What Is Doxing and How to Prevent It


Doxing (sometimes written as doxxing or d0xing) is derived from an older internet term “dropping dox,” which refers to dropping documents about a person online. That is, putting all the little pieces of available information together, then publishing the information online without consent as a revenge tactic.

To get information, those carrying out this harmful practice run the gamut from a simple Google search through to advanced hacking techniques.

Doxing is carried out to turn data into a weapon and ultimately, cause harm.

The types of doxing

  • Deanonymizing doxing — Doxers compile personal information that establishes the identity of an individual who was remaining anonymous and then release that information.
  • Targeting doxing — Doxers find and release personal details that reveal specific aspects of a person’s circumstances that were previously kept private, were obscure, or obfuscated.
  • Delegitimizing doxing — Doxers find and then reveal intimate personal information that could damage an individual’s personal or professional credibility.
  • Personal information doxing: Publishing someone’s personal details, such as their name, address, phone number, and email.
  • Financial doxing: Releasing someone’s financial information, such as bank account numbers or credit card details.
  • Medical doxing: Sharing someone’s medical history or sensitive medical information.
  • Employment doxing: Disclosing someone’s employment status, such as their current job or salary.
  • Online doxing: Publishing someone’s online presence, such as their social media profiles, usernames, and IP addresses.
  • Technical doxing: Releasing someone’s technical information, such as their computer’s IP address or operating system.

Notable examples of doxing

It’s important to note that not only public figures face doxing, anyone can be affected. But as doxing that involves notable people is more likely to hit the news, we hear more about these cases.

One interesting example that muddies the doxing waters somewhat comes from 2014 when Leah McGrath Goodman, a Newsweek reporter set out to discover the true identity of the Bitcoin creator, and then publish that information online. It was an epic scoop for the paper, which had recently returned to print. But the article drew criticism from many because of the sleuthing tactics used and the question of whether “outing” someone is ever ethically sound practice.

Other examples involve the publication of a group of abortion doctors’ personal phone numbers and home addresses, alongside a call to action; a witchhunt of the cruelest sort involving a well-known female gamer; and major league baseball player Curt Shilling using doxing for vigilante justice. As you can see, doxing can happen to anyone, for any reason.

Here are some more examples of doxing:

  1. Posting personal information: Publishing someone’s personal information, such as their full name, home address, phone number, and email address, online with the intent to harm or harass them.
  2. Releasing confidential information: Releasing sensitive or confidential information, such as medical records, financial information, or private communications, without the person’s consent.
  3. Online harassment: Using personal information to engage in online harassment, such as sending threatening messages, making false accusations, or spreading false information about the person.
  4. Targeting public figures: Doxing public figures, such as politicians, celebrities, or journalists, by releasing their personal information or confidential documents in an attempt to damage their reputation.
  5. Cyberstalking: Using personal information to stalk or harass someone online, such as tracking their movements, monitoring their social media accounts, or threatening their safety.
  6. Hacktivism: Using personal information to target individuals or organizations for political or ideological reasons, such as releasing confidential information or defacing websites.

These are just a few examples of how doxing can be used to harm or harass individuals. It’s important to remember that doxing is illegal and can have serious consequences for the victims and the perpetrators.

How to protect yourself from doxing

Cybersecurity involves protecting computers, networks, and electronic devices from unauthorized access, theft, and damage. Taking measures to secure your personal information and devices is an important aspect of protecting yourself from doxing.

Limit the amount of information about you online

Firstly, limit the information you share as much as possible, even your “anonymous” Reddit account is far less anonymous than you imagine.

To remove what is out there in the digital ether, contact sites such as peoplefinder and whitepages and ask them to delete all the data they have.

Use a VPN

Using a VPN means anonymizing your IP address and any online activity, making it difficult if not impossible for prying eyes to detect your actions. Of course, any posts or comments you make under your real name are still visible though.

Tighten your digital defenses

Follow good digital hygiene practices when it comes to passwords and accounts. Restrict the metadata in digital files you share. Remove your data from the Google Maps Timeline. Frequently delete your browsing history.

Don’t register for new apps or services via your Google or Facebook account — and consider ditching both companies in favor of more secure providers!

Use privacy settings:

Use privacy settings on social media and other online platforms to control what information is shared with others. Here’s how you can use privacy settings to limit the amount of personal information that is shared:

  1. Social media privacy: On social media platforms like Facebook, Twitter, and Instagram, you can control who can see your posts and personal information by adjusting your privacy settings. You can limit access to your profile to only your friends, or you can make your profile private so that only approved followers can see your content.
  2. Location sharing: Many apps and websites have options to turn off location sharing, which can help prevent doxing. Make sure to review the privacy settings on your smartphone, social media apps, and other location-based services to determine what information is being shared.
  3. Web browser privacy: Your web browser also has privacy settings that you can adjust. For example, you can block third-party cookies, disable tracking, and turn off location services.
  4. Email privacy: When creating an email account, make sure to choose a strong, unique password and enable two-factor authentication if it’s available. Be careful about what personal information you include in your email signature and avoid sending sensitive information via email.

Be mindful of online activity:

Be mindful of the information you share online, such as your opinions, affiliations, and location, as it can be used to target you for doxing.

  1. Watch what you post: Be careful about what you post online, especially sensitive information such as your address, phone number, financial information, and opinions that could make you a target for doxing.
  2. Know your audience: Consider who will see what you post, and think about the potential consequences of sharing certain information.
  3. Be mindful of your location: Avoid sharing your real-time location, especially if it’s your home address, as it could make you a target for doxing.
  4. Be cautious with personal information: Be cautious about sharing personal information, even if it seems harmless, as it can be used to piece together a complete profile of you and make you vulnerable to doxing.
  5. Consider privacy policies: When signing up for new websites or services, be mindful of the privacy policies and what information is being collected and shared.
  6. Be aware of online scams: Be aware of online scams and phishing attempts, which can trick you into revealing sensitive information that can be used for doxing.
  7. Monitor your online presence: Regularly monitor your online presence and search for your name and personal information to see what is being shared and who has access to it.

Be cautious of clicking links

Being cautious of clicking links is an important step in protecting yourself from doxing and online scams. Here’s why it’s important to be cautious of clicking links:

  1. Phishing scams: Phishing scams are designed to trick you into revealing personal information, such as your passwords or financial information. Scammers often send emails or messages with links that appear to be from a trusted source, but actually lead to a fake website designed to steal your information.
  2. Malicious links: Malicious links can install malware or viruses on your computer or device, which can give hackers access to your personal information and compromise your security.
  3. Spoofed domains: Scammers can create fake websites with similar domains to legitimate sites in an attempt to trick you into entering personal information or downloading malware.
  4. Fake offers: Be cautious of clicking links for fake offers, such as free gifts or discounts, as they can lead to scams or phishing attempts.

To protect yourself from these types of scams, it’s important to be cautious of clicking links, especially if they are from unfamiliar or suspicious sources.

In conclusion, doxing is the act of collecting and publishing personal information about an individual with the intent to harm or harass them. Doxing is illegal and can have serious consequences for both the victim and the perpetrator. To protect yourself from doxing, it’s important to be mindful of your online activity, use privacy settings, be cautious of clicking links, and monitor your online presence. Additionally, be careful about what you post online, especially sensitive information, and be aware of online scams and phishing attempts. By taking these steps, you can reduce your risk of being targeted for doxing and protect your personal information.