We’re less than a month away! Join us at the 2024 Human Firewall Conference on November 14-15. Spaces are filling up, reserve your free spot now.

A man sitting at his desk with a laptop, looking stressed with his hands on his head while surrounded by digital icons suggesting doxxing.

Doxxing

Doxxing is a malicious online scheme that involves exposing private information about individuals or organizations in the digital arena, setting the stage for security breaches and relentless harassment.

30 November 2023 · 13 min read

What is doxxing?

Doxxing, also spelled “doxing,” is the act of publicly revealing private or sensitive information about someone, usually without their consent, for the purpose of harassment, public shaming, or causing harm. Imagine someone snatching your phone and threatening to upload all your private text messages and photos. This is what doxxers would do. Whether it’s your personal details or sensitive business information that falls into the wrong hands, there can be serious repercussions for unwanted data published online.

Recently, a billboard truck at Harvard exposed students’ personal details due to their political stances. Following this, students faced doxxing and professional threats aimed at marginalizing them, with their names, class years, photos, hometowns, and club memberships published on blocklisting sites, posing long-term risks to their personal and professional lives. Similar incidents also occurred later at Columbia and the University of Pennsylvania.

But doxxing is not only about politics and social topics. Any individual or organization should implement robust prevention measures against doxxing to protect both user data and corporate integrity from potential compromise. To arm yourself with the best defense strategies, staying informed is key.

Laptop with an open padlock icon, a user profile, and the title 'Personal information' on the screen. Arrows and speech bubbles suggest the sharing of this information in a doxxing attack.

How does doxxing work?

Doxxing works by gathering personal or private information about an individual and then publishing it publicly, usually online. The process can involve various methods to collect this information, including social media scouring and more malicious tactics.

Social media

One of the simplest ways to gather information is by combing through the target’s social media profiles. People often inadvertently share a lot of personal information on Facebook, Instagram, and Twitter, from full names and birthdays to home or work locations. If you have a public profile, it’s easy enough for anyone to see who your friends are, relatives, where you work, who you work with, and what you like to do in your free time. While you may share this information with the best intentions, some people may take advantage of your openness online.  

But besides the obvious visual inspection of everything that you post on your social media, doxxers can also inspect the metadata of your photos – technical information contained in files – to obtain information like time and location, which helps them determine where you were when posting.

Web investigations

The web offers a wealth of information, which doxxers can capitalize on for their own agenda. Any personal websites, blogs, or articles can offer up information about someone. Information can also be gleaned from public records and other online databases, which may include addresses, phone numbers, and even property records. Forums and communities are a hotspot for information, too. Doxxers may dig through comments, posts, or profiles on various online forums or groups where the target is active to gather clues about their identity or personal life. 

Cybercriminals can also put the puzzle pieces together using information dug up on government websites, such as county records, business and marriage licenses, and voter registration logs, which all contain personal info. IP website trackers and reverse phone lookups can also help doxxers gather more info about their target.

Phishing

In more extreme doxxing cases, a person might send phishing emails or messages pretending to be a trustworthy entity to trick the target into revealing sensitive information. Targets often fall for the social engineering tactics used by hackers and accidentally give up their login credentials, allowing doxxers unauthorized access to their personal accounts and to all the personal data stored there.

Insiders

Sometimes, personal grudges can transform those close to you – friends, family, or co-workers – into unwitting informants. Imagine this scenario: someone, armed with a treasure trove of your personal details, makes a conscious decision to divulge anything that could potentially send the carefully constructed structure of your life into a tailspin.

After acquiring this data, doxxers proceed to the digital reveal. They may scatter the victim’s personal data across websites, forums, social media platforms, and even take it a step further by dispatching it directly to the target’s inner circle – friends, family, and colleagues. The goal is intimidating, shaming, or otherwise harming the victim, which can lead to a myriad of consequences, from relentless harassment and chilling threats to stalking, identity theft, reputational damage, and even physical harm.

Infobox with the heading 'Why is it called doxxing?' followed by an explanation of the origin of the word.

What is real-time doxxing?

Real-time doxxing is an escalated form of the already harmful practice of doxxing, characterized by its immediacy. In this scenario, the doxxer gathers and releases someone’s personal information almost instantaneously, often during live online events like video streams or social media chats.

The impact of real-time doxxing is amplified because it happens very quickly, giving the target little-to-no time to respond or defend themselves. This fast-paced action is often designed to intimidate, disrupt, or silence the targeted individual immediately, sometimes to influence the outcome of the live event they are part of.

In many cases, real-time doxxing attacks will leak the target’s current location, which raises not just cyber security concerns but also physical safety risks. For example, business mogul Elon Musk recently experienced real-time doxxing, with a college student named Jack Sweeney creating an “@ElonJet” account to track Musk’s private jet as it flies. This account had bots scrape and post flight data on Twitter. Musk offered a monetary reward of $5,000 to stop the account and eventually had it banned.

Is doxxing illegal?

It’s clear that doxxing can have devastating effects and is socially seen as undesirable, but is it illegal? The answer isn’t so straightforward. In certain jurisdictions, sharing someone’s private information can lead to hefty legal penalties. However, in other regions, there is no specific legislation regulating the malicious sharing of private details. The legality thus hinges on both the location and the specifics of each case.

In Europe, the legal stance on doxxing varies by country but is generally influenced by broader European Union (EU) laws on data protection and privacy, such as the General Data Protection Regulation (GDPR). Under GDPR, unauthorized sharing of personal information could be considered a breach of data protection rules, potentially leading to significant fines and legal consequences.

In the US, while there is no specific legislation prohibiting doxxing nationwide, some states like California have taken steps to protect residents by implementing cyber security laws focused on electronic harassment, a category that doxxing cases may fall into. California Penal Code 653.2 is used to prosecute forms of indirect cyber harassment through the posting of harmful information on the web, which is treated as a misdemeanor and can result in fines and even jail time.

Even though doxxing is generally frowned upon by institutions worldwide, the fact that there is a legislation gap in many countries – especially outside Europe – is a cause for concern. But as technology advances and nations continually refine their security protocols, the issue of doxxing is anticipated to remain a significant topic of discussion. These conversations hold the potential to enhance overall security measures for citizens, fostering an environment of increased protection.

Some major corporations have also taken steps to condemn doxxing within their privacy policies. X, formerly known as Twitter, is a prime example. It has faced many doxxing cases in the past, leading to an updated personal information policy, which states that sharing someone’s private info online without permission breaches their privacy and the company’s rules. Users violating this policy will be asked to remove the content and have their accounts locked – or suspended in severe cases.

Main targets of doxxing attacks

Anyone, from individuals to corporate figures, can fall victim to a doxxing attack. Unfortunately, ordinary people often become targets due to personal disputes, grudges, or even random acts of cyber harassment. If they are part of a specific racial, religious, or social group, they may be doxxed as a form of hate crime or discrimination. In fact, according to The Economist Intelligence Unit’s 2020 study, women are more likely to experience doxxing, with 45% of young women having experienced online violence.

Image of a young woman looking at her smartphone with a statistic overlaid stating '45% of young women have experienced online violence'.

Another potential target of doxxing attacks is anyone who uses cryptocurrency or has wealthy assets. Violating their anonymity and revealing private information may be especially appealing to doxxers. CEOs, executives, and other key personnel within companies may also be targeted for various reasons, such as corporate rivalry or activism. Their personal and professional reputations can suffer as a result.

Cybercriminals have expanded their reach with doxxing attacks, targeting not only unsuspecting individuals and office staff but also public figures. Celebrities, politicians, and other high-profile individuals are often at risk because they have a public presence that might attract both fans and detractors. Public figures who are vocal about social, political, or environmental issues are sometimes doxxed by those who oppose their views or activities. Activists, protestors, journalists, bloggers, online personalities, gamers, whistleblowers, law enforcement, and military personnel are other popular targets for doxxers who want to intimidate, discredit, and cause harm to their victims.

The devastating effects of doxxing

The effects of doxxing can be pretty tough to handle, both online and offline. When someone gets doxxed, they often face non-stop online harassment. Think of it like a barrage of hurtful messages, threats, and cyberbullying. It can take a serious toll on a person’s mental well-being.

But the troubles don’t stay in the digital world. In the real world, having your address and phone number exposed can lead to real-life stalking or harassment, making you feel unsafe in your own surroundings. Your reputation can also take a hit. False information can get mixed in with your personal details, making you look bad in front of others. This can harm your relationships, job prospects, and how people perceive you in general.

After all, once something hits the web, there’s no guarantee it can be completely erased. Even after removing a malicious web post, it’s entirely possible the info was copied, screenshot, or archived, so it could just as easily be published again. That means once your contact/banking details or other confidential information are leaked, it’s impossible to undo it.

Many doxxing victims end up changing their credentials wherever possible and investing in identity theft prevention to safeguard their livelihood. Otherwise, cybercriminals might use your info to pretend to be you, which can lead to financial trouble and legal issues.

Doxxing attack examples in real life

To better understand the ongoing threat of doxxing, it helps to look at real-world examples of doxxing attacks and the ripple effect they have on people’s lives. Doxxing targets both individual internet users and companies, indiscriminately wreaking havoc by publishing sensative data.

Activist attacked by relentless doxxers

Individuals with a large online following are an easy target for doxxers, who look for breadcrumbs on social media to piece together a personal profile of their victim. Keffals, a transgender activist and creator from Canada, experienced doxxing firsthand with a months-long campaign in 2022. It all started with a swatting incident, where Keffals was falsely accused of planning to kill their mother and city council members. Keffals was arrested and released, but the detractors continued the harassment, prompting their relocation to several different locations. Each residence was doxxed, with the exposed addresses receiving prank food orders and more swatting attempts. This is an unsettling example of just how far some doxxers are willing to go to cause discomfort and downright harm to their targets.

Geopolitics and false accusations put a journalist at risk

Karima Brown, a journalist and broadcaster from South Africa, was doxxed in 2019 after accidentally sending a message intended for her producer to a WhatsApp group of the Economic Freedom Fighters (EFF) political party. The EFF ran the group so journalists could get media statements, but party leader, Julius Malema, accused Karima of spying and subsequently tweeted her phone number to approximately 2.3 million followers on social media. Brown reported receiving graphic messages threatening assault and murder, leading a Johannesburg high court to rule that this doxxing case violated South Africa’s Electoral Act.

Tech company impacted by doxxing hackers

Even tech giants can suffer the consequences of doxxing. X found themselves in the doxxing spotlight at the start of 2023, with a whopping 200 million of their user email addresses revealed on a hacker forum after hackers demanded a $200,000 ransom. This breach threw users into the phishing and hacking arena, with the doxxed details acting as the VIP pass for potential identity intruders.

How to prevent doxxing

Doxxing prevention should be a top priority for individuals and organizations alike. This requires a combination of proactive measures to protect your online presence and personal information. Here are some essential steps to help safeguard yourself and your workplace against doxxing.

  • Use strong passwords. Choose unique passwords for all your online accounts. To help you manage these, set up a trustworthy password manager that can securely generate and store your credentials. However, if you must remember a password, such as your password manager password, use mnemonic rules to make it easier.
  • Scrub metadata from photos and files. To remove metadata, when you open the file on your computer, you can right-click to select properties and then click on the option to remove properties and personal information. Please note that this only works for Windows and on desktop. To remove files somewhere else, the fastest way to do it is by downloading an app that serves that purpose.
  • Enable multifactor authentication. Use MFA wherever possible to add an extra layer of security to your online accounts and lower the risk of unauthorized access by doxxers.
  • Limit social media exposure. Audit your online profiles, including social media accounts, forums, and websites, to ensure you’re not inadvertently sharing too much personal information.
  • Be cautious with public Wi-Fi. Public Wi-Fi networks, such as those in coffee shops, airports, and hotels, are typically open and unsecure. This means they lack encryption and security measures, making it easier for doxxers to intercept data.
  • Separate personal and professional online profiles. Review and tighten privacy settings on all social media accounts to limit the visibility of your personal information to only those you trust. Be mindful of who can see your posts and profile details.
  • Use virtual private networks (VPNs). A VPN can help anonymize your internet connection by masking your IP address, making it more challenging for doxxers to trace your online activity.
  • Be wary of phishing attempts. Double-check before downloading attachments or clicking links from unknown sources, as they may be phishing emails or messages.
  • Monitor your digital footprint. Conduct periodic searches on search engines to see what information about you is readily available. If you find sensitive information, you have the right to request the website owner to delete it.
  • Be mindful in online communities and forums. Use encrypted messaging apps, robust network security, and updated malware software. Limit the sharing of location data and consider your audience before posting.
  • Be mindful of email security. Email security solutions use advanced filtering techniques to identify and block spam, phishing, and other suspicious emails. This reduces the likelihood of falling for doxxing attempts hidden in your inbox.

Mitigating doxxing risks in the modern world: How can you protect your organization against it?

Let’s think of doxxing as that unwanted guest who’s trying to crash your online party. It’s all about someone digging up your personal info and spilling the beans on the internet without your permission. When done with harmful intent, doxxing can lead to various negative consequences, such as harassment, threats, stalking, identity theft, and damage to one’s reputation or personal safety. That’s why doxxing awareness and prevention strategies are so important for both individuals and organizations that may be affected.

SoSafe provides personalized awareness training via an immersive e-learning platform to ensure employees, business leaders, and everyone in between are aware of doxxing and similar cyber security risks. But if you want to go a step further and let your employees practice their knowledge in a safe environment, SoSafe’s phishing simulations allows you to send them simulated phishing emails based on their job roles or based on their behavior, to create an extremely personalized experience where learning outcomes are maximized.

To keep up your employees’ level of awareness and ensure they always stay on top of the new tactics of cybercriminals, SoSafe has launched a new AI-powered conversational chatbot called Sofie. Sofie acts as implemented an always-on level zero support that can instantly reply to your employees’ security inquiries or escalate the issue to your IT if it is a more complex case. This approach saves time, provides fast support to your employees, and enables them to access knowledge where and when they need it. 

These resources enhance awareness and cyber security, providing essential protection as threats from doxxing attacks keep advancing.

Do you want to stay ahead of the cyber game?

Sign up for our newsletter to receive the latest cyber security articles, events, and resources. No spam, only content that truly matters.

Newsletter visual

Scale your security
culture
with ease

See how SoSafe supports CISOs, administrators, and end-users in building continuous resilience.

Request a demo

Frau arbeitet an einem Tablet

Request a demo

Learn how our platform can help you empower your team to continuously avert cyber threats and keep your organization secure. Schedule a demo and one of our experts will contact you soon.