The term “doxxing” has increasingly become a popular buzzword in the online sphere. But, most people are unaware of the true meaning of the word doxxing.
So, what does doxxing mean in the first place?
If you are looking for the answer, then you are in the perfect spot. Here, all the things you need to know about doxxing will be tackled. Plus, you will get yourself acquainted with excellent countermeasures to avoid being doxxed.To start off, let’s have a look at the definition of doxxing.
Doxxing (also spelled doxing) is short for “dropping dox”. It is a type of online hacking attack wherein hackers collect personal and sensitive information and documents (collectively referred to as dox) about a person whom they dislike and expose it to the public.
The hackers’ goal is to take advantage of their unsuspecting victims’ personal information to post derogatory, degrading, and downright scandalous remarks about them. With their so-called “weapons” ranging from emails, residential addresses to phone numbers, private images, and any other confidential information, these hackers can cause their victims to lose their job, be publicly shamed , or even get physically attacked by angry local residences, along with other life-changing consequences.
Generally, doxxing can make one’s life a living hell.
The internet is a vast space of data. Different channels and platforms consistently emerge online. As such, the volume of information becomes difficult to scale and monitor by users. On the flip side, this is where doxxers thrive. With the right amount of time and motivation, these hackers can easily pull off their malicious intent toward a particular person.
Doxxing can be done in many ways. One strategy is different from the others, and so getting yourself familiarized with the ways doxxers do their hostile practices is a must. In this light, here are some typical methods used for doxxing.
Admit it, in order to reduce confusion and forgetting information, sometimes you use the same username (and password) across your accounts— be it on social media, emails, and even your bank and government accounts. Little do you know that you are paving a way for potential doxxers to track your behavioral patterns when using the internet.
If your username appears on different online platforms, it becomes easier for doxxers to track you online through your posts on online communities, forums, and social media pages. Say, you posted an embarrassing Facebook post, or a friend of yours tagged you on a post depicting explicit content. Doxxers will take advantage of these and make sure that everything backfires on you.
If you have your own internet domain, doxxers can use WHOIS domain lookup to collect every single piece of information about you, including your name and contact numbers.
Your IP address is directly linked to your physical location. Meaning, they can use more sophisticated social engineering tactics such as IP logging. IP loggers attach a code that you can’t see in an email. Once opened, the code tracks your IP address and shuttles back the information to the IP logger. Once processed, the doxxer effortlessly digs deeper into your confidential information.
An old but not obsolete form of doxxing: phishing.
So, how does phishing work?
It is a type of social engineering attack that involves stealing your personal data such as login credentials. Masquerading as a brand you’re familiar with, a Phisher sends an email or a text message with a link attached to it. The email will then prompt you to click the link. After clicking the link, you will be redirected to a website identical to the original one. A pop-up message will then ask for your personal information.
Once you enter your information, you give the phishers unlimited access to your personal accounts. It potentially results in a cascade of internal problems on your end. Not only that, they can drain your accounts by using them to buy expensive items online or go as far as expose other confidential information about you to the public.
Judging by the name of this method, you can say that doxxers are creeps.
Having your social media accounts set in public gives doxxers the opportunity to stalk you easily. It makes things easier for them to collect information about you such as your birthdate, contact numbers, physical location, friends, your interests, and even your workplace.
They can see your recent posts. If some of your posts are deemed embarrassing, they can use this to blackmail or defame you publicly. Moreover, these individuals will invade your privacy and also help them crack some security questions to easily breach your other accounts.
Usually, the answer is within a gray area.
Doxxing can be legal if and only if the information exposed to the public lies within ethical standards and is gained using methods under legal frameworks. Also, its legality depends on which type of information was revealed. Say, exposing someone else’s true name to the public is not that serious. However, disclosing someone else’s phone number and home address is a different story.
On the other hand, since doxxing includes malicious behaviors that aim to blackmail, harass, scam, humiliate, and other related practices that can compromise a particular person’s image,
doxxing becomes illegal—regardless of legal constraints as it tends to defy the security guidelines and terms of service of most digital platforms. Failure to abide by policies involving confidentiality or user privacy may result in a long-term ban on the website. In some cases they can be reported to legal authorities.
A person charged with doxxing faces serious legal sanctions such as imprisonment. They can be sentenced to jail for up to twelve months, pay a fine that ranges from $500 to $5000, and have a permanent criminal record for doxxing. Since doxxing is rather new to the majority, doxxing laws and policies are not that precise when it comes to pointing out who's accountable for the doxxing scheme, even the platform where the said activity took place is not immediately made culpable for any legal sanctions.
Doxxers are gradually becoming more and more sophisticated in their quest to unmask their victim’s identity to the public. It is important to know the effective measures to protect against doxxing. Take a look at the following preventive measures to ensure that you are protected against doxxing schemes.
Setting up a virtual private network or VPN is an impeccable first line of defense against doxxers. A trusty VPN encrypts your internet traffic and reroutes it to a different service’s servers before sending it out to the public interwebs. As a result, you get to stay anonymous while browsing the internet. Moreover, a VPN protects your IP address when using public Wi-Fi, rendering your conversation invisible to other users and potential doxxers, and ensures that you are not prone to several other online crime schemes.
A doxxer can easily breach your security if your antimalware and antivirus software programs are not in their latest kernel patches. A faulty antivirus/malware program can leave you vulnerable to hacking and doxxing.
The best course of action is to always keep your antivirus and malware software programs updated. This proves useful in stopping doxxers from infiltrating your personal accounts.
If you are fond of using forums like Reddit, IGN, Gaia Online, Youtube, and 4chan, you must see to it that you are using different usernames and passwords for each platform. Doing so makes it harder for doxxers to track your internet activities and reveal your identity online.
Conversely, if you use the same username and password for all your online accounts, it becomes easier for doxxers to search for you through your comments and posts. Consequently, they can easily collect information about you to expose your real identity and start taking advantage of you.
Be constantly on the lookout for sketchy emails. Phishing emails mimic the physical features of brands, banks, and credit card companies that you’re familiar with. If the said emails are asking you to disclose confidential information such as credit card numbers, usernames, and passwords, there’s a high possibility that it is a phishing email. Remember, financial institutions will never ask for your personal information via email.
When still in doubt, you can call your bank or credit card company to see whether the email is legit or not. For security purposes, never click the link! If you see an unfamiliar link attached to the email, close the email and bin it.
If you have multiple social media and online forum accounts, it is best to deactivate or delete them if you’re not using them anymore. Doxxers can still access your old account, so deleting it is the best course of action to reduce the risks of getting doxxed.
A strong password means heightened account protection. Setting up a strong password makes it even difficult for doxxers to breach your account. Never use personal information such as your birthday, mobile phone number, name, and other easy-to-guess details when creating your passwords.
See to it that you use different combinations of numbers, letters, and special characters to make your password complex. But, make sure that you can memorize your password. Make it complex but easy to remember. When in doubt, you can always write it down but make sure you keep it in a secure place. Also, you should change your password regularly. Doing so adds another layer of security which makes it a bigger challenge for doxxers to penetrate your security.
Doxxing has cost many people’s lives. That is why as a platform owner, it is just practical to protect your users against these notorious doxxers. There are several reasons why preventing doxxing matters. Let’s break it down here.
Remember that doxxing takes place on various online platforms and yours is not an exemption. Failure to get rid of these pesky doxxers will change how your users perceive your brand. They will think that joining your platform will put them at risk. The more users associate your brand with sketchy and unsafe practices, the more you will bury your brand deeper into the ground.
Your number one priority should be your members’ safety. Preventing doxxers from infiltrating your platform is key to gaining heightened user protection.
By eliminating the doxxing threats within your platform, you are guaranteeing that you maintain a peaceful and threat-free online community. You should be at the frontlines of maintaining the confidentiality of your users’ identity.
In a space of vast information, a single post can be turned into a weapon to wreak havoc on your identity. Doxxing is indeed a new word, but the masterminds behind it are individuals who are no strangers to breaching a person’s privacy. Knowing what doxxing really is should be your top priority. After that, get yourself acquainted with the various ways these doxxers execute their crimes. By the time you’re well-versed in their practices, you gain the knowledge on how to properly recalculate your approach and come up with effective countermeasures to diminish the risks of you and your users getting doxxed.
Doxxing can be very dangerous if you don’t have the capacity to provide maximum user protection. As a platform owner, it is a must to devise smarter ways to outwit these emerging cybercriminals.
Employing a trusty moderation system is a great place to start.
If you don’t know where to begin, Chekkee might come in handy!
We offer community moderation services tailored to protect your users against these notorious doxxers. Powered by both human and artificial intelligence, and backed with the latest moderation tools and filters, we ensure that you gain 24/7 protection not only to doxxers but also to all types of harmful user-generated content.
Want to know more about how we take human-powered moderation to greater heights? Talk to us!