Doxing comes from the word documents. It is the combination of the English abbreviation for documents ‘docs’ (dox) and the suffix ‘ing’.
Who doesn’t have a Facebook account, a webshop, or who doesn’t regularly shop online? Information technology has made life a lot easier. But with new conveniences come new problems, dangers or threats.
Unfortunately, there is always another side to every coin, no matter how well we manage our accounts. In this case, it is quite a dark side that allows people to take advantage of certain situations or information.
What is doxing?
Doxing mainly consists of creating a complete profile for a specific person or company by collecting personal information. This information may already be available on our online social media profiles, so what’s the problem?
In fact, that information is freely available. However, a profile created with doxing contains much more personal information that is not publicly available. This information is obtained by linking various data that, although freely available online, was difficult to obtain or considered confidential.
The truth is that there is all sorts of information about us online that we think is confidential, but which is actually easily accessible.
Why is it dangerous?
Doxing is simply collecting the data of a specific person via the internet. This often requires little more than a name, username, age, phone number, email and photos, making the technique quite dangerous. Essential personal information is the starting point of doxing.
In other words, doxing is not based solely on collecting information that is already publicly available. The goal is to obtain more personal information that is not publicly available.
This practice is not illegal. After all, collecting information is not illegal. What makes it criminal is how this information is used or how people obtain it.
- In the first case, when the crime is the use of the information, the defining characteristic is the intention to hurt the victim. For example, using such information to scam the victim, steal his identity, or harass or threaten him.
- In the second case, we can refer to the many tricks that exist in the online world to collect information. For example, using downloadable documents containing malware (a malicious file) to obtain account numbers, medical information, etc.
Some doxing tools
- Google and other search engines such as Yahoo and Bing. These are tools that everyone has at hand to obtain information quickly and easily. This is information such as images, places the person visits, phone numbers, email addresses, and more.
- Social networks. Facebook and LinkedIn are the most widely used social networks for doxing because they are the networks that store the most personal data. Using it for work purposes can leave us vulnerable to these types of online attacks.
- Whois. This search returns information about the owner of a web domain or an IP address.
What consequences can it have?
The damage that a person can incur as a result of doxing can be both material and personal. This damage can vary depending on many factors, but most importantly the target of the attack.
When it comes to personal issues, damage to the sense of security is the main consequence. The attacker can obtain a home address, which shows that the attacked person’s home is not safe.
This in turn can lead to fear and anxiety. It can also lead to social problems as the information can be used to humiliate, defame and stalk the victim.
When it comes to material things, we should think of the loss of bank passwords that the attacker uses to collect sensitive information. All of this could potentially lead to the loss of money, having to start over with your life, etc.
Also, the consequences of doxing can affect more people than just the direct victim. Relatives and close friends are at risk. After all, publishing someone’s personal information also affects the victims’ next of kin. This creates a kind of snowball effect that is increasingly difficult to stop.
How do you prevent it?
Once we’re on the internet, it’s practically impossible to become ‘anonymous’ again. All we can do is follow a set of guidelines that make getting our information more annoying.
The most important thing we need to do is minimize the amount of information we post on our social networks. Sometimes this is unavoidable. That is why we must strengthen our security.
- Make certain information private. For example, photos, emails and phone numbers on social media. Don’t allow anyone to see this information and if you can, don’t share it at all.
- Use strong passwords. Combining numbers and upper and lower case letters may not make your password watertight to hackers. Nowadays there are programs that also break through this. However, stronger passwords can make it more difficult. It’s also a good idea not to use the same password for different domains and pages.
- Avoid sharing your location live.
- Use different email addresses for each specific use : work, social networks, personal email, bank accounts, etc.
Once you’re on the internet, you’re a potential target. Even if you are not on social media. Other services you use may also store your data online (medical history, transactions, addresses, online shopping, etc.).
It is inevitable! However, if we are careful about the things we post online, we can reduce our risk of falling victim to these malicious practices.