What is Doxxing (Doxing) and Is It Illegal?

The concept of 'doxxing' has emerged as a significant concern in the realm of online safety and cybersecurity. But what exactly is doxxing, and why is it crucial for those embarking on a journey in cybersecurity to understand this concept? 

This article aims to demystify doxxing, exploring its various facets in a manner accessible to beginners and enriched with technical insights.

Table of Content (TOC)

• What is Doxxing?
• Evolution of Doxxing
• How Does Doxing Work?
• How Doxxers Find Personal Information?
• Real-Life Examples of Doxxing
• What are the Different Types of Doxing?
• Is Doxxing Illegal?
• How to Protect Yourself From Doxxing?
• How Do You Know If You Have Been Doxxed?
• What to Do if You Have Been Doxed?

What is Doxxing? (Doxxing Definition)

Doxxing is the act of publicly disclosing someone's personal data (information) online, such as their real name, home addresses, workplace, emails, phone numbers, and even sensitive data like social security numbers, without their permission. 

Once this information is public, the victim becomes vulnerable to various risks. Doxxing can lead to benign annoyances, like unwanted mail, or escalate to serious threats. These include harassing family members, swatting, identity theft, and other cyberbullying forms.

In lay terms, Doxxing (also known as Doxing) is the act of sharing someone's private information online without their consent. It often involves revealing the real identity of someone previously anonymous. 

Evolution of Doxing

Doxxing, a term that evolved from the phrase "dropping dox," where 'dox' is slang for documents, refers to the act of revealing personal information (like someone’s physical address) about someone online without their consent. Doxxing began in the hacker community in the 1990s, a time when online anonymity was highly valued. Hackers used it to settle scores, revealing rivals' real identities, once hidden behind usernames.

The practice evolved beyond hacker feuds, entering mainstream internet culture. Social media's rise made personal information more accessible, expanding doxing's reach. It shifted from a tool for unmasking anonymous users to a broader tactic for public exposure.

Today, doxxing is used in various contexts, from personal vendettas to political activism. It's no longer confined to the tech-savvy; anyone can doxx with basic internet skills. This evolution has made doxing a notable concern in online privacy and safety discussions.

How Does Doxing Work?

Doxing involves data stitching, a process of piecing together small information bits found online on social media sites. This includes usernames and passwords, addresses, and even social media activities. The goal is to reveal the real identity behind an online alias. Often, this information is collected from various internet sources (like social media accounts, social media profiles), using tools like username tracking, WHOIS search, or purchasing from dark web markets.

By connecting these information pieces, doxers create a comprehensive profile. The intent often is to intimidate or harass. For example, knowing someone's address can lead to physical threats. Similarly, access to email or phone numbers enables relentless messaging, disrupting communication.

How Doxxers Find Personal Information?

Doxxers use “n” number of methods to collect information about their targets. Some of the most common ones are:

• IP/ISP Tracking: Doxxers obtain your IP address and use call spoofing apps and social engineering to trick ISPs into revealing information like - phone numbers and email addresses.
• Social Media Scrutiny: They examine your posts, comments, and interactions on platforms like Facebook and Twitter. Once done, they gather data like location, workplace, and family connections.
• Data Broker Purchases: Buys detailed personal profiles from data brokers. These individuals compile data from public records, customer loyalty cards, and online activities.
• Phishing Attacks: Doxers may send fraudulent emails or messages to trick recipients into revealing sensitive info like - email account passwords.
• Internet Traffic Eavesdropping (Sniffing): They may use cyber security tools like Wireshark to intercept and analyze data packets moving through networks. By doing so, they are able to extract personal identifying information.
• WHOIS Lookups: Uses WHOIS databases to find personal information (like their names, addresses, and contact details) of domain name owners. 
• Hacking: Doxers also employ techniques like brute force attacks, zero-day exploits, and spreading malware, to illegally access and extract personal identifying information.

Real-Life Examples of Doxxing

1997 Anti-Abortion Campaign: Anti-abortion activists in the US targeted abortion providers, publishing their personal details as a hit list on the Nuremberg Files website.

Boston Marathon Bombing, 2013: Redditors mistakenly identified several individuals as bombing suspects, sharing their information widely.

2017 Charlottesville March: White supremacists participating in a march were exposed by counter-protestors. However, some innocents were wrongly accused and harassed.

Hong Kong Protests, 2019-2020: Protestors revealed personal information of police officers and government supporters. Journalists and protestors themselves also faced similar exposures.

Keffals' Case, 2022: A Canadian Trans activist was subjected to a prolonged harassment campaign. She faced repeated incidents at different locations, including swatting and prank orders under her deadname, even after moving countries.

What are the Different Types of Doxxing?

There are mainly four types of doxing:

• Celebrity Harassment Doxing: Targets celebrities, often for harassment. Example: Paris Hilton had her sensitive information publicly leaked.
• Targeted Doxing: Focuses on individuals due to personal disputes or actions. Example: Curt Schilling exposed harassers of his daughter online, leading to their job loss.
• Faulty Doxing: Mistakenly links innocent people to crimes. Example: Sunil Tripathi was wrongly accused as the Boston Bomber, tragically resulting in his suicide.
• Swatting: Involves hoax calls to police, leading to dangerous raids. Example: A man was fatally shot by police following a false hostage report at his home.

Is Doxxing Illegal?

Doxxing isn't specifically illegal in most places, as direct anti-doxxing laws are rare. However, legality varies case by case. Actions like harassment, cyberstalking, or identity theft related to doxxing can lead to charges. 

Some regions are introducing specific laws against it, like Kentucky and Hong Kong in 2021. In the US, statutes on interstate communications and stalking might apply, depending on the situation. 

Additionally, revealing private information without consent can breach certain website policies, such as Twitter's terms of service.

How to Protect Yourself From Doxxing?

Follow the practices mentioned below to protect yourself from doxing:

• Conceal Your IP Address: Use a Virtual Private Network (VPN) or a web proxy to hide your IP address. This step ensures that anyone attempting to track your IP will see only the address of the VPN or proxy, not your actual IP. It's especially important when using unsecured public Wi-Fi, as it encrypts your internet connection, protecting your online activities.
• Avoid Third-Party Logins: Be cautious about using your social media accounts to log in to other websites and apps. Each connection you make increases the chance of your personal info being compiled and exposed. If one account is compromised, it could lead to a domino effect, putting multiple accounts at risk.

• Keep Social Media Profiles Private: Your social media accounts can reveal a lot about you. Ensure your profiles on platforms like Facebook, Instagram, and Twitter are set to private. Regularly review your privacy settings and consider removing your profiles from search engine results to limit public access to your information.
• Use Pseudonyms in Online Forums: When participating in online forums or communities, use a pseudonym instead of your real name. Avoid using the same username across different platforms to prevent someone from connecting your various accounts and building a profile of your identity.
• Request Removal from Data Brokers: Data brokers collect and sell personal information. It's advisable to contact them and request the removal of your data. Although this can be time-consuming, it helps in reducing the amount of your personal information that's publicly available.
• Implement Multi-Factor Authentication (MFA): MFA (like two-factor authentication) adds an extra layer of security to your online accounts. It requires a second form of identification, like a code sent to your phone, in addition to your password. This makes it harder for unauthorized users to access your accounts, even if they know your password.
• Do a Personal Data Audit (Self-Doxxing): Regularly search for your own information online to see what's publicly available. This can include Googling your name, performing reverse image searches, and checking what information data brokers have on you. This self-audit helps you understand your online footprint and take steps to minimize it.
• Set Up Google Alerts: Use Google Alerts to monitor the web for mentions of your personal information. Set alerts for your name, address, phone number, and other personal details. While not comprehensive, it's an effective way to get notified if your information appears online.

How Do You Know If You Have Been Doxxed?

To know if you've been doxxed, watch for signs like your information suddenly appearing in public spaces online. Friends or acquaintances might inform you if they come across your personal data. Additionally, you may start receiving unsolicited messages or harassment via social media, email, or phone.

Check for any security breaches on your key accounts like Facebook or Gmail. For detecting information on the dark web, rely on dark web monitoring software (like - LifeLock, Dashlane, etc.) instead of directly accessing it, which requires a special browser (Tor) and poses risks. 

What to Do if You Have Been Doxed?

If you find yourself a victim of doxing, here's what to do:

• Report It: Immediately report the incident to the platforms where your data is posted. Familiarize yourself with their reporting process and document each step for future reference.
• Involve Law Enforcement: If the doxing includes threats or sensitive information like your home address, involve law enforcement. Treat any data breach involving financial information as a high priority.
• Document Everything: Take screenshots, ensuring the date and URL are visible, for evidence.
• Secure Financial Accounts: Inform your financial institutions of the data breach. Change passwords for online banking and credit accounts.
• Lock Down Accounts: Update passwords, enable multi-factor authentication, and review privacy settings.
• Seek Support: Doxing can be distressing. Lean on friends or family for emotional support.

Remember, "involving law enforcement" should be a priority if there are credible threats, and treat any "data breach" seriously, especially concerning financial information.