doxing

The No-Panic Doxing Response

Drive-thru:

  • Doxing is the public release of personal information for the purpose of intimidation.
  • Respond to doxing by documenting the occurrence, evaluating the threat, and requesting a takedown.
  • Create a doxing preparedness plan to mitigate future threats.

Doxing is the public release of personal (or private business-related) information for the purpose of intimidation. As with many things, the Internet has made it easy for bad actors to find your information online and publish it to the world, often encouraging others to use it to harass and threaten you and your family.

What can you do if it is happening to you?

Doxing Is Not an Innocent Event

Doxing is part of the toolbox of cyberbullies, trolls, and anyone else who has decided they don’t agree with what you say AND believes that you should be punished for it. High profile individuals have been doxed for malicious purposes, but anyone—or any business—can be a victim. The perpetrator often justifies the action by denying any wrongdoing or responsibility for the consequences of making your information public.

As a business owner, you can become a target of a dissatisfied customer or an entire group disagreeing with how you do business or with the customers you serve. They may decide to broadcast information you wouldn’t want made public in order to threaten you into obeisance.

Documentation is one of your most effective tools to fight doxing.

Evaluate the Threat

Once you are aware of the dox, establish whether it contains information that could be used to create credible threats. The threats can vary from further online harassment and intrusion to phone calls and physical threats against you or your family. The doxer may report your location to the local emergency services to create disruption.

Home address and financial information are a top priority when evaluating a doxing event. A credible threat need only inspire fear for your safety. Involve law enforcement if the threats appear credible.

If you feel that you are under immediate threat, create documentation of the “doxing event” and call your local emergency number to report it. Most doxing does not lead to personal danger, but it’s better to be safe (and maybe even feel a little foolish) than sorry.

Document (the Heck Out of) the Dox

Documentation is one of your most effective tools to fight any wrong-doing, and doxing is no exception. Don’t wait to record any information that upholds a complaint of harassment or threatening behavior. If you need legal or police involvement, the documentation will make a stronger case.

  • Take screenshots of tweets, emails, or social media posts containing the threatening comments.
  • Download the webpage (or take a screenshot) where your personal information has been shared.
  • Include timestamps and URLs in the documentation to show when the doxing began and its frequency.

There is a saying that goes, “If it isn’t documented, it didn’t happen.” Police and attorneys will need evidence. Give it to them.

Remove the Dox

Social media and certain websites have been improving their ability to respond to reports of online harassment or requests for removal of private information. Twitter has made doxing a violation of their terms of service; accounts where doxing originates can be reported and the posts removed. The same is true of most other web platforms.

Social media sites have been improving their ability to respond to reports of online harassment or requests for removal of private information. Click To Tweet

Beyond post removal, accounts may be suspended. However, both solutions are like closing the barn door after the horses have escaped. Your information is now in the wild, and the doxer may move to another platform or encourage others to dox you.

Harden Your Information Sources

Hardening your information means making it as difficult as possible for others to access it.

  • Create long, strong passwords of more than six characters.
  • Never store your passwords in a plain text file anywhere.
  • Consider using a “passphrase” instead of a password—a string of unrelated words is difficult to decipher yet much easier for you to remember.
  • Take advantage of multifactor authentication whenever possible to add more layers of protection to your various social platforms and services.

Password managers may be a double-edged sword. They offer both convenience and security for you but may also be a hacking target. All of your information is right there in one place.

You can recover from a doxing and, in the process, create a doxing preparedness plan. Be aware of the Terms of Service of every platform you use. Learn how to file a takedown if your information does appear. Remove your name from search lists and take down personal information.

Sign up. Stay fueled.