Doxing is – Technological advances bring many benefits to mankind, there are many conveniences offered because of the development of technology. Starting from online shopping services, taxi ordering services or other services. In addition, social media is one of the technological developments that can be felt directly by internet users. With the development of technology, social media is also busy making the latest features.
The features on social media then become a medium for anyone to share information. Sometimes internet users or netizens unknowingly upload their personal identities on their social media accounts, such as personal website pages, ages or even addresses.
When this happens, social media can be used as a medium for other people to dismantle that person’s identity. Disclosing and distributing personal information is known as doxing. What is doxing? And how does it work? Here’s a further explanation.
The word doxing comes from the English language, namely dox, an abbreviation of the word document. Doxing is an internet-based action to research, find out and publicly disseminate personal information (including personal data) on an individual or organization.
Dissemination of personal information in the form of doxing is carried out without the permission of the relevant parties or the authorities. According to the Kominfo website, the doxing method is a method used to obtain information, including searching publicly available databases, hacking, social engineering and social media sites.
Doxing is carried out for a number of reasons, including to cause harm, insult in cyberspace, harassment, coercion, extortion, risk analysis, business analysis, to help law enforcement or vigilantes version of justice.
Doxing behavior is also often related to stalking or stalking, even information spread from doxing behavior is often released in contexts that can cause people to fear.
To differentiate doxing behavior from other terms, there is the evil intention of the perpetrator in the form of publishing individual information without the consent of the relevant party and used for public consumption, with the intention behind it to cause shame, humiliation and damage that threatens the target and those around him such as people parents, family or friends.
The term doxing became known since the 1990s, when computer hackers began to enjoy collecting personal information from someone who was the target of their hacks.
The act of doxing is not a random act, but is deliberately intended with a specific target. Most of the early doxing activities were related to Internet discussion forums on Usenet. One of the first documented doxing incidents is entitled Blacklist of Net Nazis and Sandlot Bullies which lists the names, email addresses, telephone numbers and mailing addresses of individuals the authors complained about.
This doxing case is the first documented case. Then, in 2003, there was what was called Doxware, which was a cryptovirological attack discovered by Adam Young, then further developed by Moti Yung who extorted doxing through malware.
Because doxing is related to the misuse of someone’s information, there are several types of data that are usually targeted by perpetrators in carrying out their missions, including the following:
- The original name
- Phone number
- Credit card and account numbers
- Social media profiles
- Private photo
How Doxing Works
In general, there are four steps to doxing . Here’s the explanation:
1. Trace the victim’s username
There are many people using the same username on various social media platforms that are used. This makes it easy for doxing actors to track down the same username to get data or find out an overview of the habits and interests of the target. This information will later be used to carry out doxing attacks .
2. Perform a WHOIS search using the domain name
The personal information of the domain owner will be stored in a list which is generally accessible to the public by performing a WHOIS search. If the domain buyer does not hide personal information when purchasing, then information such as address, name, telephone number, email to work can be found easily by anyone.
Doxing actors will generally try to retrieve personal data in various ways, including by phishing. Doxing perpetrators will send emails, SMS or whatever and claim to be from certain agencies or authorities, then the perpetrators will ask the victim to enter personal information which is then misused. Therefore, Sinaumed’s must always be alert to notifications received by further confirming with the relevant parties regarding the information or notifications that Sinaumed’s has received.
4. Social media stalking
If the social media account owned by Sinaumed’s is public, then anyone can find out any information that Sinaumed’s spreads on the Sinaumed’s social media account.
Other social media users can find out their location, place of work, friends, family members, photos, interests, and places where Sinaumed’s has visited before.
By relying on information obtained from these social media accounts, perpetrators can find answers to security questions that can help perpetrators to open other social media accounts. Therefore, be careful with information that Sinaumed’s distributes on social media, because this information can be a loophole that criminals can easily exploit.
The act of doxing is indeed quite disturbing, so it’s no wonder that some of the victims of doxing feel restless and insecure after their personal information is spread on social media. There are several types of doxing that need to be watched out for as well as several ways to prevent doxing from happening to Sinaumed’s. So, keep reading this article until it’s finished, Sinaumed’s.
Types of Doxing
In general, there are three types of doxing practices, as follows:
The first type of doxing is the act of dismantling the identity of an anonymous account or an account that tries to hide its identity. In general, this doxing action only starts from the curiosity of netizens who want to know who owns the anonymous account.
For example, anonymous social media accounts, however, have a large number of followers and get a fair amount of attention. Netizens then felt curious about who owned the account, then carried out doxing . This type of doxing does not have blackmail and criminal motives.
The second type of doxing is targeting, namely doxing that has a target. The perpetrator spreads the identity of the victim which allows the victim to be found or contacted.
In general, the data distributed by doxing targeting actors are addresses, names or telephone numbers. This type of doxing targeting can endanger the victim, because at any time the victim can receive terror or even threats from other people.
Doxing targeting is common during presidential elections, for example in the case of Ulin Yusron who once distributed a photo of the KTP of someone he considered to have made a threat to behead Jokowi.
The third and final type of doxing is delegitimizing, which is a type of doxing that is done so that the credibility of the victim falls. Doxing delegitimizing is commonly experienced by officials.
Usually the threat of doxing occurs to people who are hiding a secret. Each party certainly has their own reasons for keeping the confidential data, whether it’s to protect their name or something else. So if the secret is spread, of course it will result in several parties experiencing losses.
How to Prevent Doxing
1. Maintain privacy on social media
Social media is one of the loopholes that can be exploited by criminals to smooth their evil actions. Therefore, Sinaumed’s needs to be careful when sharing certain posts.
Don’t let the information that Sinaumed’s spreads is important information and can harm yourself. In addition, do not upload personal information, for example, such as a detailed home address, include account numbers and so on.
2. Use a strong password
The perpetrators of doxing generally will do various ways to smooth out their actions. Apart from phishing, there are not a few victims of doxing because their social media accounts were hacked by the perpetrators.
One way to make it more difficult for your Sinaumed’s account to be hacked is to use a strong password. Create a complex password, for example by combining numbers, capital letters and symbols.
Avoid using passwords with sentences related to personal information and easy to guess. For example the full name, or a combination with the year of birth.
3. Using a VPN
The next tip for Sinaumed’s to avoid doxing crimes is to use a Virtual Private Network or VPN. By using a VPN, Sinaumed’s can surf the internet more safely and avoid doxing crimes.
This virtual network can increase connection security and protect personal information when Sinaumed’s is active on the internet.
4. Improve privacy settings on each account
To increase security, Sinaumed’s can activate multi-factor authentication for every social media account that Sinaumed’s has. This security feature requires users to carry out a two-step verification on each application, website or on other platforms. With these two-step verification, login activity will be more controlled and maintained.
5. Be wary of phishing
One of the actions taken by doxing actors to carry out their actions is by phishing. Usually phishing is done by sending a link claiming to be from a certain party or agency so that the user clicks on the link and the perpetrator can steal the identity or data on the victim’s cellphone or social media.
The way to avoid phishing is not to carelessly click on links distributed by other internet users, whether from private messages, emails or posts on social media.
Victims of doxing are not only harmed because their personal data is spread. Many of the victims of doxing then become targets of harassment in person or via the internet. It is not uncommon for some doxing victims to receive fake registrations or swatting, namely sending a number of armed police through tips or fake reports.
It should be noted that doxing can occur even if a person’s personal data is not used for public consumption. The perpetrator can use the personal data for extortion or to force the target to do certain actions. In addition, there are also perpetrators who choose to take photos of victims instead of taking over their social media accounts.
The perpetrator often controls the victim because the victim is afraid of the threat. As such, doxing is a standard tactic of online harassment and has been used by many individuals in the vaccine controversy, Gamergate and others.
The act of doxing is also very commonly used by cyber troops or buzzers in political campaigns in Indonesia. In general, the aim of cyber intimidation was towards activists and parties who were against the issues being raised at that time.
The practice of doxing by buzzers has become a modus operandi, although not all buzzers agree with this method of doxing . Doxing was also used to intimidate critics of the New Normal policy and the Job Creation Law.
What If Sinaumed’s Becomes a Victim of Doxing?
Anyone can become a victim of doxing, either because it was intentional or because the perpetrator was just curious. There are five countries that have laws regarding doxing . One of them is Indonesia.
In Indonesia, there are two laws that Sinaumed’s can use if Sinaumed’s becomes a victim of doxing. The first law is Law no. 11 of 2008 concerning Information and Electronic Transactions article 28 which reads, “Every person intentionally without the right to disseminate information intended to cause hatred or hostility towards certain individuals and groups of people, based on religion, ethnicity, taste and intergroup (SARA) is a prohibited act.”
However, if the information disseminated is identity card information, it will be protected by Law NO. 24 of 2013 concerning Public Administration Article 58 which reads, “Whoever disseminates population data, will be subject to a maximum prison sentence of two years or a maximum fine of IDR 25 million.”
Because there are laws that clearly regulate doxing, Sinaumed’s doesn’t need to worry or be afraid to report doxing perpetrators. Apart from that, there are several things that Sinaumed’s can do if Sinaumed’s becomes a victim of doxing, here are the explanations.
1. Report to the authorities
After learning that Indonesia has laws governing doxing , Sinaumed’s doesn’t need to be afraid and can immediately report doxing perpetrators to Sinaumed’s.
2. Documenting evidence
To be able to report doxing, Sinaumed’s needs to have evidence showing that Sinaumed’s is a victim and that the doxing attack occurred.
Sinaumed’s can screenshot evidence relating to the doxing attack. For example information from usernames, pages or uploads that share data and personal information belonging to Sinaumed’s.
3. Protect personal accounts
To prevent doxing attacks from getting worse, Sinaumed’s must immediately protect personal social media accounts by changing passwords and protecting personal accounts.
To protect personal accounts, Sinaumed’s can contact the bank, then ask to block the account to make it safer and avoid unwanted crime.
Thus the explanation regarding doxing is the act of disseminating one’s personal information on the internet without permission. Sinaumed’s who wants to know about other cyber crimes, can get information by reading books.
As #FriendsWithoutLimits, sinaumedia.com provides various kinds of original and quality books for Sinaumed’s! Don’t hesitate to buy books at sinaumedia! Reading lots of books and articles will never hurt you, because Sinaumed’s will get #MoreWithReading information and knowledge.