Doxing - What It Is and How You Can Protect Yourself

Janis von Bleichert

"Doxing", also known as "Doxxing", refers to the systematic search and illegal public disclosure of private data such as names, addresses, or personal phone numbers acquired through publicly accessible online databases, websites, or social media. The process becomes illegal when such information is disclosed online without the victim's consent. As doxing violates the individual rights of those affected by it, the process is frequently spoken about in conjunction with cyber-bullying. The term itself is a portmanteau of docs and tracing.

A Brief History of Doxing

The first forms of doxing can be traced back to the 'cracker' scene of the 1980s. Any information acquired was used mostly to prank others online. However, since then, doxing has become far more malicious with serious consequences. The self-stated purpose of modern doxing is to threaten those whose beliefs are at odds with the doxer. Through this tactic, prominent individuals, such as celebrities who are capable of reaching a wide audience, can be digitally muzzled and intimidated into silence. Through the targeted publication of personal information, doxers signal to the world that their victims are helpless and completely at their mercy.

Very often, the victims of doxing only become aware that such data was publicly accessible after their private information has been released. In January 2019, it was discovered that 1,000 leading German politicians, celebrities, and journalists had been spied on as part of a large-scale doxing campaign. However, the phenomenon isn't new: A number of well-known YouTubers and bloggers have been fighting doxers for years now.

The Different Dimensions of Doxing

Doxing is considered a technically simple form of hacking among experts, as no programming skills are required. The work of a doxer is more like that of a detective who scours the Internet for relevant personal data about the target person and notates it, necessitating a great deal of time and patience. Social media and the popularity of Internet fora provide doxers with a bountiful assortment of sources that they can use to collect information about their target(s).

Should a doxer have the requisite technical skills, it becomes possible for them to launch a hacking attack against their target, going beyond simply gathering an assortment of personal data on them. This is much more serious, as it not only impacts the personal data of the individuals targeted but also, the exploitation of security gaps for criminal purposes.

What Kind of People Engage In Doxing?

Without generalizing, doxers do exhibit a number of personality traits that motivate them to collect and publicize personal data. Typically, they are angry or dissatisfied about a particular situation and reacting to the perceived sleight by attacking their target.

Studies have shown that the majority of doxers are white males, the median age of which is constantly decreasing. Most tend more towards reactionary political views, often suffer from low self-esteem, and crave attention. They hope to gain the attention they seek by publishing the stolen data and gaining their "15 minutes of fame".

6 Tips for Protecting Yourself Against Doxing

Doxing is made possible in large part by the significant amount of information available to the public via the Internet or apps. The Internet is an integral part of our lives, however, the thoughts and opinions we regularly publish on social media, blogs, or YouTube provide doxers with digital threads that can be pulled on, yielding even more personal data. Unfortunately, most Internet users tend to neglect the safety of their data online, making it even easier for doxers to achieve their goals.

The following six measures will help you to fortify your computer against doxing and malware, thus contributing to the security of your data. We recommend taking them to heart:

Use reliable antivirus software and keep it up-to-date: Software is constantly undergoing change to keep it abreast of technological developments. Antivirus software relies on daily (or even hourly) definition updates to remain effective. Although less frequent, software updates close gaps and exploits. Antivirus software is crucial for protecting the files stored on your computer from virus or malware infection.

Carefully read your emails: Should your receive an email with an attachment from an unknown sender, don't open the attachment. It likely contains malware that can spread as a virus and infect your computer.

Use complex passwords: The most important security measure you can take is to create strong, unique passwords which you update regularly. A good password should have a minimum of 8 characters, consist of upper- and lower-case letters, special characters, and numbers. To ensure maximum security, use a password manager to generate and digitally protect your passwords.

Encrypt your hard drive: Your computer's hard drive stores the most important data. To protect this from unauthorized access, it's possible to encrypt your hard drive in Windows by creating container files. Access to such data is only granted after entering a self-chosen password.

Don't use social logins on social media: Facebook offers its user the ability to log in to another service using their Facebook accounts. Doing this exposes the users' Facebook data, granting doxers access to a sizable amount of information. Logging into each account separately is far more secure.

Publish as little information about yourself online as possible: Information that has been published online or on social media is difficult to permanently delete. By making as little information about yourself available on the Internet as possible, you'll complicate a doxer's efforts considerably. When no information about someone exists online, nothing can be collected or misused.

Putting these security measures into place kills two birds with one stone. Not only will your personal data be better protected, but your enhanced security will also increase your confidence when using the Internet.

Doxing Defense in Your Professional Life

Doxing is always an indication that an acute data security problem exists. For companies, this means that their data protection measures are being challenged or probed. While alarming, doxing incidents should be seen as an opportunity to review one's own data security measures and to reconsider or supplement them if necessary.

Employees are obliged to responsibly handle the data of their colleagues and employer. This extends beyond simply complying with the company's security measures, but also including exercising individual vigilance and caution. In order to prevent damage, all employees should consistently adhere to their company's data security guidelines.

Conclusion: More Security, Better Protection

Should you be a doxing victim and have withdrawn completely or partially from the Internet and social media, the doxers have achieved their goals. However, you shouldn't take this lying down. Before you leave it up to doxers to restrict your enjoyment of the Internet, develop a strategy that will help you better protect your data and devices, preventing you from falling victim anew.

In order to accomplish this, you should prioritize your online security by taking the above-mentioned security measures seriously and implementing them fully. Only in this way can you fully harness the power of the Internet without worrying too much about the dangers associated with it.

Author: Janis von Bleichert
Janis von Bleichert studied business informatics at the TU Munich and computer science at the TU Berlin, Germany. He has been self-employed since 2006 and is the founder of EXPERTE.com. He writes about hosting, software and IT security.
Other languages:
Deutsch Italiano 
More about IT-Security
Cyber Attacks - 3 Current Threats and Countermeasures
HDD and SSD - How to Safely Wipe Your Hard Drive
Phishing: Recognizing the Threat
Data Theft: What Is It? How Can I Protect Myself?
Best Password Manager - 12 Tools Reviewed
How To Remove Junk Files From Your Windows PC
VPN Leak Test - Is Your Private IP Public?
Browser Fingerprinting - What Is It and How Can I Protect Myself?
Best VPN - Review of 22 VPN Providers
Internet Censorship - Site Blocked in China, Russia or Turkey?
Password Generator - Generate a Secure Password
Browser Privacy Check - Which Traces Do I Leave on the Web?
Password Checker - How Secure Is My Password?
Darknet - What Is It and How Can I Access It?
Data Breaches - What Is a Data Leak? Have You Been Affected?
Internet Pitfalls - The 7 Biggest Dangers Online
Data Recovery - Restoring Deleted Files
Secure Messengers - The 5 Best Alternatives to WhatsApp
Anonymous Search Engines - 3 Alternatives to Google
Privacy Browsers: The Best Browsers for Maximum Security
Two-Factor Authentication - This is how you secure your accounts
Ad Blocker - How to Protect Yourself From Annoying Ads
Secure Password - What Makes a Strong Password?
Do Not Track - What It Is and How It Can Protect You
Manage Passwords - Best Way to Store Passwords
Anonymity Online: Tor and the Tor Browser
Identity Theft on The Web – How To Protect Yourself
Best Cloud Backup - 7 Online Backup Providers Reviewed
Best Antivirus Software - 11 Programs Reviewed
How To Change Your IP Address - 3 Simple Ways
Email hacked? How To Find Out if Your Email Has Been Hacked
Anonymous Browsing - How to Surf Anonymously Online
Hide IP - How to Hide My IP Address