The surprising threat is lurking even in your ‘secure’ work environment

 

source: fast company.com  |  image: pexels.com

 

When Netflix released The Most Hated Man on the Internet, we got an up-close glimpse of the harm that nefarious people can do by exposing the personal information of others online. The series illustrated how Hunter Moore used stolen or hacked images to populate a pornographic website, targeting women who did not consent for their images to be used—and introducing many people to the concept of “doxing.” 

Derived from 1990s hacker culture, doxing is a play on the word document or dossier, referring to compiling data on a person or company. It gained greater visibility in 2014 when a group released the private information of women who they perceived as receiving favoritism in the gaming journalism industry. The incident, titled GamerGate, exposed the dangers of being targeted by bad actors and the potential for negative psychological outcomes.

Today, doxing is becoming a daily concern for individuals and organizations as more of our personal details show up online, and security teams across platforms chase, to stay ahead of malicious activity.

DOXING CHALLENGES AND IMPLICATIONS

One key challenge of these types of activities is the ease with which they’re perpetrated. A person doesn’t have to know you to find and release your information. All it takes is a quick Google search and social media skim, and anyone can find out your location, some of your contact details, and sometimes even the names and addresses of your friends and family.

Increasingly, we’re seeing doxing take place across a wider spectrum of online and seemingly secure areas, such as corporate spaces where individuals connect via Wi-Fi. As with any connected system, phishing emails, hacks, and open-source intelligence tools can help gain access to details that can be used to bully and harass.   

It is estimated that millions of people a year experience doxing. More than 25% of those in the U.S. are adolescents. Doxing is known to lead to elevated levels of stress and anxiety that can last long after the content is taken down, leaving people feeling exposed with a severe loss of personal control. 

Releasing a place of work, phone number, or email address can definitely feel violating. And the sharing of intimate photos, personal messages, email threads, or information on family members can increase the stress involved, leading to deep feelings of shame, anxiety, and depression. In fact, cyberbullying as a whole is being attributed to suicide in adults, as well as in children. So much so, that a new term has been coined: cyberbullicide, which illustrates how critical it is to take measures to prevent it.

HOW TO PROTECT YOUR PRIVACY

In this always-on digital world, trying to protect personal data can feel overwhelming. Our details are housed in hundreds, if not thousands, of different locations, and it can take just one person to turn lives upside down. But there are proactive steps we can take to minimize the risk of being hacked, reduce anxiety levels, and maximize feelings of control in personal and professional spaces. 

Limit sharing personal details. Understanding what puts you most at risk, and avoiding sharing that information, is critical. For example, refrain from giving out full names, addresses, and social security numbers in public forums. 

Review and adjust privacy settings. On apps or digital tools where personal information is shared, make sure privacy settings are turned on—and stay on. 

Secure your devices. Use biometrics or strong passwords on your phones and computers, while also utilizing privacy tools that can further enhance information security.  

Monitor your online presence. Regularly search your name to discover if any private information is public, and keep a close eye on the online activities of children and adolescents. Encourage a pattern of open, honest communication with young family members and ask the difficult questions, responding calmly without assigning blame.

Educate your community. Talk openly with family and friends about how to build privacy into your daily life to avoid cyberbullying and doxing, and make good choices about digital sharing. In professional settings, schedule regular training sessions to help team members better identify phishing attempts and the importance of protecting information in the workplace. 

IF DOXING OCCURS

First and foremost, anyone who feels threatened or unsafe due to a doxing incident should call local authorities and report the incident immediately. Consider contacting someone close to you from a secure number or email for additional support.

In addition, reach out to website administrators, authorities, and use available reporting options. Securely screenshot any evidence (as long as it doesn’t violate the law) so that it can be preserved for law enforcement. 

Changing passwords and phone numbers, switching email providers, calling the bank or credit card company (if you’ve been financially doxed), and reaching out to anyone who might also be impacted by the leak is crucial. 

The short-term goals are to assess the damage, record the source, report the incident, and monitor ongoing activity. Long term, the goals are to make sure that you or the person targeted has access to a personal and professional support system to help weather the mental and emotional impact of such an event, as well as the means to properly protect information in the future.

Ultimately, the answer to doxing and its side effects lies in better online-data protection, careful social sharing, and an understanding of what details about you are currently living online. Bad actors aren’t going away anytime soon, but protecting your privacy and your mental health are possible.