Doxing (dox being slang for “docs,” or “documents”) is the process of collecting and publishing an individual’s personal data, often as an act of revenge. Someone who engages in doxing is called a doxer.
The term emerged in the 1990s in the hacker subculture. Initially, it was used for the process of deanonymizing a user but later obtained a broader meaning.
How doxers collect data
Doxers can obtain their victims’ data in various ways, including:
- Using open-source intelligence (OSINT). The information they are after is often publicly accessible online. For example, you can browse a user’s profiles and posts on social media and forums by entering their nickname in a search engine. Such resources may also contain other bits of personal information such as name and date of birth.
- Doxers can trick users into giving up their credentials to different accounts to access the information they cannot find in open sources, such as private correspondence.
- Social engineering. Criminals can try to persuade their victims to disclose their personal data voluntarily. They may also trick other individuals or businesses into revealing a user’s data. Knowing the victim’s IP address, for example, a doxer might try to find out their residential address from their Internet provider.
- Purchasing it. Dark web actors sell both ready-to-publish user dossiers and passwords to various accounts. Doxers can also buy relevant information from a data broker – a company specializing in user data collection and trading.
Why is doxing dangerous?
Doxers typically accompany published personal data with a call to action, such as riling up others to send the individual insulting messages. Such publications often incite bullying and sometimes even result in threats to the victim’s physical safety.
The United States has also seen the spread of a practice called swatting (from SWAT – Special Weapons Assault Team), whereby a doxer calls police and reports a hostage situation or a bomb threat to draw an assault team to a victim’s address.
Doxware: Software for doxing
Doxers may use the threat of publication to blackmail victims. The class of malware they use for data theft and subsequent extortion is called doxware.
Legality of doxing
Some countries have laws against doxing. Elsewhere, legal decisions about doxing rest on whether a specific incident includes evidence of other illegal acts.