All about doxxing: How it works and how to help prevent it 

It’s derived from the term “dropping docs (documents)” but what is doxxing exactly and how and why do people “dox” others? Join us in learning all about doxxing, what it could reveal about you, and why it can be so damaging to our personal and professional lives as well as extremely embarrassing. Above all, we reveal how to help protect yourself. Explore Avira Prime for powerful, premium online privacy and protection, including dark-web notifications.  

What is doxxing? 

What’s the official definition of doxxing—or is it doxing? You can use both spelling variations, although “doxxing” tends to be more common. It refers to a form of cyberbullying that uses sensitive information (like records or statements) to harass, humiliate, expose, or blackmail a victim when their data is released without their consent. Here’s a quick, three-word definition that puts it more succinctly: Doxxing is personal information exposure. Of course, this could also happen in the “real” (or physical) world, such as someone stealing a secret, hand-written letter, or printed paper but these days the internet has given cyberbullies a treasure trove of data to steal. It has also provided them with a much larger audience.  

Where did it all start? In the murky cyber-world of hackers in the 1990s, anonymity was sacred, and participants closely guarded their alias. During hacker feuds, rivals would sometimes leak information (like someone’s real, physical address) that revealed the true identity of a hacker. This became known as “dropping docs” (or “doxx” in 90’s internet slang). Ironically, this term for stripping away anonymity was coined by the hacker collective Anonymous.  

Who are “doxers” and what are their motives?  

Let’s start with you as a theoretical victim. How anonymous are you? Did you know that you can even dox yourself? It’s a great way to find out how much of your private information is on the internet, so you can filter it and remove anything you don’t want in the public eye! Start by Googling your name. Then take a close look at the information you’re sharing in your social media accounts, as well as who can access this. Can friends of friends view your Facebook profile?  

Most doxxing is intended to be harmful and involves exposing details about a third-party who never gave their consent. Popular targets for this type of cyberbullying are journalists, politicians, and activists, but it could be anyone who has upset somebody else. Doxer motives range from taking personal revenge to achieving political aims, like pressuring a political figure into taking certain action ahead of a key vote. For example, the “hacktivist” group, Anonymous, released names of suspected KKK members. Pro-democracy leaders in Hong Kong have been targeted by supporters of the Chinese Communist Party.  

Other doxers seek to expose criminals or simply humiliate an unfaithful spouse. In some cases, victims are even accused of a fictitious crime and police are sent to their home. Let’s explore what happens during doxxing, so you can recognize it, report it, and help keep yourself safer online.  

How does doxxing work? Take a look at these popular doxxing methods 

Remember the tale of Hansel and Gretel and their trail of breadcrumbs? Information and digital clues about people are usually scattered everywhere online and are sometimes referred to as “breadcrumbs”. Doxers act as patient pigeons, gathering up these data crumbs to build a digital picture of their victim. You’d be amazed how much information is publicly available online, including real-estate papers, government records, marriage licenses, voter registration logs, and even the personal data that people publish themselves on social media. Do you operate a business or even a website? Information like your name, email, telephone number, and physical address will all be logged, ready to be found.  

Doxers also find the following data nuggets about their targets useful: social security numbers, private correspondence, personal photos…and of course a criminal history or embarrassing personal details are gold-dust!  

In addition to doing their own research online, doxers can also employ data brokers who will mine for personal information. These commercial agents sift through online and offline sources—from internet search histories to customer loyalty cards—and build up a profile of the intended victim. Savvy doxers also buy and sell personal info on the dark web.  

Malicious actors (also called “bad actors”) are those who engage in online activity designed to cause harm. They’re adept at using various techniques such as spyware to track victims. They also send phishing emails that could trick you into revealing personal information such as log-in details. Social media accounts are a potential treasure trove of information, making social media stalking a popular doxer past time. Did you just accept a friend request from a stranger? Beware. You could be granting them access to a wealth of personal details, such as your friends, photos, location, workplace, hobbies, the places you have visited or “checked in”, the names of family members, and even the names of your pets! And hopefully you’re not using the name of your dog as a password, or you’ll be helping them break into your online accounts too… 

Beware of these other popular doxxing methods: 

Reverse mobile phone lookup services like Whitepages let you type in any telephone number to find out who owns that number. If you’re willing to pay a fee, sites like these can also unearth other personal details. So, if hackers find your mobile phone number, it can serve as a doorway to other information about you. 

Packet sniffing refers to applications that read data packets as they traverse the internet. Doxers use unsecured networks to install these packet sniffers so they can intercept your online data as they look for passwords, credit card numbers, bank account details, and other confidential information.  

Hacking is an option open to those with the patience and skills to obtain data that’s not available from public sources. Popular hacker tricks that aid doxxing include spreading viruses and malware, password cracking (where the attacker utilizes specialized software to find out the victim’s password) or launching brute-force attacks (the hacker uses trial and error to guess a password).  

Tracking usernames is another doxer technique and if you use the same username across a wide variety of sites, you can make it easier for them to gain access to your online accounts. They can then build up a picture of your interests and what you do online.  

Tracking IP addresses may lead doxers to discover your IP address and then unmask your physical location. They could then attempt to hack into the network or use social engineering to trick your internet service provider into revealing more information about you by, for example, filing complaints about the owner of that IP address.   

Running a WHOIS search on a domain name lets doxers learn who owns that domain name. Anyone who owns a domain name has their information stored in a registry that is often publicly available via a WHOIS search. Unless personal identifying information has been deliberately obscured, it’s available online for anyone looking.  

Live and learn: See these examples of doxxing in action 

Doxxing attacks range from the relatively harmless (such as signing someone up to online newsletters or having a hundred pizzas delivered to their address) to far more dangerous and sinister practices that aim to destroy personal and professional reputations and relationships. Here are some better-known examples of doxxing that hit the headlines.  

• Elon Musk: Several journalists allegedly used publicly available flight data to track Elon Musk’s private jet. Musk initially suspended their Twitter accounts and then imposed new conditions on all Twitter users prohibiting the sharing of anyone’s current location. When the rich and famous are doxxed, it’s called “celebrity doxxing” and Paris Hilton, Kim Kardashian, and Joe Biden are all rumored to have been victims.  

• Ashley Madison: The online dating site caters mainly to those interested in extra-marital affairs. A hacker group calling itself “The Impact Team” certainly made an impact when they released sensitive customer details, causing huge embarrassment and distress. 

• Cecil the Lion: A US dentist was accused of killing a lion in a protected game reserve in southern Africa. When his identifying information was released, he faced a huge social media backlash and even his business was boycotted by outraged animal rights activists. RIP Cecil. Sometimes doxxing is used for truly noble causes.   

• Boston Marathon bombing: In the aftermath of the 2013 Boston Marathon bombing, thousands of people gathered on social media site Reddit to try and identify the perpetrator. Several innocent people were accused of the crime and doxxed as a result. This is an example of “faulty doxxing” where well-meaning but misguided internet vigilantes wrongly link people to actions or situations.  

• Curt Schilling: The former major League baseball player investigated those who had posted sexually offensive comments about his daughter on Twitter. He then revealed their real identities online resulting in one bully being fired from their job and another being suspended from college. The remaining perpetrators posted apologies. This form of doxxing is commonly known as “revenge doxxing”. 

• Tyler Barris: This has possibly become the most famous example of “swatting doxxing”, which occurs when a person wrongly accuses someone of a crime and sends police (i.e., a SWAT team, hence the name “swatting”) to the victim’s address. According to NBC news, serial swatter Tyler Barriss called the police to say he was at home in Wichita, Kansas, where he had fatally shot his father and was holding the rest of the family hostage. Officers responded and ended up shooting Andrew Finch, an innocent man living at the address. Barris was sentenced to 20 years for causing Finch’s death.  

Do you think you’ve been doxxed? Act fast to help protect yourself! 

Firstly, try not to panic and take these steps to make sure you really have been doxxed. Then, if necessary, act quickly to help protect your privacy and personal information, as well as prevent any further damage.  

Start by reviewing your email accounts for suspicious or threatening messages as these are the most obvious sign that someone has already doxxed you or is planning to. Perhaps the message will attempt to blackmail you by threatening to release personal information unless you take certain action?  

Do a web search (with a search engine like Google) for your name, usernames, and any other identifying information you think may have been exposed. Does it appear in the top results or is it buried way down where people are unlikely to find it?  

Then head to your social media, including Facebook, Twitter, Instagram, and others. Scan your profiles and check for any posts or comments that reveal your personal information. While you’re there, check your privacy settings and see this blog for the top five Facebook privacy changes you should already have made.  

Take a close look at any online forums or communities you participate in. Has someone shared your name or confidential information or is anyone posting on your behalf?  

And was it really you who bought 50 dancing plastic pineapples on Amazon? Doxxing can also lead to identity theft so monitor your online accounts, particularly your bank and shopping accounts. Read up on how to spot if your Facebook has been hacked or whether someone has hacked into your email. It’s advisable to lock down all your online accounts by changing your passwords (and making sure they’re all strong and unique to that account) and enabling two-factor authentication. If your telephone number was released, you may want to change that too.  

Engage the help of third parties. Don’t be afraid to ask friends, family, and contacts to help by keeping a lookout for your personal information online or any suspicious social media activity that’s been posted on your behalf. If you have been doxxed, it can be an emotionally trying time, and support from those you trust can help you through it.  

Don’t take doxxing lightly! In case you want to call the doxer to account (more on this later), make sure you gather evidence by taking screenshots or downloading documents. And speaking of arming yourself for a potential legal battle, let’s dip a toe into the waters of legislation on the matter. Beware: They’re murky.  

Is doxxing illegal? As lawyers love to say: “That depends”  

There are currently no specific anti-doxxing laws in many jurisdictions, which victims may find frustrating. It still tends to be a vast grey area that’s dealt with on a case-by-case basis. While it’s not generally illegal to gather and publish information that’s publicly available there are crimes that doxers can be punished for, such as harassment, identity theft, stalking, blackmail, and intimidation. In other words, it’s what the doxer intends to do (or is doing) with your information that could land them in hot water.  

Even if you’re embarrassed by what’s been leaked, silence is not your friend. It’s important for doxxing victims to take action in order to limit the impact of the incident and help ensure that the perpetrator is punished (or at the very least discouraged from this type of cyber bullying). Anti-doxxing laws are toughening up. In the UK, doxing is considered a form of harassment and is therefore illegal—but it currently doesn’t constitute a specific criminal offence. Anyone who commits doxing can fall foul of a range of legislation (including the Protection from Harassment Act 1997 and Malicious Communications Act 1988. The Dutch Senate recently voted to make doxxing a crime and this was enshrined in law in early 2024. Ahead of the game, Hong Kong passed an anti-doxxing bill in 2021 and offenders face a fine of HK$100,000 (around $1.270) and imprisonment for two years! Doxxing laws in the US vary by state and Kentucky’s pioneering anti-doxxing bill became law in 2021.  

It’s always worth checking if the doxer has violated the terms of service of a website. If you notify the website, they may suspend the doxer’s account. Twitter, for example, prohibits posting private information about another person without their permission. Meta also adopted new doxxing policies in 2022, so users can no longer share (publicly available) private home addresses. It’s also working to make its Privacy Violation reporting option faster and easier.  

If doxxing involves serious threats, harassment, or illegal activities, contact your local law enforcement agency, and file a report. They can then help you take appropriate action, and the perpetrator could be banned or prosecuted. Remember to collect all that documentary evidence that we mentioned earlier (and consult an attorney for legal guidance)!  

Does doxxing affect more women than men?  

In theory anyone can be doxxed but in reality, many experts believe that women are more likely to be targets of this type of cyberbullying and harassment. A 2020 report by The Economist Intelligence Unit (EIU), surveyed 51 countries and concluded that online intimidation of women is depressingly common. 45% of Generation Z and Millennial women reported being affected while 85% of surveyed women of all ages reported witnessing online violence against other women. This figure leapt to an alarming 90% among women in Africa, Latin America and the Caribbean, and the Middle East.  

Tragically, cyberviolence hampers gender equality and violates women’s rights. The Council of Europe is working to target this widespread problem and encourages states to address cyberviolence as they would any other form of violence against women—with perpetrators being investigated and prosecuted.  

Help prevent doxxing with your own anti-doxxing prep plan! 

Prevention is always better than the cure. It’s vital to review your online presence for possible security vulnerabilities and try to maintain a low online profile. It might be tempting to be an Insta King/Queen but be mindful of what personal details you’re sharing and who can see them. Here are some top tips for crafting a less identifiable digital you:  

• Use a pseudonym on online forums and stay away from putting personally identifying information in your username handle. If you’re creating a new account, choose a new username for every online service.  

• Avoid signing into sites using a third-party option. You’ll probably be familiar with the apps that offer to “help” by letting you log in via Facebook, Google, or LinkedIn. If you make it a habit to use one online account to log into multiple services, you’ll make hackers’ lives easier too. They can then gain access to all the sites you’ve linked to using just one set of credentials. Plus, they can track you online and more easily create a comprehensive profile of you. 

• Use strong, unique passwords. As discussed earlier, passwords are a first line of defense, so change them if you suspect misuse of your account—and if you’re still using a pet’s name as a password, stop! A strong password contains numbers, symbols, and both uppercase and lowercase letters. Avira Password Manager helps generate and securely store your passwords, so you need to remember just one master password. The Pro version can even notify you if your email addresses and passwords have been leaked in a data breach. 

• Use two- or multi-factor identification because even a password might not be enough now hackers have become so good at cracking them. Multi-factor authentication (MFA) means that you use more than one method to verify your identity, like an SMS confirmation or a code created in an authentication app. That makes life much harder for cybercriminals trying to access an online account.  

• Know what your privacy options are and tweak your privacy settings on social media. Remember never to post sensitive information or images that could contain this, like bank documents, credit cards, social security cards, etc. If you want to stop strangers from viewing your social media posts, consider locking your account. Remember that if you’re over 18 (or over 16 in some countries), Instagram makes your account public by default. If someone is making you feel uncomfortable, block them! And it’s never a bad idea to remove location access for more privacy. Plus, whenever you install an update, do a quick scan of the privacy settings.  

• Double-check app permissions. Does that new game on your mobile phone really need access to your contacts and photos? Probably not, but many apps request access to information that shouldn’t concern them at all, like your GPS location and social media profiles.  

• Beware of online quizzes. They seem fun but can harvest alarming amounts of personal data. Your first car and mother’s maiden name? Some quiz questions can even serve as security questions for your passwords! And many online quizzes, tests, or surveys require that you share your email address to see your results. You’re too smart for that… 

• Shield your IP address with a virtual private network (VPN) like Avira Phantom VPN, which helps encrypt your internet traffic by routing it via a virtual tunnel. This may stop those trying to see your online activities and helps keep your IP address hidden. With a VPN, anyone trying to see your IP address can only view the address of the proxy server you’re using. You can also choose your virtual location to further boost your anonymity. Is Iceland nice this time of year?  

• Remove your information online by contacting data collection sites or any company that may hold information about you, including your on- and offline buying behavior, browsing history, as well as your medical and financial histories. Visit the data broker website and find the opt-out page. This will usually be at the bottom of the page as a “remove my information” or “opt-out” link. Fill out the opt-out forms or follow the instructions you find there. In many countries, including the UK, you have a right to have your data deleted—also known as the “right to erasure” or the “right to be forgotten”. This requires that an organisation that no longer needs your data for the original reason they collected it for, must delete this information if asked. Even if you initially consented to a company using your data, you can withdraw your consent. 

• Set up Google Alerts to monitor for specific search terms online, like your name, address, phone number, email, etc. Google will then send you an email if your personal information appears. This is a free service for Google subscribers.  

As a final thought: Imagine that someone is trying to dox you and ask yourself: “What will they find?”. Make sure you know what information about you is out there and lock yourself down so it’s harder to access. And be aware of public records, like your tax documents. Also consider digital tools and services from reputable online security providers that can help keep your devices, data, and identity safer from malicious actors, online threats, and anyone trying to track you.  

Help protect your personal data and digital identity with Avira Prime  

Cybercriminals, and anyone trying to track you, can be relentless and are becoming increasingly sophisticated at laying their hands on your vital data. A multi-layered approach that blends online privacy and protection may be more effective.  

 Avira Prime offers a single, convenient solution to those trying to stay safer and more private online. Whether you like online shopping, banking, or just browsing, you can feel more secure with your day-to-day online activities—and rest assured that online threats (and prying eyes) are less likely to sneak onto your system. It includes Antivirus Pro, Software Updater, and more—plus the Password Manager and VPN mentioned earlier.  

Crucially, Avira Prime also comes with Dark Web Monitoring, which scans the web (and dark web) to see if your email address has been compromised. You’ll be notified if your email address is found on the dark web. 

Run a Smart Scan to quickly help seek out (and then help fix) any privacy issues, malware, and apps that need security updates. And if it’s a leaner, faster machine you’re after, the included performance tools will help declutter and can speed up your device.