How To Protect Against Identity Theft Due To ‘Doxing​’

5 February 2015

“Doxing” or “doxxing”, a practice in which hacker groups gather personal information about an individual and then release it to the public, has come into the public eye in recent months as a result of the highly reported “Gamergate” scandal. Zoe Quinn, a female video game developer who was accused of using her romantic connections with a game journalist to garner attention for her own games, received a torrent of harassment after she was doxed by online vigilantes.

International hacker collective Anonymous is the group best known for employing doxing practices, featured in the news most recently for revealing the name of the police officer who killed unarmed 18-year-old Michael Brown in the U.S. city of Ferguson, Missouri. According to McGill University anthropologist Gabriella Coleman, the only academic expert on Anonymous, the group views its activities as advancing transparency and allowing the public to strike back at those they consider to have done wrong.

However, if you ever become the victim of a doxing attack, you likely won’t be considering the nobler motives of the people who carried it out. Having your information revealed online is an open invitation for identity thieves to do their dirty work. Here are some ways to protect yourself from doxing in the era of easy information access for hackers:

  • Stop using social networking sites. So much information is stored in Facebook, Twitter and others, the best defense is simply not to use them. Since this may not be practical, Create and use fake profiles. If you must use Facebook or other social media to keep in touch, use a false name combined with a unique email address. Be careful not to post too much personal information. And only friend people you know.
  • Use different email addresses for each online account you have. While it’s easier to remember one User ID and password for multiple accounts, it also makes you more vulnerable to doxing. Create different login credentials for every account you have to minimize your risk.
  • Don’t use your real information on Facebook. If you have reason to believe someone might be looking for your personal information, deleting your Facebook account and setting up a fake one is the first step you should take. These days, Facebook is the first stop for anyone looking for potentially incriminating or personal information, so flying under the radar in that environment is a smart choice for information security.
  • Google yourself! Enter your email addresses and usernames into Google or a website like pipl.com and see what comes up. If there are details that you don’t want the public to see, remove that information from your online profiles.
  • Avoid chat rooms and message boards. If you log into locations on the web where hackers often gather, you run a greater risk of getting their attention than you would if you simply avoided engaging with strangers on the internet altogether. Even on sites where the environment is generally supportive and safe, don’t share any personal information with anyone you haven’t met in person and extensively talked to.

If you often engage in activity on the internet that might allow people to go after and access your personal information, you run the risk of your credit rating being ruined by identity theft after your information is doxed. Subscribing to the services of a credit monitoring company can be extremely helpful in this situation, as the company will alert you to certain kinds of activity on your accounts, so that you can manage the consequences of identity theft without leaving your credit score vulnerable.

02