The term doxing may not tell you anything, however, it refers to a type of cyberattack and cyberbullying that is quite common on the Internet. In this article we are going to see what doxing or doxing consists of and how we can protect ourselves from this practice.
What is doxing?
A rough definition of doxing, which we can also find as doxxing, is that it is a cyberbullying practice that consists of revealing someone’s personal and confidential information through the Internet.
Normally, doxing is the result of revenge and whoever carries it out collects all the information and personal data of their victim, to make them public on the Internet, often inciting other people to harass them and, in the worst case, , becoming real threats against the safety and physical integrity of the victim.
The meaning of doxing is related to the word “documents”, since it comes from the abbreviation “docs” in reference to the document. In 1990 hackers coined the term “dox” derived from “docs” to refer to the practice of collecting documents or personal information from their victims. As you can see, this type of practice that mixes cyberattack and cyberbullying comes from afar.
Doxing can become very dangerous, because the information that is published about the victims facilitates their identification in the real world (often also that of their relatives), their postal address, the place where they work, their telephone number, etc. etc. In the “best” of cases, the result of a doxing attack is to end up subscribing to some service or receiving orders that the victim has not made. In the worst cases, they can receive threats and more cyberbullying or be victims of identity theft or swatting (false complaints to the police against the victim, common in the US), among other types of attacks.
Despite what it may seem, the goal of doxing is not to blackmail victims for money in exchange for not publishing the personal information collected. In this case, what is intended is to harm and, therefore, publish said information on the Internet.
This is because, as we have already said, behind doxing is revenge, but also extrajudicial justice or harming people with notoriety and with whom one has totally opposite opinions or points of view. Thus, although anyone can be a victim of doxing, politicians, journalists or people with a certain notoriety and presence on social networks are common.
Apart from doing as much damage as possible to the victim, doxing also serves to put pressure on the victim, to incite other people to harass the victim and even threaten her, in order to intimidate her to the point that she leaves the public sphere.
It should be noted that according to studies carried out on the practice of doxing, its victims are mostly women. According to the report, one in five women in the United States claims to have been a victim of harassment on the networks and of these, 26% had suffered doxing at least once.
Consequences of doxing
The main consequence of doxing is the loss of anonymity on the Internet, since once someone starts doxing, information and personal data of the victim will appear in the main Internet forums (such as Reddit) and in many social networks, exposing the identity of the victim and that of their relatives, as well as where they live and even, in the most extreme cases, their routine, their place of work, their customs, etc. All the information that the attacker has been able to find will be exposed on the Internet.
This exposure can lead to much worse consequences, as we have already pointed out, since in many cases the victim is harassed, threatened, in short, putting a specific person in the spotlight, with the in order to harm it and create in it a feeling of insecurity that can lead it to abandon its presence on the Internet and even change its home.
How to protect ourselves from Doxing?
Since doxing consists of the collection of information about the victim, collection that is carried out through the Internet, the best way to protect yourself is to protect our privacy as much as possible when we browse and avoid leaving an overly traceable digital footprint.
It would be best to connect to the Internet using a VPN to hide our IP address, which is one of the ways to track us on the Internet, but not everyone uses this type of private network, so the next best option is to be cautious. .
Thus, the first thing is to try not to use the same username and password for all our accounts (whether on social networks, emails, streaming platforms, online video games, forums, etc.), creating a different one for each site we are on. subscribed. And change these passwords from time to time.
In this sense, it is also recommended not to resort to creating an account using our Facebook or Google account, which is currently so common and convenient, because we will be “grouping” information about us in a “single site”. If one of these accounts is hacked, the hacker will be able to access all those that are linked to it.
If we use social networks, keep our profile private and try not to share too much personal information on them, such as where we work or photos of our children.
If we are users of Internet forums, we should never use our real name in them and always opt for a pseudonym.
Try not to reveal personal or private information on social networks, forums or in instant messaging groups.
In short, it is about preventing data and personal information from circulating on the Internet that could lead to identifying us.
How is doxing carried out?
When explaining how to dox , we must bear in mind that there are two phases, the information gathering phase and the publication phase.
In the first phase, hackers (or doxxers) collect all the information they can find on the victims, tracking social networks, web pages, databases that may contain telephone numbers and addresses, database hacking, social engineering attacks. The goal is to gather as much information as possible about the victim, her environment, and her life.
In the second phase, all the information collected is disseminated, using all the means and platforms available on the Internet. The objective is for the publication to reach the greatest number of people and for them, in turn, to continue disseminating it.
Types of doxing
These are the most common types of doxing that occur on the Internet:
- The publication of personal and private information of a person on the Network and identification of the same.
- Posting confidential and previously unknown information about a person online.
- Publication of information online in order to damage the reputation of the victim, as well as that of their associates or relatives.
- Inciting harassment and intimidation of the victim.
- Carry out a supposed personal justice, by exposing the identity of alleged criminals.
- “Journalistic doxing” when journalists or media resort to this practice to investigate certain anonymous personalities.
Examples of doxing
Now that you know what doxing is and how it works, let’s take a look at some real examples of doxing.
We started almost at the beginning of this practice. In 1997, US anti-abortion activists seized personal information from the clinics and professionals who carried out this practice in the country, publishing it on a blacklist that was posted on the Internet until 2002. It not only identified these people, also if it incited them to harm them.
We are still in the US, but in 2013; After the Boston Marathon bombing, thousands of users on Reddit decided to play police and try to identify those responsible. In the end, what they managed to do was misidentify several suspects, who they subjected to doxing attacks. None of these people was responsible for the attack. The worst thing is that because of the harassment received, one of them ended up committing suicide.
And to finish, a closer and better known case. We are talking about the person who spread the image and personal data of the victim of ‘la Manada’. This dissemination was carried out on social networks, forums and digital media.
Doxing vs. DDoS
It’s easy to confuse them, because they sound similar, but a doxing attack has nothing to do with a DDoS attack.
While a doxing attack, as we have seen, is directed towards a specific victim, in order to expose their identity and all their personal information on the Internet. A DDoS or denial of service attack is directed against the server of a web page or online platform, with the aim of leaving it without service, that is, to bring it down and prevent users from accessing it.
Doxing is or derives in a form of cyberbullying towards a person and the DDoS attack has economic purposes (to extort a company and make it pay a ransom to recover the service) or political.
The above content published at Collaborative Research Group is for informational purposes only and has been developed by referring to reliable sources and recommendations from experts. We do not have any contact with official entities nor do we intend to replace the information that they emit.