a blog from CenturyLink

What is doxing and how to prevent it

by | Oct 11, 2022


If you’ve never been the victim of doxing, consider yourself lucky. You probably know someone who has. Twenty-one percent of Americans—over 43 million—have experienced doxing, a form of cyberbullying. While over half of doxing attacks originate from online interactions with strangers, nearly a fourth of perpetrators personally known the victims. Some targeted doxing attempts are even driven by a personal vendetta. What is doxing and how can you protect yourself and your family from its dangers?

What is doxing?

Man being doxed on a laptop computer

Doxing is a form of cyberbullying that uses private information, statements, or records for nefarious reasons. Doxing attempts are almost always intended to harass, expose, or financially harm the victim. The culprit weaponizes sensitive data to threaten their target’s relationships, career, and even personal safety. They achieve this by exposing the victim’s sensitive information on the internet and spreading it through means such as:

  • Social media posts
  • Email
  • Web pages
  • Text messages

Since documents and records can be powerful weapons, doxing has been a popular form of cyberbullying for years.

Is doxing illegal?

In most cases, doxing is not illegal because the exposed information is already publicly available. This means that at some point, the victim granted an entity or platform the right to publish it.

However, the attacker’s conduct can make the act of doxing illegal, especially if they resort to stalking, threatening, or harassing their victim. If the victim can prove the doxed information is untrue, the attacker could even face a libel suit. Attackers who attempt to extort or blackmail their victims may face strict punishments: And if a cybercriminal uses illegal hacking methods to obtain the information, they could even face jail time for their doxing attempts.

How can you protect yourself from being doxed?

What is doxing? Man with head in hands as he experiences doxing

Due to the random, unpredictable nature of cyberbullying, it’s nearly impossible to avoid doxing altogether. However, there are steps you can take to step up your security game and reduce the chances of your sensitive information falling into a doxer’s hands.

Use a VPN

Virtual private networks (VPNs) are an integral cybersecurity tool. They establish a secure, encrypted connection to the internet, which safeguards any information you send or receive against bad actors.

When you connect to a VPN server, your IP address is no longer visible to others on the internet. By removing visibility of your IP address, it’s much more difficult for potential doxers to identify you by connecting your online activities to your location or device.

Create strong passwords

Simple passwords might make logging in easier, but they could be setting you up for future problems. Keeping your information safe online often starts with creating a strong password. This is an excellent first line of defense that will keep your personal information safe from doxers.

Adjust your privacy settings

Keep in mind that when you post something on social media, it’s out there for the world to see—potentially forever, if someone happens to screenshot or save it. If you post private information on social media, or even anything sensitive that could be twisted in a negative way by an experienced doxer, you should review and change your privacy settings regularly.

Even if you use a fake name or a throwaway account, it’s easy for experienced doxers to find your identity by cross-checking your social media pages or abusing tools such as reverse email lookup databases. Trusted followers on a private account can still track down your identity if they know the right methods. Going through your “followers” list and keeping an eye out for suspicious or unknown accounts can help safeguard your information when you want to stay anonymous.

Watch out for phishing and scams

Person using a laptop

In a phishing attack, a cybercriminal uses official-looking emails, text messages, social media messages, and web links in an attempt to trick you into sharing personal information. With that information, they can then commit identity theft and fraud. If you are asked to enter information into any forms accessed through unsolicited or unknown links, you are putting yourself at risk for a doxing attack.

Use separate email accounts

You should consider using different email addresses for your personal accounts and not crossing them with anything work-related. Using different logins and passwords for each account makes it harder for a doxer to access your info through an email-based hacking scheme. Keep in mind that an experienced cybercriminal can link a throwaway email to a main social media account by piecing together the right details. That’s why it’s important to make sure that even your throwaway account is secure.

Learn more about email basics here.

Check how easy it is to dox yourself

If it’s easy for you to dox yourself, it’s easier for an experienced doxer. That’s why The New York Times is training their own journalists to “dox” themselves. Basically, you put yourself in the position of someone trying to mine your personal information and use it against you. You can Google yourself, reverse image search photos of yourself, and audit your social media accounts. You should also review your professional profiles and resumes to make sure you’re comfortable with all the information currently available to the public.

What action should you take if you’ve been doxed?

Woman smiling at her computer because she took steps to avoid being doxed

What should you do if you’ve been doxed? Follow these steps to protect your personal information:

  1. Report it. Report the doxing attack to the platforms where your information was posted and found by doxers.
  2. Get law enforcement involved. If the doxer has threatened you, contact your local law enforcement and give them the details of the attack.
  3. Document the incident. Take screenshots and keep a detailed record of the attack. This information will be valuable to law enforcement.
  4. Secure your accounts. If doxers have posted your bank account or credit card numbers, immediately report this to your bank and credit card companies. They will likely cancel your cards and send you new ones. You should also immediately change the passwords for your online banking and credit card accounts.
  5. Update the privacy settings on your social media accounts. Select the most private options to avoid future attacks.

Cybersecurity 101

Scammers and doxers can wreak havoc in your personal, financial, and professional life. While some scams are unavoidable, you can still keep an eye out for potential threats to decrease your chances of being hacked or doxed. As we go forth into a world that relies on the internet and data security more than ever, it’s time to take cybersecurity seriously. By taking steps to secure your data, protect your devices, and manage your network, you can help keep your digital spaces safe.

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

<a href="https://discover.centurylink.com/author/emilyr" target="_self">Emily Richey</a>

Emily Richey


Emily Richey is the Content Manager for the CenturyLink and Quantum Fiber blogs. A recent graduate of Pace University NYC, she's an avid reader and writer. She spends most of her free time in bookstores and cafes, seeking the perfect cup of coffee.