What does doxing mean?

17 July 2018

Doxing is the act of amassing information on an individual or company, which can then be used to cause harm, such as to harass, blackmail or carry out phishing attacks.

By using various social media sites, online discussion groups, search engines and other public sources, it is possible to compile a detailed profile of a person, including name, age, email, address and telephone number etc. Social networking sites, such as Facebook and LinkedIn, are a virtual goldmine of information, while weak profile privacy settings can allow third parties to access a wide range of personal information, such as photographs or information on employment, relationships, pastimes, education and medical history.

A 2017 study from the University of Illinois at Chicago and the NYU Tandon School of Engineering found that more than 90% of dox-files include the victim’s address, 61% included a phone number and 53% included an email address. The analysis of 1.7 million files held by Doxing sites also found that 40% of victims’ online user names and IP addresses were made public, and the same percentage revealed a victim’s IP address, while 4% included credit card numbers and 9% revealed financial data.

Doxing has become big business and there are now doxing-as-a-service tools available on the internet. One website on the dark web will compile a profile of an individual for a fee of USD 150, as well as store the data and facilitate ransom payments to have it removed. There are also doxing tools available that automate the harvesting of personal data from public sites and social media for social engineering.

Why does it matter?

Doxing in itself is not a crime, unless it is used to cause intentional damage, such as harassment, or to carry out fraud or identify theft.

One recent doxing incident landed US university professor John McAdams and his employer in court. In McAdams v. Marquette, the court heard that McAdams was dismissed after he published the personal and contact details of a graduate student in a blog on freedom of speech. The graduate student then received threatening messages, leading her to withdraw from the university.

The McAdams case highlighted the growing problem of online harassment and bullying, but doxing is also now widely used by pressure groups to expose people online. Criticism of the US immigration policy - specifically the separation of family members at the US-Mexico border – recently led to the public posting of the LinkedIn profiles of agents of the US Immigration and Customs Enforcement department.

In addition to the privacy and data protection issues, information obtained by doxing is also used by cyber criminals to carry out cyber attacks and online fraud. For example, it is often used by criminals for social engineering, such as in phishing scams or to blackmail employees to give up passwords.

Download Cyber Decoder Newsletter

For further information, please contact Sarah Stephens, Head of Cyber, Content and New Technology Risks on cyber@jltgroup.com.