This content is viewable by Everyone
News
Protect Yourself from "Doxxing"
-
Author: Esther Silver
- Date:
Reprinted with minor edits and permission from UC Berkeley Office of Ethics article “Protecting yourself from “Doxxing”
What is Doxxing?
Doxxing refers to the collection of a user’s private information, across multiple platforms (including social media) by an unauthorized individual, who then publishes the information in an attempt to shame or embarrass the user. Doxxing may be conducted by researching public databases, hacking, or through social engineering. The term "doxxing" is derived from the phrase "dropping dox (documents)".
Doxxing often involves hackers attempting to embarrass or shame individuals by publishing confidential information, images or videos obtained from their personal accounts. Initially, doxxing was used by hackers to "out" the identities of fellow bad actors/hackers. However, more recently, it has been used to attack users with opposing viewpoints.
How can I protect myself from doxxing?
- Adjust your social media settings:
- Ensure that your profiles, usernames/handles are kept private
- Remove any addresses, places of work, and specific locations from your accounts
- Set your posts to “friends only"
- Avoid discussing personal information that could be used against you, as well as anything that can identify your address, workplace or contact information
- Use a Virtual Private Network (VPN)
- If you must use public wi-fi, turn off the public network sharing functionality on your device
- Use strong passwords
- Vary usernames and passwords across platforms
- Hide domain registration information from WHOIS (a database of all registered domain names on the web)
Guidance for UCSF reporting of doxxing-related privacy incidents:
If you believe that a doxxing incident is the result of an unauthorized use or breach of UCSF data, please notify the UCSF privacy office at [email protected]. If the doxxing results in the publication of your home address and the doxxer or others have threatened you with harm, please notify the local law enforcement.
Additional links that provide guidance on doxxing prevention:
- Heimdal Security: What is Doxxing and How to Avoid It (link is external)
- Malwarebytes Labs: How to protect yourself from doxing (link is external)
- Wired: What to do if you are doxed (link is external)
- Medium.com: I’ve been doxed: What to do in the first 24 hours (link is external)
- Security Today: How Do I Avoid Getting Doxxed? (link is external)
- UCSF: See Something, Say Something: You are the First Line of Defense
- Digital Defense Fund Online Harassment and Doxxing Response Slide Deck (link is external)
- TrollBusters Online Infographic for analyzing and responding to online harassment (link is external)
- Owning Team: IT Security
-
Team Lead: Patrick Phelan