Derived from the term “dropping docs,” doxxing involves exposing sensitive, private information online. Hackers use doxxing to harass, threaten, or get revenge on others. Learn how doxxing works so you can protect yourself and keep your personal data private. Then, get specialized data breach software to make sure your online credentials stay safe.
Doxxing (also spelled doxing) is the act of revealing someone’s personal information online. Doxxing is a form of online harassment that means publicly exposing someone’s real name, address, job, or other identifying data. Doxxing happens without a victim’s consent, with the aim of humiliating or bullying a victim.
This Article Contains:
The term “doxxing” comes from the word “documents.” 1990s hacker culture shortened the term to “docs” and then “dox,” with “dropping dox” referring to finding personal documents or information (like someone’s physical address) and publishing them online. The hacker collective Anonymous helped popularize the term.
Doxxing means publishing someone’s information online without their permission. Doxxing can also refer to uncovering the real person behind an anonymous username, and exposing that person’s real identity online.
Some doxxing attacks are rooted in harassment or revenge, while others target people who anonymously post bigoted comments online or who are caught on camera promoting such beliefs.
While the concept of doxxing is decades old, doxxing is still alive and well today — and it can be very dangerous. Once someone’s physical address, job location, phone number, email, or other information is out there, they become an easy target.
Doxxing attacks range from the relatively benign, such as fake mail sign-ups or pizza deliveries, to the far more dangerous, like harassing a person’s family or employer, physical harassment, swatting, identity theft, and other forms of cyberbullying.
Doxxers collect breadcrumbs about people scattered across the internet, and then assemble those small pieces of information to reveal the real person behind an alias. Breadcrumb data can include the target’s name, physical address, email address, phone number, and more. Doxxers may also buy and sell personal info on the dark web.
Small pieces of information can be put together to uncover the real person behind an alias.
Traditionally, doxxing started with arguments online, before escalating to one person digging up information about an adversary. More recently, doxxing has become a popular tool in the culture wars, with activists doxxing those with opposing viewpoints. Many politicians, celebrities, and journalists have been doxxed, causing them to suffer from online mobs and even death threats.
Tracking down private information is a big part of what doxxing someone is. And while many people think of the internet as anonymous, it’s very much not. There are many ways you can be identified online.
Doxxing per se is not illegal, because there are no specific anti-doxxing laws in most jurisdictions. Instead, the legality of doxxing is determined on a case-by-case basis. While compiling or publishing publicly available information is rarely illegal, there are other crimes that doxxers can be charged for. Those crimes include stalking, harassment, identity theft, or incitement to violence.
Recently, governments around the world have begun to pass or propose anti-doxxing laws. The US state of Kentucky passed an anti-doxxing law in 2021, and Hong Kong passed an anti-doxxing law the same year.
In the US, the Interstate Communications Statute and the Interstate Stalking Statute may be applied to doxxing, depending on the details of a particular case. Doxxing could also violate the terms of service for certain websites. For instance, Twitter prohibits posting the private information of another person without their permission.
Yes, you can go to jail for doxxing someone. Although doxxing itself is not illegal, it could contribute to another criminal offense like harassment, stalking, intimidation, identity theft, or incitement to violence. For those sentenced to jail time, doxxing is usually part of a larger scheme involving multiple criminal offenses.
Doxxers have a range of methods they use to collect information about their targets. They can find your IP address, comb through your social media profiles, buy data from data brokers, use phishing campaigns, and even intercept internet traffic.
IP doxxing (or ISP doxxing) happens when doxxers obtain your IP address, which is linked to your physical location. Then, the doxxer uses social engineering techniques to trick your internet service provider (ISP) into divulging more information about you.
Using a call spoofing app to mask their phone number behind one belonging to the ISP, the doxxer calls the ISP and pretends to be a member of the tech support team. They can use your IP address to request the rest of your customer information, which may include:
Your full name
ISP account number
Date of birth
Social security number
This requires a few steps, some manipulation, and a gullible ISP employee, but when these kinds of tech support scams work, the doxxer can get a lot of private data with one phone call.
Social media doxxing involves the collection of personal information from your social media accounts. This data can include your location, place of work, your friends, your photos, your likes and dislikes, places you’ve visited, the names of your family members, the names of your pets, and more.
Some of this information can even provide doxxers with the answers to your security questions — which they can use to break into your other online accounts. That’s why you should make all your social media accounts private.
If you use online social platforms like Reddit, 4Chan, Discord, or YouTube, create different usernames and passwords for each service. If you use the same username on multiple platforms, a doxxer could link your accounts to compile a detailed picture of your activity. And always be careful when revealing personal information on social media.
Some doxxers purchase personal information about their targets from data brokers. Many data brokers sell their information to advertisers, but there are also several people-search sites that sell comprehensive personal info to anyone.
Data brokers gather their info from publicly available records (marriage licenses, government records, voter registration logs), customer loyalty cards (your online and offline buying behavior), online search histories (everything you search, read, or download), and from other data broker companies.
There's a lot of publicly available data that a doxxer can use against you.
Phishing is the use of fraudulent communications to trick victims into disclosing sensitive personal information. Doxxers can use spear phishing attacks against specific people to collect information on targeted victims. While many phishing attacks have identity theft as the ultimate goal, the information gained can just as easily be used in doxxing attacks.
Learn how to recognize and prevent Apple ID phishing scams and other phishing attacks, and you’ll keep doxxers from fooling you. For stronger protection, use the best antivirus software you can find, which will block phishing attacks and keep you safe from malicious email attachments. Avast's antivirus software blocks phishing attacks, spyware, and other threats that can expose your identity.
Sniffing is when someone intercepts internet traffic on its way from the sender to the receiver. Internet traffic travels in small bundles called data packets, and a sniffer is a software or hardware tool that can scoop up these packets and read the data they contain. A doxxer can use sniffing to collect someone’s internet traffic and comb through it for personal details.
The easiest way to protect against sniffing is to download a VPN, which encrypts your web activity.
WHOIS is a service that allows anyone to learn information on the person who owns a domain on the internet. You can set your WHOIS information to be private, but if you forget, your name, address, phone number, and email address will be available to anyone who looks up your domain name.
Swatting is when someone calls the police to report a serious emergency, such as a bomb threat or hostage situation, at their victim’s address. A SWAT team responds to the location, believing the emergency to be genuine. Streamers are frequent targets of swatting, with perpetrators aiming to interrupt their livestreams.
Though it sounds like an immature prank, swatting can mean serious harm, if taken too far. One tragic example of swatting involved a teenage gamer who was upset about a $1.50 bet he made over Call of Duty. He recruited a known swatter who then reported a hostage situation at the opponent’s home — but with an old address where the intended victim no longer lived. When heavily armed police arrived, they ended up shooting and killing the unarmed 28-year-old resident when he opened the door.
Swatting is a recent phenomenon, but it’s becoming increasingly dangerous. Many cities don’t know how to protect against swatting — but Seattle, WA has developed a good tactic. They’ve started an anti-swatting registry to allow people who are worried about getting swatted to list their address in a database.
Then, if a call comes in, police check the registry before showing up at the address. That means the police will be a bit more cautious to proceed, helping to avoid bloodshed.
Anyone can end up a victim of doxxing — all it takes is someone who dislikes or disagrees with you enough to go through the trouble of compiling and releasing your info. Doxxing victims have included abortion providers, innocent people wrongly accused of crimes, members of racist groups, and law enforcement officials.
One of the first doxxing campaigns began in 1997 when anti-abortion activists in the US targeted abortion providers. This insidious doxxing example involved a website called the Nuremberg Files, which published abortion providers’ personal information as a hit list. A 2002 court case found that the site constituted a threat to incite violence, and it was shut down.
After the 2013 Boston Marathon bombing, thousands of people gathered on the social media site Reddit and attempted to identify the perpetrator. The Redditors ended up incorrectly identifying and doxxing several suspects — none of whom turned out to be involved in the bombing.
A few years later, in 2017, white supremacists marched in Charlottesville, VA, inspiring some counter-protestors to dox participants. Several neo-Nazis lost their jobs after doxxers revealed their participation in the march. But some innocent people were incorrectly suspected of participating in the march and were flooded with hate mail and threats.
During Hong Kong’s prolonged protests throughout 2019 and 2020, protestors doxxed thousands of Hong Kong police officers as well as supporters of the city’s law enforcement agencies. Journalists and protesters themselves were also doxxed as the city’s unrest continued.
Recently, Keffals, a Canadian Trans activist and content creator, fell victim to a high-profile, months-long doxxing and swatting campaign. After an initial swatting ploy falsely accused Keffals of plotting to kill her mother and members of the London, Ontario city council, she was arrested. Once released, the harassment by her detractors continued.
Keffals relocated to a series of residences — all of which were doxxed. Trolls regularly swatted her exposed addresses, bombarding her with prank food delivery orders made under her deadname. Even after moving from Canada to Northern Ireland, the doxxing and swatting continued.
While the ethics of doxxing can be murky — after all, most of the information is publicly available online — it can quickly turn nasty when innocent people are caught in the crossfire.
If you’ve been doxxed, or if you think someone may be doxxing you, act quickly to stop the spread of your personal information. Here are a few simple steps you can take right away if you think you’ve been doxxed:
Document the evidence. Take screenshots of everything in case you need to report it to the police.
Report the doxxing to the platforms hosting your info. Sites like Facebook and Twitter have terms of service agreements that prohibit doxxing, and they should respond to your request and suspend the account of the doxxer(s).
Report the cybercrime — doxxing is often a cybercrime — to the appropriate authorities in your area.
Lock down your accounts. Create new, strong passwords for your accounts and store them securely in one of the best password managers. Protect your accounts with multi-factor authentication, and strengthen the privacy settings on all your accounts.
Ask a friend or family member for support. Doxxing can be emotionally taxing. Ask someone to help you navigate the issue so you’re not dealing with it on your own.
Consider changing your number. Depending on what information was exposed, you may want to change your phone number, usernames, or other personally identifying info.
Protect your data against leaks. Avast BreachGuard will monitor the dark web and alert you if any of your personal information gets exposed. It will also help you remove your info from data brokers’ databases, reducing the amount of information doxxers can find about you online.
Getting doxxed can be traumatizing. The key to preventing doxxing is to minimize the information available about you online. Learn how to hide your IP address, secure your social media accounts, and stay anonymous online.
You can easily hide your IP address by using either a VPN or a proxy to access the web. These tools let you connect to a protected server before you connect to the public internet. That means anyone trying to discover your IP address will see only the IP address of the VPN or proxy server, while your IP remains hidden.
Browser-based web proxies are often free, but only protect your browser traffic. A VPN like Avast SecureLine VPN encrypts your entire internet connection. That blocks anyone from seeing your online activity, which is especially important if you’re using unsecured public Wi-Fi.
Avast SecureLine VPN also allows you to change your virtual location at any time, giving you increased anonymity and robust protection.
Many sites and apps encourage you to sign in with Facebook, Google, LinkedIn, or another third-party service. If you do, those websites can request more info about you. And the more sites you connect with other online accounts, the easier it is for someone to compile your personal info.
Signing into many different sites using just your Facebook or Google account can make you vulnerable to a data breach. If your account password is leaked, a hacker could then gain access to all the sites you’ve linked together. That makes it very easy for a hacker to get all your personal info, and much harder for you to lock down your accounts.
Our social media profiles include a wealth of information about us: where we live (sometimes even our full address), our work history, birthday, friends, family members, photos, interests, and so on. Having that much information publicly available makes doxxing a breeze.
Even if you don’t think you have any enemies, you should lock down your social media accounts. Learn how to make your Facebook profile private and make sure to de-index your profile from search engines. You should also tighten up your privacy settings on Instagram and any other social media services you use.
If you use Reddit or other online forums, use a pseudonym to stay anonymous while browsing. Never use your real name as your username, and don’t use any personally identifying information in your handle.
When creating new accounts, choose a unique username for every service you use. If you reuse handles between sites, a doxer could connect your accounts and mine them for clues to your identity. You can mask your digital identity further with Avast's private browser.
Data brokers compile and sell huge amounts of personal data. Data broker companies hold extensive files that can include your browsing history, online and offline buying habits, medical histories, financial histories, criminal histories, and more.
And when data breaches inevitably happen, like the Equifax breach, your information can be leaked for anyone to see. If your details ever find their way to the dark web, they’ll likely remain there forever.
You can contact data brokers individually to request they remove you from their database — but though they’re legally obligated to comply, they can make it a very time-consuming process. And it’s nearly impossible to identify every data broker who has your data.
Avast BreachGuard will contact data brokers directly on your behalf and handle the information removal process for you, before your personal info can be exposed. It’ll also monitor the dark web for leaks and alert you right away should one occur.
If you’re only using passwords to secure your social media profiles and websites, you’re putting yourself at risk of doxxing and other cyberattacks. Multi-factor authentication (MFA) boosts security by requiring other factors to verify your profiles, like an SMS confirmation or a code created in an authentication app.
Even if your accounts have never been hacked, a single password won’t cut it anymore. Hackers are getting increasingly better at cracking passwords using methods like keylogging and password spraying. Without MFA you leave your profiles and private data open to identity theft, doxxing, and other threats.
To better defend against doxxers, put yourself in their shoes. By doxxing yourself you’ll get an idea of all your personal data that’s available online — and how easily it can be obtained. From there, you can develop strategies to minimize or eliminate your exposure.
Here are some ways to dox yourself:
Perform a reverse image search
Audit your social media profiles
Search data brokers
Check your resumes, website bios, and your personal websites
Browsing online for any information you’ve revealed about yourself can give you an idea of what information someone could use to dox you.
If your data suddenly appears online, it could mean you’ve been doxxed. Google Alerts helps notify you if Google finds new results with your data. Set up Google Alerts with your full name, address, phone number, and other data. Though Google Alerts is not totally comprehensive, it’s still quite effective.
If you’ve been doxxed, you’ll find out as soon as your information is made public. If you don’t see the data dump yourself, people you know will likely inform you of the doxxing. In the meantime, you may be harassed via social media, email, phone calls, or even in person, depending on the information that was released.
If you start receiving threatening messages, lock down all of your accounts. Check if your Facebook account has been hacked and verify that your Gmail account is secure. And though it’s also good to know if your personal information is for sale on the dark web, it’s not easy to get there without special software, like Tor Browser. And even then, where do you look?
That’s where dark web monitoring software comes in. Avast BreachGuard can do a dark web scan and alert you if your personal information has been exposed. Then, it will help you work quickly to secure your privacy.
Avast BreachGuard will scan the web to see if your personal info has been exposed.
Avast BreachGuard protects your information in three distinct ways:
24/7 risk monitoring
BreachGuard monitors the dark web and scans for data breaches. If your information gets leaked, we’ll alert you immediately so you can take steps to protect your information.
Personal info removal
BreachGuard identifies the data brokers that have profiles on you and sends requests on your behalf to get your information removed.
BreachGuard scans your browser for weak or reused passwords to make sure you’re not using any that may have already leaked.
Doxxers won’t stand a chance if you have Avast on your side. Get Avast BreachGuard today to strengthen your defenses, protect your privacy, and ensure your personal information isn’t weaponized against you.
Published on December 9, 2022
Updated on February 25, 2023