Avoid Getting “Doxed”: It’s Not Good for You

On the national front, we’ve recently seen some shocking breaches in cyber security. The repeated hackings of Democratic National Committee computers – suspected, no less, to have been accomplished by Russian perpetrators – are all cases in point.

Notably, after the DNC’s troubles, Lisa Monaco, the current U.S. homeland security and counter terrorism adviser, issued (July 2016) a “computer attack response plan” designed to thwart cyber aggression from traditional U.S. foes, such as Russia and North Korea. This came several months after an executive order issued last year (2015), declaring high-level hacking targeting government and private sector computer networks illegal – particularly if they pose a “significant threat” to U.S. foreign policy, our economic system or our government.

While global hacking is a burgeoning problem, Hungate Business Services wants to warn clients about another more common type of hacking called “doxing” – which remains generally legal, so long as the information acquired is publicly available online. (Notably, it does become a crime if there’s real criminal intent – such as identity theft, stalking or hacking for financial gain.)

Many, many famous people have been doxed, including First Lady Michele Obama, former Attorney General Eric Holder and the singer Beyoncé. But ordinary people, organizations and businesses are also vulnerable.

The term “doxing” comes from the phrase “dropping dox,” which is old-school, hacker slang for using documents to reveal someone’s identity, when– up to that point – that individual had been anonymous. Today, the FBI defines doxing as the act of compiling an individual’s personal information from internet sources without permission (such as home addresses, social security number, phone number, email addresses, passwords, personal photos) and then posting the content on information-sharing Web sites. Usually, the sole purpose is to humiliate or generally hurt or cause pain to the targeted person.

Tips to Reduce Your Risk

As long as you maintain an online presence, it’s almost impossible in our digital age to totally eliminate your chances of getting doxed. However, you can take steps to minimize your chances. Below are tips that should help.

• Keep your social media footprint to a minimum where possible, and actively monitor any accounts you maintain. Go over your social profiles and remove information that is unnecessary. Think carefully about comments you make via social media, as these have the potential to make you a doxing target.
• Turn on all privacy settings on social media sites. Carefully evaluate the user settings for your online profiles. The default settings for some sites may allow anyone to see a user’s profile. Settings can be customized to restrict access to certain people.
• To discourage being pinned or tracked down, use a range of email addresses to throw off would-be doxers.
• Be aware of your security settings on your home computers and wireless networks.
• When browsing the internet, be mindful of what you sign up for, who you give your email address to, and so on. Use common sense; if a website looks strange or is requesting sensitive, personal information, don’t comply.
• Routinely update hardware and software applications, as old versions may be exploited by criminals as a way to access a computer. In addition, maintain up-to-date antivirus software, as attackers are continually writing new viruses.
• Go to a website like Pipl and enter your own email address. See what comes up and trace that information back to its source (Facebook, Twitter, etc.), and remove it.

If you do get doxed and find yourself being unduly exposed or harassed, please contact Hungate Business Services at 276-243-4026 or email our help desk at info@hbsx.com. We’ll do our best to help you find a resolution.