How can it be dangerous to reveal personal information on the Internet? Politicians and celebrities are experiencing it more and more for themselves. Criminals, online bullies, and others with defamatory intent collect and publish the victim's most intimate information, thereby causing substantial damage. Criminals are said to "dox" their victims. What does this mean and why do criminals do it?
What is doxing? Definition and explanation of cyber attacks
When a cybercriminal wants to doxing his victims, he searches for their personal data through various Internet sources and publishes them on the Internet. This can cause considerable damage to victims. Hostilities can become physical attacks.
Many cyber attacks are carried out by so-called hackers. They write viruses, exploit security holes, and carry out software-based attacks. In these cases, the criminals are specialists with computer and programming knowledge at the highest level. However, in most cases, doxing perpetrators do not require specific knowledge. His tools are perseverance, motivation, and desire to commit crimes.
Doxing attacks always take place in two stages: data collection and publication. In the first step, the attackers collect all available information from the victim. This encompasses private addresses, including email addresses, phone numbers, the names of family members, social media accounts, private photos, and sometimes bank details. Data is as diverse as the places from which it is obtained.
Social networks: People post a lot of photos and also very personal information on social networks, where they are visible to the whole world.
Web pages: The imprint of a website or blog contains specific information about people and companies.
Addresses and telephone directories: Databases with addresses and telephone numbers can also be found online.
Hacked databases: In this mode, attackers hack into the cloud or protected databases and obtain sensitive information from them. This data can then be put up for sale on the darknet, where it is acquired by doxing attackers.
Social Engineering: Attackers pose as trusted individuals on the Internet and manipulate victims and their families into voluntarily providing information.
Many doxing attacks take place exclusively with freely available information. By associating the data and the context in which the posting takes place, information about the victim is revealed that can be used for bias.
In the second step, the collected information is disseminated so that it reaches as many people as possible. To this end, the attackers create fake social media accounts and post the documents on anonymous platforms. Their goal is that as many people as possible to have access to this information and disseminate it to increase the damage. Often the post is associated with threats that are also visible to other users and may also go outside the realm of the Internet.
Why have I been doxed? Motives, victims, and consequences
Doxing is rarely for the purpose of blackmail, the attackers are often not looking for money. The information collected is usually not explosive enough for this. In most cases, the attackers only want to harm the victims. The main motives are therefore, in most cases, revenge, extrajudicial justice, or harm to political opponents. For this reason, the victims are often politicians, journalists, or prominent personalities who have expressed themselves politically. Doxing is also used as a weapon in personal conflicts. In these cases it is above all about breaking the anonymity of the opponent.
In these cases, the main motivation is hate: the perpetrators do not want to get rich, but simply to harm the victim. The publication of the data puts pressure on the victims. It conveys to them the message that the person is in the crosshairs of the opponents and that they too are willing to use illegal means. It is also done to incite other like-minded people to take things further, from threatening letters and swatting (false police reports against the victim) to actual acts of violence. The goal is to intimidate victims to the point that they are afraid to appear in public.
Doxing perpetrators often try to gain recognition in the scene they are moving through. It's not uncommon for attackers to brag about their deeds, behind a pseudonym, of course.
Examples of doxing
In December 2018, one of the most notorious doxing attacks in Europe took place in Germany. A Twitter user published data on politicians, journalists, presenters, YouTubers, musicians, and actors. In some of the cases, the information released was relatively innocuous or out of date, but in many of them, private email addresses and phone numbers, home addresses, and even bank details were released. The attack also included private conversations, for example, Facebook Messenger chats. The alleged perpetrator was caught, among other things, because he bragged on the Internet about having committed the crimes.
Even activists from the Anonymous collective acknowledge having used this practice against political opponents in the past. Motivations include self-righteousness, public humiliation, and intimidation.
What steps can be taken to protect yourself from doxing?
In principle, all Internet users are vulnerable to a doxing attack. Particularly vulnerable to this are people who are involved in political activity on the Internet or who express themselves politically in blogs, videos, or social media posts. In the course of an online bullying campaign, attackers may also resort to doxing.
As some of criminals choose victims randomly, all Internet users are susceptible to these attacks, so it is important to present only essential information about yourself and follow the principles of the so-called data economy. If attackers don't find any personal data, they are unlikely to attack.