ADVERTISEMENT

What is Doxxing, Why is it Bad And How Do You Avoid It? 

What steps can be taken to prevent a doxx attack?

Updated
Explainers
5 min read
What is doxxing? What steps can be taken to prevent a doxx attack?
i
Snapshot

A woman in Gurugram, who allegedly told a bunch of young girls that they “deserve to get raped” because of the length of their dresses, has sparked a fierce online debate.

A video of the woman was widely shared on social media, where a group of girls can be seen seeking an apology from her for her comments. However, the woman – not identified by name in the video – had refused to apologise initially.

Soon after the incident surfaced online, two clear factions emerged – one that wanted to publicly vilify the woman for her actions and the other that thought it prudent to hide her identity to shift the focus on the issue at hand instead.

Some among the ‘vilify’ faction – including a national political party’s spokesperson – even went to the extent of digging through the trenches of the internet to reveal her name, occupation, husband’s name, his occupation and their Facebook profiles in a bid to publicly name-and-shame her.

A leading news portal even extracted photos of the woman wearing a dress herself – dubbing her a hypocrite.

This digging of the internet is called ‘doxxing’ – a process of collecting and publishing of someone’s private information online, usually with the intent of inciting harassment in real life.

Twitter was soon split on doxxing and its ethical implications (see here, here and here).

But what is doxxing and why is it so bad?

What is Doxxing, Why is it Bad And How Do You Avoid It? 

  1. 1. What Exactly is Doxxing?

    Doxxing involves looking up the details of people’s lives, usually by digging through their social media profiles, publicly available data, government records and even comments across old and defunct message boards.

    While snippets of this information might be irrelevant individually, put together, they can cause real harm.

    For example, a deep Google search of a person can often yield social media profiles, email IDs, electoral roll listings (that holds address, phone number, father’s name etc), property listings, court case records, product and service reviews left by the user, mark-sheets, admit cards among countless other things.

    Too caught up to read? Listen to it instead:

    Expand
  2. 2. Purpose of Doxxing

    The purpose or intent of this exercise is usually to harass someone publicly, dig up dirt on a person to expose them to legal prosecution, to draw criticism towards that person, or, as in some cases, to cause them physical harm.

    Countless people’s lives have been ruined by doxxing – with viral campaigns dedicated to public shaming, considered to be the online equivalent of mob lynching.

    TAKING AWAY CONTROL

    As pointed out in this Conversation piece, “When someone connects these digital traces, and shares them with other people – often strangers, or even the wider public – they take away their target’s control over private data.”

    These people, the report adds, often seek to hold the person who is doxxed accountable for their actions, whether that’s perpetuating or opposing online hate, or failed romantic relationships.

    Expand
  3. 3. Doxxing Origins: Diluting Privacy

    With the advent of technology – and the pervasive invasion of social media – the concept of privacy has been reduced to a ‘necessary’ illusion.

    Necessary, for the information we yield consensually to the public domain – mostly to tech giants and data aggregators – affords us certain comforts and luxuries (home delivery of almost everything under the sun to endless media access, online jobs etc).

    For “data is the new oil,” as Mukesh Ambani, owner of Reliance Jio and the richest man in India, had put astutely.

    But the endless barrage of incoming data is not without peril. There is so much personal data available online that one’s digital footprint can betray more information than what we are willing or comfortable to part with.

    While we do sign off on trusting giant tech conglomerates with information about our location history, our preferences, our spending patterns and even our thoughts, the same information can be exploited by individual users as well.

    This is where doxxing comes in. A process of collecting and publishing of someone’s private information online, usually with the intent of inciting harassment in real life.

    While not technically illegal, it’s still considered to be harassment by most people.

    Expand
  4. 4. Some More Examples of Doxxing

    There have been several high-profile cases involving doxxing – of celebrities, politicians and journalists in the past.

    • The infamous hacktivist group Anonymous had, in 2015, successfully doxxed members of the Ku Klux Klan, publishing a list of hundreds of names of alleged members of the racist group, as per a Motherboard piece.
    • The US Presidential elections had also witnessed several attempts cutting across party lines, with both Donald Trump and Hillary Clinton supporters accusing each other of doxxing.
    • The 2014 GamerGate incident, that led to the online harassment of several female gamers and executives in the video game industry was also a doxx attack, as reported by Gawker.
    • A number of US celebrities have also been doxxed, including Lil Wayne, Miley Cyrus, Ashton Kutcher and Justin Bieber.
    Expand
  5. 5. Swatting, a Dangerous Byproduct of Doxxing

    Swatting – monikered after the US Police’s Special Weapons And Tactics (SWAT) teams – is an act of using the doxxed information to file a false police report – usually of an urgent or violent crime – that then leads to armed police barging into the victim’s home.

    Take the case of an Ohio teen who is facing 73 charges linked to 'swatting' calls across the US, as reported by CNN.

    The boy has been accused of calling the police on various occasions, with claims such as saying he had shot his wife, had an AR-15 rifle and was holding his son hostage at a home in New York, the report added.

    In another famous case, YouTuber Etika had live-streamed an alleged case of swatting, recording NYPD officers entering his home in full SWAT equipment.

    Expand
  6. 6. How Can You Protect Yourself?

    While there is no exact reason as to why one might find themselves at the receiving end of a doxx attack, there are certain practices that can help safeguard against the same.

    A large majority of doxx attacks involve people with a malicious intent collecting your personal information via social media sites.

    And while there are no perfect solutions for avoiding doxx attacks – short of erasing your digital footprint completely, or air-gapping all your technology off the internet – here is how you can make it harder to be targeted:

    Doxx Yourself: Use the Google search engine to go through all the information available online in your name. Focus on documents, forms and public records. After you have identified the scope and potential impact of a doxx attack, retrieve and delete information in your control. Failing this, sites like justdelete.me can aid in purging the redundant information.

    Password Check: Refresh all your passwords regularly and DO NOT use the same password across multiple platforms. Use a password manager service if remembering different passwords is a hassle – LastPass, KeePass etc.

    Review Privacy Settings on Social Media: The privacy settings on social media websites might not be on the most secure setting by default. You can improve the privacy rating of your account by reducing publicly available information and tweaking the ad preferences and app permissions. Also avoid posting addresses, personal phone numbers etc.

    VPN: You can obscure and thus secure your internet activity by investing in a VPN service.

    Enable OTP/Two-step Verification: While a bit of a hassle, logging into accounts using two-step OTP-based verification makes safeguarding your accounts much easier.

    Burner Email: Create a burner or junk email to use for all websites that require an email to sign up. Ensure that no relevant information – like bank account information, personal IDs etc – are registered on this email.

    Check If Your Email is Compromised: A quick search on Have I Been Pwned?’ website will tell you if your email has been compromised in a data leak.

    (At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)

    Expand

What Exactly is Doxxing?

Doxxing involves looking up the details of people’s lives, usually by digging through their social media profiles, publicly available data, government records and even comments across old and defunct message boards.

While snippets of this information might be irrelevant individually, put together, they can cause real harm.

For example, a deep Google search of a person can often yield social media profiles, email IDs, electoral roll listings (that holds address, phone number, father’s name etc), property listings, court case records, product and service reviews left by the user, mark-sheets, admit cards among countless other things.

Too caught up to read? Listen to it instead:

ADVERTISEMENT

Purpose of Doxxing

The purpose or intent of this exercise is usually to harass someone publicly, dig up dirt on a person to expose them to legal prosecution, to draw criticism towards that person, or, as in some cases, to cause them physical harm.

Countless people’s lives have been ruined by doxxing – with viral campaigns dedicated to public shaming, considered to be the online equivalent of mob lynching.

TAKING AWAY CONTROL

As pointed out in this Conversation piece, “When someone connects these digital traces, and shares them with other people – often strangers, or even the wider public – they take away their target’s control over private data.”

These people, the report adds, often seek to hold the person who is doxxed accountable for their actions, whether that’s perpetuating or opposing online hate, or failed romantic relationships.

Doxxing Origins: Diluting Privacy

With the advent of technology – and the pervasive invasion of social media – the concept of privacy has been reduced to a ‘necessary’ illusion.

Necessary, for the information we yield consensually to the public domain – mostly to tech giants and data aggregators – affords us certain comforts and luxuries (home delivery of almost everything under the sun to endless media access, online jobs etc).

For “data is the new oil,” as Mukesh Ambani, owner of Reliance Jio and the richest man in India, had put astutely.

But the endless barrage of incoming data is not without peril. There is so much personal data available online that one’s digital footprint can betray more information than what we are willing or comfortable to part with.

While we do sign off on trusting giant tech conglomerates with information about our location history, our preferences, our spending patterns and even our thoughts, the same information can be exploited by individual users as well.

This is where doxxing comes in. A process of collecting and publishing of someone’s private information online, usually with the intent of inciting harassment in real life.

While not technically illegal, it’s still considered to be harassment by most people.

ADVERTISEMENT

Some More Examples of Doxxing

There have been several high-profile cases involving doxxing – of celebrities, politicians and journalists in the past.

  • The infamous hacktivist group Anonymous had, in 2015, successfully doxxed members of the Ku Klux Klan, publishing a list of hundreds of names of alleged members of the racist group, as per a Motherboard piece.
  • The US Presidential elections had also witnessed several attempts cutting across party lines, with both Donald Trump and Hillary Clinton supporters accusing each other of doxxing.
  • The 2014 GamerGate incident, that led to the online harassment of several female gamers and executives in the video game industry was also a doxx attack, as reported by Gawker.
  • A number of US celebrities have also been doxxed, including Lil Wayne, Miley Cyrus, Ashton Kutcher and Justin Bieber.

Swatting, a Dangerous Byproduct of Doxxing

Swatting – monikered after the US Police’s Special Weapons And Tactics (SWAT) teams – is an act of using the doxxed information to file a false police report – usually of an urgent or violent crime – that then leads to armed police barging into the victim’s home.

Take the case of an Ohio teen who is facing 73 charges linked to 'swatting' calls across the US, as reported by CNN.

The boy has been accused of calling the police on various occasions, with claims such as saying he had shot his wife, had an AR-15 rifle and was holding his son hostage at a home in New York, the report added.

In another famous case, YouTuber Etika had live-streamed an alleged case of swatting, recording NYPD officers entering his home in full SWAT equipment.

ADVERTISEMENT

How Can You Protect Yourself?

While there is no exact reason as to why one might find themselves at the receiving end of a doxx attack, there are certain practices that can help safeguard against the same.

A large majority of doxx attacks involve people with a malicious intent collecting your personal information via social media sites.

And while there are no perfect solutions for avoiding doxx attacks – short of erasing your digital footprint completely, or air-gapping all your technology off the internet – here is how you can make it harder to be targeted:

Doxx Yourself: Use the Google search engine to go through all the information available online in your name. Focus on documents, forms and public records. After you have identified the scope and potential impact of a doxx attack, retrieve and delete information in your control. Failing this, sites like justdelete.me can aid in purging the redundant information.

Password Check: Refresh all your passwords regularly and DO NOT use the same password across multiple platforms. Use a password manager service if remembering different passwords is a hassle – LastPass, KeePass etc.

Review Privacy Settings on Social Media: The privacy settings on social media websites might not be on the most secure setting by default. You can improve the privacy rating of your account by reducing publicly available information and tweaking the ad preferences and app permissions. Also avoid posting addresses, personal phone numbers etc.

VPN: You can obscure and thus secure your internet activity by investing in a VPN service.

Enable OTP/Two-step Verification: While a bit of a hassle, logging into accounts using two-step OTP-based verification makes safeguarding your accounts much easier.

Burner Email: Create a burner or junk email to use for all websites that require an email to sign up. Ensure that no relevant information – like bank account information, personal IDs etc – are registered on this email.

Check If Your Email is Compromised: A quick search on Have I Been Pwned?’ website will tell you if your email has been compromised in a data leak.

(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)

Published: 
Speaking truth to power requires allies like you.
Become a Quint Insider
500
1800
5000

or more

PREMIUM

3 months
12 months
12 months
Check Insider Benefits
ADVERTISEMENT
Stay Updated

Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.

Join over 120,000 subscribers!
ADVERTISEMENT