted false allegations online. This led to her personal addresses and phone numbers being leaked, resulting in severe harassment and threats
Social media doxxing: Attackers scour social media profiles to gather and expose personal information. This can include photos, status updates, friend lists, and location check-ins, which can be used to track or target the victim. For example, one YouTube user complained about being doxxed by a YouTube creator who constantly threatens to “bury” and “teach her a lesson”.
Public Records doxxing: Using publicly available databases, doxxers can extract information like property records, voter registrations, and court documents. This information can then be posted online to further expose the individual’s private life. The case of Ashley Madison hack is one of the common examples here: fraudsters hacked the dating website and blackmailed its owners to pay ransom, otherwise they would release personal information of the site’s users.
IP/Geolocation doxxing: By uncovering a person’s IP address, doxxers can approximate their physical location. This technique is often used in conjunction with other data to pinpoint and reveal the victim’s whereabouts.
Financial doxxing: This involves exposing sensitive financial information such as bank account details, credit card numbers, or transaction history. Such disclosures can lead to identity theft and financial fraud. In 2014, a famous actor had their financial records, including credit card numbers and bank account details, posted online after a cyberattack on their email account. This led to unauthorized transactions and significant financial loss
Workplace doxxing: Revealing details about a person’s workplace, including job title, employer information, and work contact details. This can lead to harassment at work or jeopardize the individual’s employment status.
Family doxxing: Information about family members, including names, addresses, and other personal details, is exposed. This form of doxxing is particularly malicious as it can place not only the victim but also their loved ones at risk.
Faulty doxxing: It is the incorrect identification and public exposure of personal information, mistakenly associating it with the wrong individual. This occurs when the attacker or doxxer inaccurately collects or interprets data, leading to the targeting of innocent people. Faulty doxxing can result in severe consequences for the wrongly identified individuals, including harassment, threats, and damage to their reputation. During the Boston Marathon bombing investigation in 2013, several innocent people were falsely identified as suspects on social media platforms like Reddit. Their personal information was shared, leading to harassment and distress for the misidentified individuals and their families

How does doxxing work?

Scammers and fraudsters use such common techniques to attack their victims as:

Social engineering. Scammers use deception and manipulation to trick victims into revealing personal details. This can involve phishing emails or calls pretending to be a trusted source (e.g., bank, tech support) and tricking the victim into giving up passwords or other sensitive information.
Social media scraping. Fraudsters use automated tools to scrape vast amounts of data from public social media profiles. This information, like birthdays, locations, or relationship details, can be used to build a detailed picture of the victim and potentially identify other personal information.
Public records mining. Scammers exploit publicly available records, like property listings or voter registrations, to find a person’s home address or phone number. They can then use this information for further scams or to sell it on the dark web.
Malware and spyware. Malicious software installed on a victim’s computer can steal personal information, browsing history, or even login credentials. This information can then be used for doxxing or other fraudulent activities.
Wi-Fi security gap exploiting. Imagine your Wi-Fi network as a highway. When you send data (like emails or credit card details), it travels on this highway. Packet sniffers are like thieves who exploit weak security to eavesdrop on this traffic. They can steal sensitive information like passwords, bank details, or even social security numbers. Learn more about securing your Wi-Fi to keep your data safe! (link to Wi-Fi security guide)
IP logging: Ever clicked on a suspicious link in an email? IP loggers might be lurking there! These are hidden codes that, once activated, can track your IP address, which is like your digital fingerprint. With your IP, someone could potentially locate your general area. Be cautious about opening unknown links to avoid revealing your IP.
Reverse cellphone lookup: Your phone number is a personal identifier, but some services offer a risky flip-side: reverse cellphone lookup. These services claim to find someone’s name, address, or even email just by using their phone number. While their accuracy can be questionable, they raise privacy concerns. Remember, your phone number is personal information, so be mindful of who you share it with.

How to protect yourself from doxxing?

Today there are many tools for finding personal data, and each of you can become a victim of doxxing. For example, if you have a social network account, you published posts on an online forum, signed an online petition — then any hacker can steal your data. To protect your Internet privacy, you can do the following:

Use VPN to encrypt your real IP address

Virtual private network (VPN) services are capable of carefully and reliably hiding your actual IP address. The VPN takes information from the user and transmits it over an encrypted tunnel to its destination. However, we need to warn you against using free VPN apps that actually sell your personal information to third parties.

That is why we suggest you trying VeePN — a premium VPN app that offers the following benefits for your online security:

AES 256-bit encryption. It is the most reliable encryption standard possible today, which means your personal information will be secure even if hackers manage to intercept it. A bunch of random symbols is what they can read.
Kill Switch. In case a VPN connection drops, this feature will automatically block access to your device, so nobody can take this opportunity to steal your private information.
NetGuard. This feature blocks all malware and malicious pop-up ads in your browser, which makes your web surfing not only safe but also convenient.
Double VPN. If you need an extra layer of security, you can enable this feature to encrypt your traffic twice as it goes through two remote servers.

Use virus detection programs

You will be able to prevent identity theft in advance if you use special programs to scan for viruses or malware. By regularly updating such programs, you can close all the holes where a hacker could get in and protect yourself from hacking. VeePN offers an antivirus software for Windows and Android as a part of its security bundle to protect your device from viruses and malware.

Use strong passwords

A strong password must include numbers, upper and lower case letters, symbols. Never use the same password for several accounts – if a hacker finds at least one password, he will try to apply it to other systems. If you don’t remember passwords well, get a special notebook and save them there. Do not use programs to write passwords, as a hacker will quickly gain access to credit cards, personal and work data.

Create emails for different purposes

Our life is divided into three parts – personal, professional, and public. First, create a confidential email and share it only with family or friends. Next, create an email for spam – this includes sending out public news, online stores, online services, promotions. Finally, make a professional email – you can share it with colleagues, managers, or business partners. When creating an email, never write your date of birth or other personal information.

Use multi-factor authentication

Multi-factor authentication implies the presence of two identification documents to log into your account. It is often a password and an SMS with a code sent to your phone number. If a hacker tries to break your page, the social network will notify you of this, and this will be a sign that you need to change your password.

What to do if you’ve become a victim of doxxing?

Once you are trapped in doxxing, don’t panic – fear is your enemy in this situation. Instead, follow the steps below:

Report it to the platform where you posted your personal information. Then, contact the platform management and describe the situation – how it happened, where you saw it, and when it happened.
Contact law enforcement agencies. If a cyber attacker personally threatens you, involve the police – save all threatening messages and provide them as evidence.
Take screenshots of the website that published your data. Take a picture of the page so you can see the exact URL and date. If the website refutes everything, you will have real facts of their guilt.
Block financial accounts. If you find out that a hacker has published your credit card numbers on the network, report this to the financial installer. A bank employee must block all accounts and open new ones.
Block your accounts. If the information leaked due to the loss of access to the account, quickly block all the others, as the hacker will try to get access to all social networks.

Stay secure online with VeePN

Doxxing is definitely an extremely dangerous phenomenon and cyber crime. We hope that the tips we’ve mentioned help you avoid falling victim to doxxing, but to be 100% on the safe side, you can always rely on VeePN. In addition to features that provide an impeccable security of your personal information, VeePN also includes a Breach Alerts app that will notify you whether your email credentials or other personal information have been leaked.

Don’t hesitate to try VeePN right now and have 30-day money-back guarantee.

What is doxxing?

Doxxing is the act of publicly revealing private or personal information about an individual without their consent, often with malicious intent. This information can include addresses, phone numbers, email addresses, or other sensitive data, and is typically shared online to harass, intimidate, or harm the targeted person.

Doxxing can be illegal, especially when it involves the release of personal information with the intent to harass, threaten, or cause harm. The legality varies by jurisdiction, and in many places, laws against harassment, stalking, and invasion of privacy can be applied to doxxing cases. Even if not explicitly illegal, doxxing often violates the terms of service of most online platforms, leading to account suspensions or bans.

To avoid doxxing, follow these steps:

1. Protect personal information. Keep your personal details like your address, phone number, and email private. Avoid sharing this information on social media or public forums.

2. Use strong privacy settings. Adjust the privacy settings on your social media accounts to limit who can see your information. Only accept friend or follower requests from people you know and trust.

3. Be cautious online. Be mindful of the information you share online. Use pseudonyms or screen names instead of your real name when possible, and avoid posting identifiable photos or details that can be traced back to you.

4. Secure your accounts. Use strong, unique passwords for your online accounts and enable two-factor authentication where available. Regularly monitor your accounts for any unusual activity.

5. Avoid data leaks. Be aware of phishing scams and other tactics that hackers use to steal personal information. Don’t click on suspicious links or download attachments from unknown sources.

Written by Conspiracy