What is doxing?

Ever write something on a forum that you'd be embarrassed to say in public, thinking that the anonymity of the online world would protect you? Better be careful: Someone might dox you.

Doxing, short for "dropping dox," is an online attack in which hackers dig up personal information and documents — hence, the “dox” part of “dropping dox” — to expose the real identities of people hoping to remain anonymous.

The goal is often to shame or harass a victim. Hackers might expose the identity of an anonymous message board troll, for instance, as a way to embarrass that person. They might hope that person loses a job or is shunned by co-workers or friends.

The lesson here? Be careful with what you say online. You might think the online world gives you the freedom to say — or type — whatever you want. You might think that creating fake identities gives you the chance to express whatever opinions you want, no matter how controversial, without anyone ever tracing them back to you.

But doxing attacks are real. And it’s hard to completely hide your identity online. The best defense against doxing is to be careful what you post online, and to never share private information on forums, message boards, or social media sites.

It’s not always been online attacks

Doxing is interesting because even though it's a mostly online attack today, this wasn't always the case. In a 2017 story, pointed to doxing attacks launched against a U.K. office working to improve race relations. The internet wasn’t part of this attack. Instead, far-right activists posted an official's phone number in public toilets across London. This meant that the official's evenings were often interrupted by angry midnight phone calls.

This case shows that doxing doesn't have to be an online tool. Doxers can use old-fashioned methods to expose the personal information of their targets.

Of course, doxing is easier now thanks to social media and online forums. It's easier to expose a target's identity to a larger swath of the population on Twitter, Facebook, Instagram, and the rest.

And it didn’t take long for doxers to take to the online world to make exposing personal information an easier task. The story points to a 2006 YouTube channel called Vigilantes as an example of early social media-based doxing attacks. The Vigilantes channel doxed vloggers — video bloggers — who were considered racist or hateful.

The Cyberbullying Research Center said that today, doxing — which can also be spelled "doxxing" — typically involves someone collecting the private personal information of victims, everything from home addresses and Social Security numbers to credit card numbers or bank account information, and then disseminating this information to the public without the target's permission.

What information are doxers looking for?

What information do hackers look for when doxing someone? Anything that can help them expose the identity of someone who is trying to remain anonymous.

In a doxing attack, then, hackers might publish someone's:

  • Real name
  • Telephone number
  • Social Security number
  • Home address
  • Employer
  • Credit card numbers
  • Bank account numbers
  • Personal photographs
  • Social media profiles

Types of doxing

You might be surprised at how easy it is for someone to dig up information on you. It could be easier if you spend a lot of time posting on message boards and forums.

Maybe you mention that you are traveling to Europe for the first time. A hacker now knows you don't live in that continent. You might make another post saying that you've never visited Asia. Now this same hacker can determine that you don't live in that continent.

Maybe you complain about the high property taxes in your county online. A troll can now pinpoint in which county you live.

Think of your online activity as a trail of breadcrumbs. Determined trolls and others can follow that trail until they know where you live, your age, gender and race. Armed with this information, they can slowly determine your identity.

Packet sniffing

This isn't the only way people can crack your online anonymity, though. Experienced hackers can also rely on technology to glean clues about your identity. They might turn to a strategy known as packet sniffing. In this method, a doxer intercepts your internet data, looking for everything from your passwords, credit card numbers, and bank account information to old email messages.

Doxers accomplish this by connecting to an online network, cracking its security measures, and then snagging the data flowing into and out of the network.

IP logging

Another scary trick? Doxers can use IP loggers, too. IP loggers attach a code, one that victims can't see, to an email message. Once victims open these emails, the code tracks their IP addresses and sends them back to the IP logger. This easily gives a doxer quick information about you.

Reverse cell phone lookup

What can hackers learn about you if they have your cell phone number? Plenty, thanks to services such as Whitepages. These reverse phone lookup services let you type in a cell phone number — or any telephone number — to find out the identity of the person who owns the number.

But it’s not just your name that people can discover from such a service. A search on the Whitepages site might also turn up your current and previous addresses. Hackers can also use a reverse phone look-up to search for your criminal and traffic records, financial records, and properties that you own or have owned.

Sites such as Whitepages charge fees to provide anything beyond the city and state associated with a cell phone number. Those willing to pay up, though, can glean plenty of personal information about you from your cell phone number. Be careful, then, with this number: Don’t leave it on social media sites or on forums or message boards.

Social media stalking

Many doxers scour social media accounts to find private information about their targets. Not only do people willingly share personal information on sites such as Twitter, Facebook, and Instagram — such as vacations, new jobs and moves — they also provide plenty of key facts about themselves when signing up for these sites, information that determined doxers may uncover. That’s why it’s so important to keep your personal information safe on social media.

Consider Facebook. When you sign up for the site, you have the option to provide everything from your date of birth to your high school and college. Be smart when signing up for social media sites: Don't fill in these fields. Leave them blank.

And when posting on social media accounts, don't be too specific about what you're doing or where you've been. Consider making your social media accounts private so that only specific people can view your posts.

Is doxing illegal?

You know that doxing can upend the lives of targets. But is the practice illegal? That depends.

Doxing isn’t illegal if the information exposed is part of the public record. This includes arrest records, marriage certificates, major traffic violations, and divorce records. If someone publishes these records, even without your consent, they are not doing anything illegal.

Doxing can be illegal if someone publishes information that isn’t in the public record, such as your bank account information, credit card numbers, or birth certificate. Doxers are acting illegally when they access this information and publish it.

Doxing is always unethical, though, even if the perpetrators are trafficking only in information available through the public record.

How can I avoid getting doxed?

While there is no way to guarantee that you won’t ever get doxed, there are some strategies you can follow to lessen the odds. The key is to be mindful of what you post on social media sites and message boards. Here are some tips to follow:

Don’t overshare: Don’t overshare on social media or online forums and message boards. Sharing personal information could easily give doxers too much to work with.

Change your privacy settings: Make your posts on social media sites private so that only select people can view them.

Don’t provide personal information: When signing up for social media platforms, don’t provide personal details, such as your date of birth, hometown, high school, or employer information.

Use a VPN: Signing up with a virtual private network, or VPN, can help shield your private information from doxers. When you connect to the internet by first logging into a VPN, your real IP address will be hidden. This means that hackers won’t be able to mine this address for your location or other identifying information.

Be alert for phishing emails: Doxers might use phishing scams to trick you into disclosing your home address, Social Security number or even passwords. Be wary whenever you receive a message that supposedly comes from a bank or credit card company and requests your personal information. Financial institutions will never ask for this information by email.

Certain information should never be shared: Make a vow to never post certain pieces of information online, such as your Social Security number, home address, driver’s license number, and any information regarding bank accounts or credit card numbers. Remember, hackers could intercept email messages, so you shouldn’t include private details in yours.

How do I recover if I've been doxed?

What do you do if you've been doxed? There are some steps you can take to limit the damage.

Report it: Report the attack to the platforms on which your personal information has been posted.

Involve law enforcement: If a doxer makes personal threats against you, contact your local police department.

Document what's happened: Take screen shots or download pages on which your information has been posted. This can help law enforcement or other agencies that might investigate the doxing.

Protect your financial accounts: If doxers have published your bank account or credit card numbers, report this immediately to your financial institutions. Your credit card provider will likely cancel your card and send you a new one. You will also need to change the passwords for your online bank and credit card accounts.

Increase your privacy settings: Configure the privacy settings on your social media profiles to the most private options to help keep snoops and doxers away.

Try Norton 360 FREE 30-Day Trial* - Includes Norton Secure VPN

30 days of FREE* comprehensive antivirus, device security and online privacy with Norton Secure VPN.

Join today. Cancel anytime.

*Terms Apply

Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2021 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.