What are good examples of doxing

Doxing: The danger of being too open

Hackers play a major role in many cyber attacks: Viruses are programmed, technical security gaps are exploited and software-based attacks are carried out. In such cases, the criminals are specialists with IT and programming skills at the highest level. In most cases, however, attackers who doxxx actually need it no such expert knowledge. All that counts here is persistence, motivation and a large amount of criminal energy.

Doxing attacks always take place in two stages: Collection and publication. In the first step, attackers collect all available information about the victim. This includes private addresses, including e-mail addresses, telephone numbers, the names of family members, social media accounts, private photos and, in some cases, bank details. The sources are as extensive as the data are varied.

  • Social media: People publish numerous photos and also the most personal information in freely accessible social media presences.
  • Web pages: The imprint of a website or blog contains specific address data of people and companies.
  • Address and telephone books: Databases with addresses and telephone numbers can also be searched online.
  • Hacked databases: Attackers hack cloud storage or actually secured databases and obtain sensitive information from them. Data that was hijacked in this way can also be acquired by Doxing attackers on the Darknet.
  • Social engineering: Attackers appear as trustworthy people on the Internet and manipulate victims and relatives in such a way that they voluntarily provide information.

Many doxing attacks take place exclusively with freely available information instead of. It is through the pooling of the data and the context in which the publication is placed that the harm is done to the victim.

In the second step, the information collected is published as widely as possible. To do this, attackers create fake accounts on social media and store the documents on anonymous platforms. The aim is for as many other people as possible to take up and disseminate the information so that the damage is maximized. Often it is Publication associated with threatsthat are also picked up by other users and can also leave the sphere of the Internet in the process.