- Jun 24, 2016
- 2,399
Let’s admit it: these days our level of self-disclosure is at sky high. Websites, discussion forums, social media profiles filled up with personal details, photos, geotags – all telling the world about who and where you are. We leave our footprints all over the Internet. And if there happens to be someone who is eager enough to collect all that info and share it publicly, you are likely to become a victim of doxing.
What is doxing?
Searching, collecting and sharing personally identifiable information publicly against the target’s will is called doxing. The word ‘doxing’ comes from ‘dropping docs’ – a technique old-school hackers used as a revenge tactic back in the IRC times. What it meant was stripping away one’s anonymity to intimidate, harass, or even to draw the attention of law enforcement agencies. Of course, hackers, who strive to stay anonymous by any means, considered doxing a cruel attack.
Fast-forward to these days, doxing is a privacy-invading tactic that cyberbullies employ. You don’t even have to be a public figure – absolutely anyone can become a victim if they get on the radar of a bad character.
Just imagine: you leave a comment on an Instagram post. The owner of the page doesn’t like your opinion and decides to teach you a lesson by doxing you – publicly revealing your real identity, email address, telephone number, the company you work for and other details he or she can find on the Internet.
How harmful can doxing be?
Motives for doxing always come from a negative place – to humiliate, cause public embarrassment or harm reputation, either personal or professional. Attackers may seek to bring their target to justice in the public eye, causing a potential nightmare of social backlash.
Again, doxing involves only the info that already exists somewhere on the Internet and can be dug out one way or another. The essence is putting it all together, piece by piece, and making it easily accessible to anyone. Doxing material can be a mix of personal details, financial documents, network data, embarrassing photos and other private files, signed petitions, as well as publicly shared opinions on social networks and discussion forums. Regardless of its extent, doxing is a serious privacy violation.
How do doxers collect info?
Methods for collecting information range from easy-as-pie info harvesting to advanced hacking.
Sometimes all it takes is compiling publicly available data. Combine a high level of self-disclosure with a low level of security – and voilà! An attacker can learn a surprising amount about a target by just grasping info that is publicly available online.
Here are other common techniques:
Of course, the most persistent doxers can go far beyond than the mentioned, so it’s important to know what prevention steps you can take to avoid unpleasant consequences of doxing.
How can you prevent getting doxed?
The good thing is, there are steps you can take to avoid doxing or at least to minimise its harm.
Follow these tips without delay to get peace of mind:
#1: CHECK WHAT INFO ABOUT YOU CAN BE FOUND ONLINE
Search engines are likely the first place trolls go to collect info about a target. You can do the same to see what the Internet has to tell about you – simply run a search with your name on DuckDuckGo in the incognito mode.Why not Google? The great thing about the DuckDuckGo search tool is that it doesn’t do profiling and deliberately shows the same results to all users. This way, you can get the same view as a potential doxer.
Once you know what info about you is out there, try to take as much content off as possible. However, it can be challenging.
#2: USE TWO-FACTOR AUTHENTICATION
For trolls, breaking into your online accounts is like opening Pandora’s box. This is why you should protect all your accounts by enabling two-factor authentication if there’s an option to do so. Even if an attacker happens to know your password, they will bump into a wall at the next authentication step.
Although any kind of 2FA is better than nothing, it is recommended to avoid choosing SMS as a method of verification, as messages still can be intercepted. It is better to use trusted authentication apps, such as Google Authenticator.
#3: SECURE YOUR PASSWORDS
If you haven’t changed your passwords for a while or, even worse, you’re using the same one for several accounts, wait no longer and create strong, unique passwords for each online service you’re signed up to.
What makes a password strong? Using at least 10 unique characters and making use of passphrases. Nevertheless, lengthy passwords are difficult to remember, so it is recommended to use a password manager, such as LastPass. Not only will it generate unique, lengthy passwords, but also keep them secure without you having to remember them all – just a single master password.
#4: CONTROL YOUR PRIVACY SETTINGS ON SOCIAL NETWORKS
People tend to share a lot of personal details on social networks, both intentionally and accidentally. However, to avoid potential harm of doxing, the less info you reveal to strangers the better.
Your Facebook profile can be a goldmine for doxers if you don’t pay attention with whom you share your info. Make your profile, photos and status updates visible to friends only. Also, go through your ‘friends list’ regularly to eliminate those who you don’t know or don’t have to be in contact anymore.
Facebook lets you customize your privacy settings so you can stay in control of what you share and with whom. Dedicate some time to review your profile settings and adjust them for the sake of privacy.
#5: USE A VIRTUAL PRIVATE NETWORK (VPN)
A virtual private network is like a secure tunnel for your Internet traffic. Connecting to VPN encrypts your online data and hides your real IP address, so no snoopers could sniff your private information. With VPN, you can feel secure even on public Wi-Fi networks.
When choosing a VPN service, pick the one that follows a strict no-logs policy. Extra security features, such as protection against malware and an ad blocker also comes in handy when cutting the ways doxers might try to access your private data.
Original article: What is doxing and how can you protect yourself? | NordVPN
What is doxing?
Searching, collecting and sharing personally identifiable information publicly against the target’s will is called doxing. The word ‘doxing’ comes from ‘dropping docs’ – a technique old-school hackers used as a revenge tactic back in the IRC times. What it meant was stripping away one’s anonymity to intimidate, harass, or even to draw the attention of law enforcement agencies. Of course, hackers, who strive to stay anonymous by any means, considered doxing a cruel attack.
Fast-forward to these days, doxing is a privacy-invading tactic that cyberbullies employ. You don’t even have to be a public figure – absolutely anyone can become a victim if they get on the radar of a bad character.
Just imagine: you leave a comment on an Instagram post. The owner of the page doesn’t like your opinion and decides to teach you a lesson by doxing you – publicly revealing your real identity, email address, telephone number, the company you work for and other details he or she can find on the Internet.
How harmful can doxing be?
Motives for doxing always come from a negative place – to humiliate, cause public embarrassment or harm reputation, either personal or professional. Attackers may seek to bring their target to justice in the public eye, causing a potential nightmare of social backlash.
Again, doxing involves only the info that already exists somewhere on the Internet and can be dug out one way or another. The essence is putting it all together, piece by piece, and making it easily accessible to anyone. Doxing material can be a mix of personal details, financial documents, network data, embarrassing photos and other private files, signed petitions, as well as publicly shared opinions on social networks and discussion forums. Regardless of its extent, doxing is a serious privacy violation.
How do doxers collect info?
Methods for collecting information range from easy-as-pie info harvesting to advanced hacking.
Sometimes all it takes is compiling publicly available data. Combine a high level of self-disclosure with a low level of security – and voilà! An attacker can learn a surprising amount about a target by just grasping info that is publicly available online.
Here are other common techniques:
- Wi-Fi (packet) sniffing
- Analyzing file metadata
- IP logging
Of course, the most persistent doxers can go far beyond than the mentioned, so it’s important to know what prevention steps you can take to avoid unpleasant consequences of doxing.
How can you prevent getting doxed?
The good thing is, there are steps you can take to avoid doxing or at least to minimise its harm.
Follow these tips without delay to get peace of mind:
#1: CHECK WHAT INFO ABOUT YOU CAN BE FOUND ONLINE
Search engines are likely the first place trolls go to collect info about a target. You can do the same to see what the Internet has to tell about you – simply run a search with your name on DuckDuckGo in the incognito mode.Why not Google? The great thing about the DuckDuckGo search tool is that it doesn’t do profiling and deliberately shows the same results to all users. This way, you can get the same view as a potential doxer.
Once you know what info about you is out there, try to take as much content off as possible. However, it can be challenging.
#2: USE TWO-FACTOR AUTHENTICATION
For trolls, breaking into your online accounts is like opening Pandora’s box. This is why you should protect all your accounts by enabling two-factor authentication if there’s an option to do so. Even if an attacker happens to know your password, they will bump into a wall at the next authentication step.
Although any kind of 2FA is better than nothing, it is recommended to avoid choosing SMS as a method of verification, as messages still can be intercepted. It is better to use trusted authentication apps, such as Google Authenticator.
#3: SECURE YOUR PASSWORDS
If you haven’t changed your passwords for a while or, even worse, you’re using the same one for several accounts, wait no longer and create strong, unique passwords for each online service you’re signed up to.
What makes a password strong? Using at least 10 unique characters and making use of passphrases. Nevertheless, lengthy passwords are difficult to remember, so it is recommended to use a password manager, such as LastPass. Not only will it generate unique, lengthy passwords, but also keep them secure without you having to remember them all – just a single master password.
#4: CONTROL YOUR PRIVACY SETTINGS ON SOCIAL NETWORKS
People tend to share a lot of personal details on social networks, both intentionally and accidentally. However, to avoid potential harm of doxing, the less info you reveal to strangers the better.
Your Facebook profile can be a goldmine for doxers if you don’t pay attention with whom you share your info. Make your profile, photos and status updates visible to friends only. Also, go through your ‘friends list’ regularly to eliminate those who you don’t know or don’t have to be in contact anymore.
Facebook lets you customize your privacy settings so you can stay in control of what you share and with whom. Dedicate some time to review your profile settings and adjust them for the sake of privacy.
#5: USE A VIRTUAL PRIVATE NETWORK (VPN)
A virtual private network is like a secure tunnel for your Internet traffic. Connecting to VPN encrypts your online data and hides your real IP address, so no snoopers could sniff your private information. With VPN, you can feel secure even on public Wi-Fi networks.
When choosing a VPN service, pick the one that follows a strict no-logs policy. Extra security features, such as protection against malware and an ad blocker also comes in handy when cutting the ways doxers might try to access your private data.
Original article: What is doxing and how can you protect yourself? | NordVPN