Searching for and publishing personally identifiable information of a person publicly over the internet with malicious intent is called doxxing. The word is derived from “dropping dox”, a revenge tactic that was used by hackers to drop malicious information on someone, usually a rival.

Fast-forward to today, doxxing is a tactic employed by cyberbullies that entails leaking private information about an individual to the public on the internet. You don’t have to be known and popular – anybody can fall victim to this form of online harassment, if and when they get on a bad guy’s radar.

Let’s discuss the the different methods through which doxxers can collect information later on…

Types of doxxing

Doxxing can be done by a variety of ways online, however, most doxing situations fall under one or more of the following:

• Disclosing a user’s personally identifiable information (PII) online.
• Disclosing previously unknown information of a user online.
• Disclosing private information of a user online that may damage not only their reputation, but also that of their professional or personal associates.

Why do people dox others?

Doxxing, more often than not, is done with the intent to threaten or harass someone, for whatever reason. It’s additionally used as a way to reveal an undisclosed agenda, right perceived wrongs, or bring someone to justice in the eyes of the public. The motive behind releasing personal information is undoubtedly always negative – to either humiliate, punish, or intimidate the person in question. However, the core purpose of doxxing is to invade or violate privacy. That’s why it is crucial to understand and adopt the best practices to maintain your internet privacy.

How is doxxing done?

Now, you may be wondering “How easy is to doxx someone?” Well, there are various techniques that can be used by doxxers to collect information on an individual.

Here are some common methods:

• Packet Sniffing: The data you send over a WiFi network can be intercepted by breaking its security measures to capture valuable information like credit card data, emails, passwords, bank account details, etc.
• IP Logging: It is a piece of invisible code and can be sent to your device via email or message to sniff out your IP address. Once the message is opened, your IP is tracked and secretly sent back to the sender.
• Reverse Cellphone Lookup: This allows the doxxer to find an individual’s personal details like name, email address, age, home address, etc. by using their cellphone number.
• Analyzing Social Media: Most internet users are active on social platforms like Twitter and Facebook. What’s more is that they are usually unaware of the risks they face online, and hence their profiles have weak privacy settings. If someone wants to doxx a person, turning to their social profiles may provide them a wealth of information.

Preventive measures to take against doxxing

While your information can be found by those who are very keen to look for it, that doesn’t necessarily mean there’s nothing you can do to avoid being doxxed, or at the least, minimize the harm it can cause.

The following are few measures that should be followed to protect your online identity from doxxing:

1. Conceal your IP address with a VPN

A VPN acts like a secure tunnel that protects all your internet traffic and is the most important tool when it comes to protecting yourself against doxxing.
Once connected, not only does it secure your entire connection with an unbreakable layer of encryption, but also hides your IP to mask your online identity so that your personal information can’t be hacked into.

2. Increase privacy on social media

There may be personal information on your social media accounts that can be viewed by the public. Or, your social networking accounts could be public as well.
Some things to keep in mind include:

• Set all the profile pictures you’ve used in the past to private.
• Make your profile unsearchable to everyone.
• Hide your friends list by changing it to private.
• Remove featured photos, if any.
• Consider using a profile picture that’s benign or professional in case it gets posted anywhere else.

3. Set strong passwords

If you haven’t changed the passwords of your online accounts for some time, now would be a good time to do the needful. However, make sure you create strong, unique passwords for each one – 15 characters is the minimum. We’d recommend using computer generated passwords as they’re almost impossible to guess.

4. Be wary of what information you share online

Even the smallest of details are important as they can be pieced together to create an identifying profile of you. Take, for instance, by doing something as simple as clicking on person’s username on social media sites such as Twitter, Reddit, Instagram, etc. doxxers can find out every time you’ve posted your opinions, shared your pictures, or contributed to discussions.

Therefore, if you have ever posted personally identifiable information anywhere online, you need to take that down immediately to avoid getting into such a situation.

5. Find out what information Google has on you and delete it

All you have to do is search up your name on Google, and see if you come across any of your information on messaging boards, internet forums, social media networks, etc. If you do, delete it right away and this also includes any online accounts that you don’t use anymore.

6. Install an Antivirus

Doxxware, also sometimes referred to as extortionware, is a new type of malware in which a hacker gains access to the victims’ confidential information and threatens to publish it publicly unless the payment of a ransom is made.

Therefore, it’s important that you keep your computer or device secure by installing a strong anti-virus program. Make sure to apply all updates as soon as they’re available – setting up automatic updates can prove useful here!

7. Don’t log in with Facebook or Google

Many sites and apps allow users to register using the “Login with Google”, “Login with Facebook”, or “Login with Twitter” buttons. Basically, this enables you to complete the registration process with the email you used for your Google, Facebook, or Twitter accounts.

However, the downside of using them is that you’ll automatically give the information attached to your Google/Facebook/Twitter accounts to the website. For this reason, you should register manually so that you can control the type of information they have on you.