Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  6. Doxing

Author: Government Security Group

Doxing

The action or process of searching for and publishing private or identifying information about an individual on the internet, typically without consent and with malicious intent

Doxing as defined by the CPS involves the malicious publication of personal identifying information, such as home addresses, with the intent to harass, silence, or threaten individuals. This can form part of a broader spectrum of harmful online activities that can stem from misinformation and disinformation and lead to other forms of malicious communication.

Misinformation – false or inaccurate information spread unintentionally without malicious intent, and disinformation – deliberately false information spread maliciously to deceive, can both contribute to the environment in which doxing occurs.

For example, misinformation about an individual’s actions or beliefs can lead to targeted harassment, while disinformation campaigns can incite online mobs to engage in doxing as a form of punishment.

How does doxing work?

Doxers only need minimal clues to begin. For example, your name, email and social media profiles. Most people have lots of personal information available for public view. A basic web search can yield a wealth of data to allow the doxer to begin building your profile.

Examples of doxing in practice

Having your beliefs and personal details being published to a target audience, for example, someone’s pro-hunting opinions being shared with anti-hunt campaigners. 

Publishing details of your employment if your job is seen to be contentious, controversial or political. People in certain government roles, for example, may be targeted by hostile states and threat actors, and can be more vulnerable when working or travelling abroad.

Why should we be concerned?

Doxing has become a way of publicly shaming high-profile figures and celebrities, but anyone can become a victim, depending on the motivation and aims of the doxer.

Once personal information is exposed, it can lead to various forms of malicious communication. Victims may receive threatening messages, experience cyberstalking or harassment. The CPS categorises these actions under offences such as cyberbullying, trolling and malicious communications. These activities invade an individual’s privacy and can pose significant risks to their safety and wellbeing.

How to protect yourself from doxing

Tighten up your online presence by following this security advice

NPSA’s Digital Footprint Campaign contains a range of useful material to help you understand the impact of your digital footprint.

GSeC International Overseas Security Guidance contains advice for civil servants travelling and working overseas including country-specific guidance.

Internet activity – regularly delete your internet activity and use privacy settings across social media. Do not reveal your security clearance for example on LinkedIn. For detailed guidance, visit NCSC’s Social Media: how to use it safely.

App permissions and privacy settings – check all app permissions on smartphones and tablets. Tighten up privacy settings and think about what is public. Make posts and images visible to friends only.

People-finding sites – remove your information from websites like 192.com. These may show old addresses, current address, date of birth, email and phone number and can be accessed for a small fee.

Logins – Never sign into a website via Google or Facebook as this automatically gives the site access to data in these accounts. Enter through the site’s own login.

Email – Keep a personal account for yourself and close friends. Have a separate email for use on forums and websites.

Phone number – don’t post it online unless absolutely necessary.

Passwords – ensure they are strong and secure and use a different password for each account. Use three random words as per NCSC guidance. If you’re given the option, use 2-step verification (2SV) or multifactor authentication (MFA).

How to respond if you fall victim

Depending on the severity of the attack and potential threats, legal action may be required. Contact local police for assistance.

In addition:

Monitor online activity – monitor social media accounts in case attackers post defamatory content about you or your organisation online. If this happens, report offensive posts or comments immediately.

Secure your data – secure any exposed data by changing passwords across all accounts with an affected user profile, including email addresses.

Limit information shared online – especially on public forums and social media where people may search for targets using keywords related to location, job title or interests. Avoid details and photos that identify where you live or work.

Contact your security team
If the doxing has occurred because of your work or role, contact your security team as soon as possible.

Try to remain calm
Try to stay calm and assess the extent of the exposed information. Determine what personal details have been shared, such as your address, phone number, or email for example. Understanding the severity of the situation will help you respond more effectively.

Document the doxing
Document the doxing as soon as possible. Take screenshots of the exposed information, including URLs, timestamps, and any accompanying comments. This documentation can be crucial if you need to report the incident to authorities or platforms where the information was shared.

Report the incident
Report the doxing to the relevant platforms or websites. Many social media sites and forums have policies against doxing and will remove content that violates these rules.

Consider reporting the incident to the authorities, especially if you feel your safety is at risk.

Report it to your employer, especially if you feel doxing has occurred due to your work.

Protect your financial accounts
If doxers have published your bank account or credit card numbers, report this immediately to your financial institutions(s). You will also need to change the passwords for your online bank and credit card accounts.

Consider your physical safety
When the doxing event happens assess your personal safety – if you feel threatened, in danger or at risk, call the police on 999 and get yourself to a safe location.

If you are at work seek support from colleagues and the security team.

If your home address or other sensitive location information has been exposed, take steps to protect your physical safety.  Also consider telling close friends and family to ensure they are aware and can take appropriate steps but can also support you.

Seek support
Seek emotional support from trusted friends, family, or mental health professionals. Being doxed can be stressful and traumatic and it’s important to talk about it with someone who can provide support and guidance.

Online support groups for doxing victims may also offer advice and reassurance.

For more detailed guidance see:

NCSC’s Social Media: how to use it safely

Securing your devices – NCSC.GOV.UK

NPSA’s Digital Footprint Campaign

GSeC International Overseas Security Guidance

Registered charity The Cybersmile Foundation offers doxing advice and support

Doxing e-booklet

Doxing e-booklet.

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now