Doxing: The Dark Side of OSINT

Patrick Putman
 

Exploiting a target is much easier when you know their vulnerabilities. However, learning their vulnerabilities can only come from research. Doxing is a form of Open Source Intelligence. The word originated from an abbreviation of the term “dropping documents.” Doxing is the dark side of OSINT. It is the act of compiling a dossier against the victim and publishing it online. Anyone can fall victim to doxing. The methods used to gather information are the same as those used in OSINT.  Performed through publicly available resources, doxing is similar to OSINT in that the action itself is not illegal. However, when used to exploit, harass or threaten someone, doxing becomes a serious crime.

Often used to harass, coerce, or shame a victim into compliance, vigilante justice is a common motivation for doxing. Additionally, hacktivism is another motive. Hacktivism is the use of hacking for social or political gain. A form of social engineering, doxing can pose serious risk to personal safety. Furthermore, doxing can have implications on cybersecurity as well. And it is for these reasons that doxing is the dark side of OSINT.

Doxing is a Threat to Personal Safety       

Doxing can pose a serious threat to safety by exposing a person or company over the internet. Cyberbullies and Cyberstalkers use doxing as a form of harassment to intimidate or extort the victim. Additionally, doxing can lead to being targeted for physical harassment outside of the internet. This can include innocuous harassment such as magazine signups and fake pizza deliveries. Doxing can also result in the leaking of private photos. But it can also lead to more serious harassment like stalking, or even a tactic known as “swatting.”

Swatting occurs when someone calls the police to report a fake hostage situation to an address. This will elicit a police response which includes the S.W.A.T. team. In 2017, a man was killed by police in the doorway of his own home during a case of swatting in Kansas. A gamer had given his rival a fake address during a dispute, and the rival called police to report a hostage situation. Additionally, a hit list can even be compiled with the use of doxing. Shared online, the hit list can then be used to inspire multiple assailants to participate in a targeted attack.

Threats to Cybersecurity

Doxing can also compromise the cybersecurity of the victim. Hackers may use doxing to extort the individual for financial gain. The victim may be shown their information in an effort to prove the it is genuine. They use it to obtain leverage used to blackmail the victim into compliance. This can take place against either an individual or a corporation.

Security flaws or vulnerabilities can be shared online for hackers to exploit. Doxing and social engineering go hand in hand. Used to obtain information, doxing is a form of reconnaissance. This information is then used to leverage and coerce companies or professionals into compliance.

Through the use of a WHOIS query, hackers can obtain email addresses, phone numbers and names. Additionally, they can even find out the owner of the domain, DNS servers or the names of servers. Once an attacker has this information, they could ultimately use it to discover profiles or company directories. Thus, leading to a targeted social engineering attack.

Protecting Yourself

Doxing can lead to serious data breaches or personal attacks. The first line of defense is to be careful what you share on social media. Social engineers scan profiles looking for information that can be used in an attack. Always be careful what information you give to persons unknown to you. Education on social engineering tactics can prevent attacks and oversharing of personal data.

If you purchase a domain name, choose the private WHOIS feature. This ensures that your information stays more secure against unwanted access. Use multiple emails for online accounts. Do not use the same email for every activity. Searching for yourself online is another tool to protect yourself. knowing what information is online allows you to scrub your accounts and personal data. Closing social media and online accounts that you no longer use is the best way to scrub your information. Protection comes from pro-activity and cyber awareness.

Tags: , , , , , , , ,