How to Protect Yourself from Doxing
Doxing is the act of finding and releasing an individual’s personal information in a public forum, typically with malicious intent. But it could also be called identity disclosure or privacy invasion because, quite simply, your personal information is getting released to others without your permission.
This doesn’t happen often, but when it does the damage can be severe — from embarrassment to serious financial harm to physical violence. As such, protecting yourself against doxing should be an essential part of your daily routine.
Doxing can be carried out by anyone, but the majority of doxings are done by people who have a grudge against an individual. They’re often seeking revenge or money, and your personal information is the way they get it.
So how do you protect yourself? It’s not always possible because even when you think you’re safe, you might still be at risk. However, if you only take one action to prevent doxing, this should probably be it:
- 1 Secure your Email Accounts
- 2 Don’t Appear on Social Media
- 3 Never Open Attachments from Strangers
- 4 Destroy All Digital Evidence
- 5 Run an Untraceable Browser
- 6 Change your Phone Number
- 7 Use a Private Email Address
- 8 Get a Private Cell Phone Number
- 9 Change your Email Password
- 10 Change your Banking Information
- 11 Change your Social Security Number
Secure your Email Accounts
Email is the easiest way to dox someone because it’s so often used in the workplace. If you get a new job, you’ll probably be asked for your email address. And if you don’t have one, this might raise suspicion in the mind of potential employers or even coworkers.
Here are a few basic tips to help make sure your emails are secure:
- Use Gmail rather than Yahoo or Hotmail.
- Remember that email is not private.
- Use an alternate email address that you don’t use for anything else.
- Create a filter to forward all mail from the real account to the alternate.
- Don’t include company names in your email signature.
- Over time, these steps will help to protect your address from being sold or used by someone else.
Now, if you use your personal email address for work or if you store private emails in your work account, it may be possible for an employer to dox you.
But the chances of this happening are slim because most companies fire employees once they find out they’re using their secondary email addresses to store sensitive information.
For this reason, the only way a company could use your email to dox you would be to obtain access to a shared computer or server containing all users’ inboxes (or even to hack into your computer).
No matter what you do, there’s always a chance that someone is going to get access to your email address — and that’s why it’s so important to take the other steps listed below.
Don’t Appear on Social Media
This one is obvious: don’t use Facebook or Twitter or any other social media site. Every single social media account involves some personal information, whether it’s a full name or an image of you with friends. Either way, this information can be used to dox you if it gets leaked.
The best way to not appear on any social media sites is to never sign up in the first place. However, if you do find yourself already signed up, use the steps listed below.
Never Open Attachments from Strangers
If there is a chance that your email could unintentionally be accessed by a stranger, don’t open any attachments from them. This means no unsolicited emails about jobs or “good news” about investments in your name.
The reason you shouldn’t open attachments from strangers is because they can be malicious. They might contain a virus that downloads files onto your computer, or they might contain links to images that hold your IP address or location data.
If you’re unsure whether an email is trustworthy, check with the person who sent it — but don’t do it before opening the attachment because this could expose their identity to you by including their name and email in the signature line.
Destroy All Digital Evidence
Put simply, if you have a digital record of something, someone could do a search and find it. In other words, you might think you’ve deleted an embarrassing email that includes your name but all the records could still be out there if someone knows what to look for.
You can destroy most digital evidence by wiping your computer hard drive or burning old files on CDs or DVDs. But even with these precautions, there are still ways to recover certain data.
For example, if you store your data on Google Drive or use Google Docs, it’s possible that an employer could gain access to your private documents.
This is why it’s better to not have any online storage accounts at all — but that requires you to check everything you delete from your computer and do the same for files on USB flash drives.
If you can manage to do this, wipe off all traces of yourself from the internet.
Run an Untraceable Browser
It is possible to use the internet without leaving any records of your personal information behind — but it takes some extra effort. If you can manage to do this, your internet history will be completely private.
Use the Tor browser, available at torproject.org. This is a free program that masks your IP address so traffic can’t be traced back to you.
Make sure your computer is not connected to any other devices. If possible, have it on a wireless network that doesn’t have an internet connection.
Do all of your internet browsing on Tor. If you need to access the internet from a public place, use a laptop without Bluetooth or WiFi turned on (which logs your location).
Be careful when using digital recorders and video cameras, because they also can retain information about you even after you delete it from the device.
Change your Phone Number
In order to dox you, someone has to have a way to contact you. This means that changing your phone number may be the most important step you can take.
Every time you get a new phone number, make sure it’s one that isn’t listed in any of your accounts (including Skype) and always use “privacy settings” when it comes to adding contacts. If possible, use an alternate area code so that strangers can’t find you so easily.
This won’t necessarily remove all traces of your old phone number from the internet — so you’ll still have to check for information about yourself using search engines. If an employer is looking for you, they might be able to use information from a previous employer, too.
Use a Private Email Address
If your phone number is private, someone still might be able to dox you by finding your email address. To avoid this problem, don’t use your primary email address for anything online.
Use the same steps listed above to create an alternate email address. Use Tor to browse the internet and check for information about yourself using search engines.
Once you’re sure there’s no evidence left, you can use that email address for online shopping, signing up for any websites or to register with online services like Facebook and Twitter.
Get a Private Cell Phone Number
This is another step that will make it harder for anyone to dox you — especially if you make sure it’s not associated with your name anywhere online.
A private cell phone number is an extra layer of protection that still allows you to receive calls and texts from other people. This way, you can still maintain contact with your family and friends while not being reachable by a third party.
If you don’t already have one, get a new cell phone number instead of your existing one. Use the steps above — including online searches using search engines and Tor — to make sure no trace of your old number remains.
Change your Email Password
Changing your email password is a relatively easy way to ensure no one can access your personal information. Again, follow these steps above to make sure there’s no trace of your old password on the internet.
You can also use a tool like 1Password or LastPass to store all of your passwords so that you don’t have to be able to remember them with every website you use. This will also help you avoid having any sensitive data stored on an unsecured device.
Change your Banking Information
Using the steps above, you can change your phone number and email address — but it’s a lot more difficult to change your banking information.
However, there are other ways to prevent someone from accessing sensitive financial information. For example, you can use a credit card instead of a debit card.
You also may want to open up an account with TD Bank which allows you to open an account with no minimum balance and withdraw up to $500 cash per day at ATMs in the U.S. (but this may not be the best option for you depending on your current bank and other possible locations.)
Change your Social Security Number
Most people don’t know this, but there’s no way to change your Social Security number — but you can file a new application for one and get a new number that’s not associated with you.
This can be a very difficult task though, since all information about you that include your Social Security number will also have to be changed.
It’s possible that some people who dox you may not be able to access your entire Social Security file — but they still could have enough information to find out where you live, work and other details from your application. It’s probably a good idea to make the address listed in the application match the one on your credit report.
Using the steps above, it can be very difficult for someone to dox you — but it’s not impossible. Even if you take all of the precautions you can, there are always going to be traces of information online that can be used to find you.
If someone still manages to track you down, it’s important not to try to fight back. You don’t want the situation to escalate and draw more attention to yourself. If possible, it’s better just leave the situation alone and try not to make any contact with anyone who might have doxed you.