What Is Doxing?
CREDIT: Shutterstock: Minerva Studio
Doxing, a derivation of the phrase "document tracing," is the act of scouring the Internet for an individual's personal data, usually for a malicious purpose.
While many people may use the Internet to learn more about someone they met at a party, for example, doxing has become more akin to social protest, using publicly available information to identify individuals with the goal of publicly sharing or exposing their personal details.
Example of doxing
Doxing is a common strategy used by hacking groups such as Anonymous and its spinoffs LulzSec and AntiSec.
One such example of Anonymous' work dates back to December 2011, when the group targeted several law-enforcement agencies that had been scrutinizing hacking activities.
The end result of this doxing attack resulted in hackers infiltrating secured databases and exposing the information of 7,000 law-enforcement personnel, which included names, addresses, Social Security numbers, email addresses and passwords.
While Anonymous did not specifically do anything else with the information beyond sharing it with the public, this act potentially opened the floodgates for Internet cutthroats to commit fraud, email theft and more against each of the names exposed. [Related: Bill Gates Joins Ranks of 'Doxed' Notables]
The more personally identifiable information you share on the Internet, the more at risk you are of doxing. All it takes to begin doxing is a person's email address, which can then be used to find other information throughout the Internet, such as your name, phone number or even your Social Security number.
Considering how long many individuals have used the Internet and the number of websites visited and registered for in the past, it's quite impossible to remove or hide one's digital footprint entirely.
Moving forward, making changes to the sources you have access to immediately can help prevent many instances of doxing.
Several pieces of information commonly targeted include:
- First and last name
- Birth date
- Email address
- Social networking profile
While your employer's IT department is ultimately responsible for the security and safety of your personal information internally, external websites are purely under your control.
When information is optional, such as a birthday on Facebook, don’t share it. You may like getting birthday well-wishing, but such information can put hackers one step closer to exposing your personal life or committing identity theft.