Doxing - What It Is and How You Can Protect Yourself

Janis von Bleichert

"Doxing", also known as "Doxxing", is a term used in the data security industry. The term comes from the words docs and tracing and is used to describe the meticulous and systematic but illegal search for personal data such as names, addresses, private phone numbers on publicly accessible online databases, websites or social media. That information is then – without the victim knowing about it and consenting to it – disclosed on the internet. Since doxing violates the personal rights of those affected, it is often talked about in connection with cyber-bullying.

A Brief History of Doxing on the Internet

The first forms of doxing can be traced back to the Cracker scene of the 1980s. At that time, it was primarily used to prank someone online. Today, the implications of doxing reach much further than that. The goal of modern doxing is to scare people with beliefs the doxer doesn't agree with. Internet celebrities who are capable of reaching many people are meant to be muzzled and scared into staying silent. Through targeted publication of personal information, perpetrators give the impression that their victims are helpless and at the mercy of these attacks and that they feel like "glass people" as a result of those attacks.

Doxing victims only learn after the publication of their sometimes very private information after it's become publicly accessible to everybody. In January 2019, 1,000 German top politicians, celebrities and journalists have been spied on as part of a large-scale doxing campaign. However, the phenomenon isn't new: Some well-known YouTubers and bloggers have been fighting doxers for years now.

The Various Dimensions of Doxing

Doxing is considered a technically simple form of hacking among experts, as no programming skills are required. The work of a doxer is more like that of a detective who searches the internet for relevant personal data about the target person and steals it – an activity that requires a lot of time and patience. Social media and the increasing use of internet forums gives doxers more and more source from which they can access information about their target person(s).

It becomes dangerous when it goes further than simply creating a collection of personal data of the target person and when the doxer has sufficient technical skills to carry out a hacking attack. This could make the theft of that data much more serious, since it wouldn't only be about making the personal data of the persons involved public – it's also about using exploited security gaps for criminal purposes.

What Kind of People Tend to dox?

Without wanting to generalize, doxers show certain personality traits that motivate them to collect data from certain people and make it available to the public. It all starts with anger and dissatisfaction with a certain situation that doxers react to with this kind of online attack.

Studies have shown that the majority of doxers are white men of all ages, with the median age of perpetrators constantly decreasing. Most of them have a more right-leaning political orientation, often suffer from low self-esteem and crave attention. They hope to gain the attention they want by publishing of the stolen data and being in the medial limelight.

6 Tips to Protect Yourself From Doxing

Doxing has become possible because so much personal information is made available to the public today via the Internet or apps. But the Internet is an integral part of our lives today, and regularly publishing on social media, blogs or YouTube spread information about ourselves even further and offer new sources of our personal data. However, most Internet users tend to neglect to protect their online data, making it even easier for doxers to achieve their goal.

The following six measures will help you to protect your computer against doxing and malware, thus contributing to the security of your data. You should definitely take them to heart if you want to improve the protection of your own data:

Use good anti-virus software and keep it updated: Software products are continuously developed further and adapted in order to stay up-to-date with the newest technology. Updating the software will combat errors and security gaps. Anti-virus software is necessary to protect the files stored on your computer from being infected with viruses and malware.

Read your emails carefully: If you get an email from an unknown sender and it has an attachment, don't open that attachment. There's a chance the attachment contains malware that can spread as a virus and "contaminate" your computer.

Use complex passwords: The most important measure you can take is creating secure passwords and updating them regularly. This means that they should be long enough and consist of a combination of special characters and upper- and lower-case letters. If you want to absolutely safe, use a password manager that manages your passwords for you.

Encrypt your hard drive: The hard drive of your computer stores the most important data. To protect your sensitive data from unauthorized access, encryption techniques can be used on Windows, which are then stored in container files. Accessing the data is then only possible after entering a self-chosen password.

Don't use Social Logins on social media: Facebook offers its user the option to log in to another service with their Facebook accounts. Doing this exposes the users' Facebook data, allowing doxers to access a larger amount of data. It is safer to access both accounts separately.

Keep the information you publish about yourself to a minimum: Information that's been published on the internet or on social media is hard to delete. If you put as little information about yourself on the internet as possible, you make a doxer's work a lot more difficult. If there's no information about a person available on the Web, there's no information that can be collected and then misused.

Put these security precautions in place and your data will be twice as safe. Your personal data on the Internet will be better protected, and at the same time the improved security increases your confidence in the use of the Internet.

Fending Off Doxing in Your Everyday Working Life

Doxing is always an indication that there is an acute data security problem. For companies, this means in concrete terms that the data protection measures they have taken are being challenged. Doxing incidents can be used as an opportunity to review one's own data security measures and to reconsider or supplement them if necessary.

As an employee of a company you are obliged to handle the data of your colleagues and the company responsibly. In addition to complying with all security measures prescribed by the company, this also includes taking own responsibility seriously. In order to prevent damage, all employees should consistently adhere to the data security guidelines specified by the company.

Conclusion: More security, Better protection

If you're a doxing victim and you withdraw completely from the Internet and social media, the doxers have achieved their goals. But you should not have to put up with that. So before you leave it up to doxers, develop a strategy for yourself that will help you better protect your data and devices and thus prevent you from becoming a doxing victim a second time.

You must give greater priority to your online security by taking the above-mentioned security criteria seriously and implementing them consistently. This way you can use the possibilities of the Internet for yourself without having to worry about becoming a doxing victim.

Author Janis von Bleichert
Janis von Bleichert studied business informatics at the TU Munich and computer science at the TU Berlin, Germany. He has been self-employed since 2006 and is the founder of He writes about hosting, software and IT security.
Other languages:
Deutsch Italiano