Doxing. Have you heard of it? If not, here's why you might want to get up to date and some simple tips to keep protected. Essential personal data protection reading.

Open access to data - friend or foe?

The accessibility of information today is one of our most empowering freedoms. But it can also fuel malicious personal attacks, known as doxing or doxxing. We're about to take you through what doxing is, how criminals do it and how to prevent it.

What is doxing?

Doxing is maliciously revealing personal information online, for example, posting an anonymous blogger's real name or address. Doxers aim to punish, intimidate or humiliate their target by finding out sensitive information and using it against them, like selling your credit card details or threatening to burgle your home.

The never-ending black hole of personal information that is the internet means anyone with the time, motivation and interest can weaponize your personal data. And doxing is a growing problem.

How does doxing work?

These are the most common ways doxers grab data to expose someone.

Tracking usernames

When someone uses one username across multiple platforms, doxers can follow the trail.

Phishing

Phishing scams are fake emails luring victims to click through to a malicious site where attackers may steal sensitive information.

Stalking social media

Geotagging your photos? Sharing your work location? Doxers can use this to build up a picture of your life and even to deduce the answers to your account security questions.

Is doxing that bad?

Yes. Doxing can have catastrophic consequences.

In 2015, hackers forced entry to dating site for people in committed relationships, Ashley Madison, stealing 32 million users' data. They demanded payment to return the records but didn't get it, so published all the data online, causing professional and personal harm, and probably a divorce or two. And then in 2020 Ashley Madison's attackers came back for more.

Doxing knows no bounds. There are no clear good or bad sides. After an anonymous UK-based security researcher saved the world from a powerful cyberattack, the media outed his real identity and address, leaving him open to a revenge attack from the cybercrime group he went out to stop. Marcus Hutchins' story is one of a kind.

Protect yourself from doxers with this checklist

Recent research shows more of our data is being sold to organizations and criminals. Cybercriminals could use almost all of it for doxing or cyberbullying.

Credit cards and banking log-ins are the most in-demand. They're used for extortion, phishing schemes and straight-up money theft. Meanwhile, doxxers use personal account access to cause reputational harm. How do you stop it happening to you? This anti-doxing checklist has everything you need to stay safe.

Keen to learn more about doxing and how to prevent it?

Kaspersky, in collaboration with endtab.org, has just released a free doxing training course. You'll learn about the dangers of dox attacks, how to protect against them and what to do if you're a victim.