Doxxed!

On By John GrubbIn Security, Training
Laptop on table, on green blackboard background

Today on Twitter, someone who has been helping others (financially and in other ways) revealed that his wife was very upset because they had been doxxed. I thought it might be a good idea to explain that term.

“Doxxed” or just “dox” is a play on the word “document.” When someone is doxxed online, it means that another person has revealed personal documents for all to read. Example: a hacker breaks into your computer, finds your tax return from last year, steals a copy and then posts the return online. Even though your tax return might be totally on the up-and-up, it’s unlikely that you really want it posted for everyone to peruse.

When someone is doxxed, it is usually done out of spite. The person posting the private records either doesn’t like the person or has some vendetta against them. Occasionally, the doxxing might be done simply to show the skill of the hacker.

Would it be possible for someone to dox you? The short answer: yes! There is so much information about you online – more than you realize. Although your information is usually spread over multiple websites, if someone has the desire to do so, they might be able to gather all that information, put it all together and display you in a negative way. Just look at the news lately. People are having to apologize for old comments on Social Media posts that were made years ago. All because someone found the comments and posted them.

Is doxxing limited to hackers? Not really. Granted, I have no real proof of this but there have been rumors that some news organizations have doxxed people who made negative website comments on one of the organization’s news stories.

Now, we’re down to two questions: 1) can you protect yourself from being doxxed? and, 2) should you worry about being doxxed?

Let me respond to the second question first. The short answer: no! The longer answer: computing devices and the Internet – these are powerful tools and we can use them in positive, awesome ways. If you owned a convenience story and you had candy near the front door, would you close your store and quit the business if you realized that tons of candy was being stolen as people walked out of your store? Of course not! You would simply move the candy counter near the cash register where you could keep an eye on it! It’s the same thing with the Internet. Of course there are evil people who misuse computers, Social Media and the Net. But, rather than pulling the plug on your machine, you can learn to do the things you need to do to be safe online.

As for the first question, there are some things you can do to protect yourself from being doxxed. Here’s a partial list:

  • Use different pseudo names on different websites. This would be where a website asks you to create a log-in User Name that is not your real name nor your email address.
  • Use a different password for each site that requires one.
  • Keep as much personal information offline as possible.
  • Keep anti-virus and anti-malware current.
  • Think before you post on Social Media. Never post out of anger or frustration. Wait until your blood pressure is back to normal.
  • Don’t fool yourself into thinking that there’s nothing on your computer or in your email that anyone would want.
  • If your computer is in an area where it might be accessed by others, use a password and keep your computer locked when you’re not using it.
  • Don’t allow anyone to remotely access your computer unless you are positive you can trust them. An example of someone you can trust would be Keystone Computer Concepts. An example of someone you should not trust would be the person who calls and says they are from “Windows” or “Microsoft” and there’s a problem with your computer.
  • Don’t store your passwords on your computer as a text file.