Doxxing And The Threat To Disclose Personal Information

Doxxing comes from the word  documents. It is the combination of the abbreviation for documents (dox) and the suffix “ing”.

In this internet age, there are very few people who do not have a Facebook profile, do not have an online store or do not shop online. Information technology has made life a lot easier. But with new conveniences comes new problems, dangers, or threats. Unfortunately, there will always be another side to the coin, despite how well we handle our accounts. In this case, it is a dark side that people will use to take advantage of certain situations or information.

What is doxxing?

Doxxing mainly consists of creating a complete profile for a specific person or company by collecting personal information. This information may already be available on our social media profiles, so what’s the big deal?

In fact, this information is freely available, but a profile created with doxxing contains much more personal information that is not publicly online. This information is obtained by linking various data that are freely available online. The truth is that there are many references that belong to us that we may think are private, but which are actually easily accessible.

Doxxing is the simple practice of using the internet to look for a particular person’s details. The danger of this technique is that all that is needed is a name, a username, age, phone number, email and photos. Basic personal information is the starting point for doxxing. In other words, Doxxing is not based on just collecting information that is already available. It consists of obtaining more personal information that is not public.

This practice is not illegal since it is basically just gathering information about a person. But the real crime is how this information is used or the way people obtain it.

• In the first case, when the crime is the use of the information, the defining characteristic is the intention to harm the victim. For example, using information to defraud them, steal their identity, harass them or threaten them.
• In the second case, we can look at the many tricks that exist in the electronic world to gather information. For example, using downloadable documents that contain malicious software (a malicious file) to obtain account numbers, medical information, etc.

Some tools for doxxing

• Google and other search engines like Yahoo and Bing. These are tools that everyone has to get information quickly and easily. This is information such as photos, social sites they visit, phone numbers, email addresses and more.

• Social Media. Facebook  and LinkedIn are the most used social media since these are the ones that store the most personal data. The work-related use we give them can put us at risk for this type of attack online.
• “Whois” search. This search provides information about the owner of a web domain or IP address.

What consequences can it have?

The injuries that a person can suffer due to doxxing can be material and personal. These can vary depending on many factors, but especially on the target of the attack.

In personal matters, the most important damage is the perception of uncertainty. The assailant can obtain a home address which shows that this person is not safe at home. In the same way, this can escalate to an anxiety crisis. It can also lead to social problems because the information can be used to humiliate, insult and stalk the victim. In addition, fear is another important consequence.

In the case of material things, this type of attack can involve the loss of a bank password that the attacker uses to gather sensitive information. All this is related to the possible loss of money, having to start life anew, etc.

In the same way, the consequences of doxxing can affect other people in addition to the direct victim. Family members and their friends may be in danger. Think about when someone’s information is exposed. When this happens, the victim’s close circle is also affected. This creates a kind of snowball effect that becomes harder and harder to stop.

How to prevent it

When we are on the internet, it is practically impossible to be “anonymous”. The only thing we can do is follow a series of guidelines that make obtaining the information more annoying.

The most important thing we should do is to minimize the amount of information we post on our social media. Sometimes this is inevitable. Thus, we must strengthen our security.

• Make certain information private. For example, photos, emails and phone numbers on social media. Do not let everyone be able to see this information, and if you can, do not share it at all.
• Use strong passwords. Combining numbers and uppercase and lowercase letters may not be foolproof for hackers. Currently, there are some programs that break that type of security barriers. However, stronger passwords can make it more difficult. Not using the same password for different domains and pages is also a good idea.
• Avoid tagging your direct placement in your posts.
• Use different email addresses for each specific use:  work, social media, personal email, bank accounts, etc.

An example

In Brussels, Belgium, a man who offered to read volunteers’ thoughts pitched a tent. Those who accepted this were amazed at what the man guessed about them. He knew a lot about them, information they had not shared with people  in his inner circle.

Once you are on the internet, you are a potential target. This is true even if you do not have any kind of profile on social media. Other services you use may store your information online (medical history, account transactions, addresses, online shopping, etc.). It is inevitable! But if we are careful about the things we post online, we can reduce the risk of falling victim to these malicious practices.