The term, “doxing,” derives from the word “Documents” (“Docs”). Doxing (also doxxing) refers to the targeted collection of information about people using the Internet. In doing so, personal, often confidential, data is researched with the aim of publishing it and thereby exposing the person or harming them for other purposes.

From openly naming anonymous activists to credit card details, celebrity addresses or sexual preferences, a wide variety of data is of interest to doxing.

What does the term “doxing” mean in detail?

The perpetrators use legal and illegal methods to acquire information, such as research on social media, but also the hacking of online accounts or databases.

The motives for doxing can be very different:

1. Blackmail

In some cases, a doxing attack is preceded by a blackmail attempt. The victim is told to pay a certain sum or take certain actions so that embarrassing details from his private life or secret company data are not published. If the person does not respond to the demands of the blackmailers, the data will be published as a consequence.

2. Political and social influence

Sometimes an individual or a group of activists gather information to denounce, intimidate or unmask a common enemy if he or she is known by a pseudonym. For those persecuted in their country for their political, religious or sexual convictions, revealing their true identity or address can be life-threatening. But doxing is also extremely unpleasant for public figures.

3. Bullying

Another motivation for doxing is the pleasure of exposing others. This can result from a supposed need for revenge or other personal reasons. It is reported that doxing is even partly carried out as a kind of competition: the more famous the compromised person, the more
respected the offender.

Where might I encounter the topic of doxing in everyday work?

In your daily work, doxing will rarely (hopefully) confront you. It is theoretically possible, however:

  • Where an unethical competitor uses doxing to harm your business.
  • Where a former employee feels unfairly treated by you as an ex-employer and tries to take revenge by doxing.
  • When your company is exposed to doxing in connection with a prominent customer

What can I do to protect myself from doxing?

As a general rule: Protect yourself as far as possible against the data collection strategies of doxing operators. Among other things, the following measures are recommended:

  • Be aware of all the information you share on the Internet. This also applies to forums and other social media.
  • Use the most restrictive privacy settings in social media
  • Sensitize your environment to the importance that seemingly unimportant personal information can be when it‘s purposefully collected. Spouses, friends and acquaintances are considered potential data sources in doxing.
  • Make sure that you’re aware that unfamiliar online conversation partners may be fictional personalities with whom Social Engineering is being carried out. Think very carefully about what information you reveal.
  • Protect your private data and your company‘s data against unauthorized access, such as by hacking, phishing or Trojans.

Interesting background information

Further explanations and instructions for action by the Police of Lower Saxony on the doxing topic

Related article

  • Data Backup

    Is an alternative term for “backup” and refers to the process of creating backup copies of existing data. -> for more information, see the “Backup” keyword.

    mehr lesen
  • Cyber Risk

    Cyber risk is the possibility that something could happen to the information or IT assets stored in your organization that would hurt your business significantly.

    mehr lesen

Are you curious?

Test us for 30 days free of charge and without obligation.

We empower your employees to actively contribute to your company’s cybersecurity.

See for yourself how easily and quickly Perseus can be integrated into your corporate structure.

Test now for free

Do you have any questions about our services?

Do not hesitate to call: + 49 30 95 999 8080

  • Free trial period
  • Without obligation
  • Video training for cyber security and data protection with exam and certificate
  • Try our phishing simulation
  • IT security check, malware scanner, data security check and more
  • Ends automatically after 30 days