Doxxing Series

The Dangers of Doxxing

Few people are aware of the dangers of doxxing. But more need to know that having your personal information shared on the internet can be a gateway to malicious behavior and even serious crimes, as we’ll see in this guide.

What Is Doxxing

Doxxing occurs when someone else publishes your personal information online without your permission. It may be intentional or accidental – either way, it’s considered doxxing.

Unfortunately, doxxing incidents are on an upward trajectory. Anyone can become a victim of doxxing for any reason – including criticizing a celebrity or posting something someone doesn’t like on social media or an online forum.

Business Insider article headline about being doxxed by Taylor Swift fans for criticizing her Eras tour

Dangers of Doxxing

Having your personal information exposed without your consent can lead to the following malicious behaviors:

Harassment

Once someone knows who you are and has your contact information, they can harass you. Harassment refers to any unwanted behavior, verbal or physical, that makes you feel uncomfortable, distressed, or humiliated.

Harassment can happen through various channels, including online messaging apps, social media platforms, phone calls and text messages, or mail. Perpetrators can sometimes target family members as well.

Cyberstalking

When someone uses your doxxed information to contact you or harass you repeatedly, it’s considered cyberstalking – and it can be incredibly scary, as this Reddit post indicates.

Reddit post about being stalked online and not knowing what to do

Stalking

Sometimes doxxing victims are stalked not only online but in real life, too. If someone doxxes your home address or place of work, it’s possible that a bad actor could show up in person to see you or follow your movements.

As with cyberstalking and harassment, it’s not just you who might be stalked – your family is at risk, as well.

Impersonation

While identity theft can result in serious financial trouble, impersonation brings its own level of distress with it.

Once someone has your personal information, they can set up fake accounts in your name and use them to mislead or steal from your friends and family, post hateful comments, or send threats to other users.

Reddit post about being impersonated on social media

Reputational harm

Sometimes, the personal information that’s doxxed – such as a message sent in confidence – can lead to significant reputational harm if shared with the public. If you’ve ever said or done something that might be perceived as controversial, having it get out in the open could harm your reputation or even get you fired.

In some cases, doxxers might not even wait to confirm it was you who said or did something controversial.

Take the case of Nintendo staffer Alison Rapp, who, despite having nothing to do with a particular change in Nintendo’s games, was held accountable for the change by GamerGate.

The passionate but misled users of GamerGate proceeded to harass Rapp and dig up any information they could on her. It was enough for Nintendo to fire her, ostensibly because the doxxing revealed she had a second job (which Rapp contended was not against company policy).

There are also instances of mistaken identity, which is what happened to finance executive Peter Weinberg.

Weinberg was contacted late at night by multiple internet users who were accusing him of ramming adults with his bike, hitting children, and being racist – despite it not being him in the viral video.

The mistaken but irate internet users doxxed Weinberg to find him, using an online app that publicly shared bike routes. Since Weinberg sometimes cycled the route and looked vaguely like the perpetrator, he was (wrongly) held accountable.

X/twitter post asking to identify the wrong man for hitting a child in the park

Looking elsewhere online, you’ll find this is not as rare as you might think.

X/Twitter post about someone being mistakenly doxxed

Swatting

Another criminal behavior that can arise from doxxing is swatting, which occurs when someone calls law enforcement to trigger an emergency response (such as from the SWAT team, hence the name) to your address.

Usually, the goal of swatting is to inconvenience and scare victims, but it can also lead to injuries and even death.

Vandalism

If a bad actor knows where you live or work due to a doxxing attack, they can potentially vandalize your property, including your home or your car.

X/twitter post and photo of a slashed tire after getting doxxed

Identity theft

Since doxxed information can include a great deal of personal details, it’s possible that someone who comes across your doxxed data online could use it to steal your identity.

There are many real-world examples demonstrating how unsettlingly easy this is.

In one instance, an identity thief targeted Microsoft co-founder Paul Allen. After determining what bank he used, the thief called the bank and, pretending to be Allen, changed both the address and the phone number associated with the account – and then requested a debit card sent to the new address.

In another example, one man opened several bank accounts under other peoples’ names. He used them and the additional identity information he had to apply for and collect almost $200,000 in loans.

Anxiety and psychological distress

On top of the obvious criminal activities associated with doxxing – none of which are enjoyable to experience – having your personal information leaked for everyone online to see can lead to anxiety and stress.

Reddit post about being doxxed and losing grip on life and body as a result

How Does Doxxing Happen?

It’s important to remember that doxxing utilizes publicly available information. When a bad actor wants to, they can compile this information using various techniques, such as browsing your social media profiles or looking through your old forum posts.

One of the first resources doxxers use when looking for information is data broker websites.

Data brokers collect information on individuals from sources like social media platforms and public records and then sell them to more or less anyone, no questions asked.

Fortunately, you can opt out of data brokers. Doing so will require contacting each one, and each data broker will have its own opt-out process (check out our list of opt-out guides for step-by-step instructions for common data brokers). Alternatively, subscribe to a data broker removal service such as DeleteMe.

Becoming Undoxxable

To reduce your risk of being doxxed, focus on shrinking your online footprint.

While that may sound a bit broad, you can approach it in a methodical fashion. For an idea of how to get started, you can begin by doxxing yourself – doing so will inform you where your data vulnerabilities are. Find out how in our guide to self-doxxing using this list of doxxing tools.

Most people find that they need to do a combination of the following steps to reduce their personal data exposure online:

Changing their social media privacy settings from public to private.
Opting out of data brokers.
Using unique usernames and passwords across all online accounts.
Removing data from Google Search results and other Google products.
Being vigilant and cautious about sharing any personal information on the internet.

Doxxing can be uncomfortable, frightening, and dangerous, but by taking steps to protect yourself, you can decrease the possibility that someone will dox you.

Learn more in our guide on how to prevent doxxing.

Laura Martisiute

Laura Martisiute is DeleteMe’s content marketing specialist. Her job is to help DeleteMe communicate vital privacy information to the people that need it. Since joining DeleteMe in 2020, Laura h…