ITRC Solution 37
Doxing and Internet Safety Tips

“Doxing” is the increasingly common practice of tracing internet activity with the purpose of uncovering and then publishing personally identifiable information about the individual. The methods employed in pursuit of this information range from searching publically available databases and social media websites to hacking and social engineering.

In some ways, doxing is a form of cyberbullying, or even extortion. The tactic is often employed when the “doxer” wants to intimidate an individual into a certain behavior. It may be hard to imagine that the average user—you, in this case—would be an attractive target or would engage in any behavior that could cause you to become a victim of this exploitation. But it’s becoming a more and more common practice, mostly because it’s so simple to do and doesn’t require any set technological skill.

One of the unfortunate realities about doxing is that simply uncovering information about someone isn’t a crime; but using it to threaten, intimidate, or extort the victim is. However, some doxers feel completely justified in their behavior. For example, actor Adam Baldwin was doxed because of his involvement in a controversial movement entitled #GamerGate along with “Business Journal” columnist Milo Yiannopoulos and four other people.*. The doxer was apparently offended by their public stance on this controversial issue and punished them for their crimes with the release of personal information in a document posted on Pastebin that could be accessed by the public. Baldwin’s personal phone number was exposed, and other people had their parents’ addresses, their own addresses, and birthdates released. The sender threatened that if activities they found offensive continued “…this list grows”.

There are many ways by which scammers and stalkers can find out things about you just by skimming what you have posted online. Sometimes it can be difficult to understand the long-term implications of posting everyday activities, pictures, or updates about seemingly innocuous information or activities.

People who engage in “doxing” are usually doing it to scare or harass the person they have targeted. If someone targets you and claims to have your information, do not discuss it online or make it public, and do not become confrontational. You may very well be taking the bait the doxer is holding out, and you may inadvertently be confirming the authenticity of the information the doxer thinks he’s acquired. It can also encourage the person to harass you even more in order to get a stronger reaction out of you. Even if he threatens to release the information online, do not confront him or talk about it online. Report it to online moderators, and be sure to report the situation to the police as stalking or cyberbullying, so there is a confirmed paper trail of the initial behavior if the situation escalates.

The following information contains some suggestions that can help you stay safe online:

* RalphReport -

Related Links:

FS 115 - When you personally know the thief

FS 124 - Credit Freezes and Fraud Alerts

FS 132 - What are Identity Theft Products?

FS 144 - Smartphone Safety

FS 145 - Smartphone  Threats

FS 146 - Smartphone Privacy and Security

FS 147 - Risks of Mobile Applications


This fact sheet should not be used in lieu of legal advice. Any requests to reproduce this material, other than by individual victims for their own use, should be directed to This email address is being protected from spambots. You need JavaScript enabled to view it.