Doxxing Can Ruin Your life. Here’s How (You Can Avoid It).

Share and earn Cybytes
Facebook Twitter LinkedIn Email

A few hundred years ago, Hansel and Gretel were living in a German land struck by famine.

Their stepmother despised the two children, and used the famine to manipulate their father to abandon them in the woods, claiming there were too many mouths to feed.

Hansel learned of her plan, and used breadcrumbs to leave a trail on the road. After they were abandoned in the wood, Hansel and Gretel simply needed to follow the breadcrumb trail to find their way back home.


This is a children’s story of course, but using breadcrumbs to find your way back to a destination has stuck in the popular imagination.

So why do we write about a children story on a cybersecurity blog?

Because most of us are careless with the information we share on the Internet, and leave behind a trail of breadcrumbs a cybercriminal can use to find out your real identity, not the fictitious one you created for your Internet life.

This is called doxxing, and has messed up the life of more than one person.

What is doxxing?

Doxxing is a cyber attack that involves discovering the real identity of an Internet user, or uncovering other valuable personal data, by analyzing pieces of information he/she leaves online, and finally broadcasting the data to the public.


The term “doxxing” comes from the expression “dropping dox”, which was revenge tactic used by hackers where they dropped malicious information on a rival.

Nowadays, doxxing is used to shame or punish people who would rather stay anonymous, because of to their controversial beliefs or other types of non-mainstream activity.

A textbook definition of a doxxed person: violentacrez

Michael Brutsch created an online persona named violentacrez for the Internet messaging board Reddit.

Over the years, he created a reputation as a troll because of his posts on the website. For instance, he created subreddits (subforums) around misogyny or sexualized photos of underaged women.

For a long while, Michael Brutsch succeeded in keeping his online identity, violentacrez, a secret.

But Gawker journalist Adrian Chen managed to connect Michael Brutsch to violentacrez, and then went public with the information. In other words, Michael Brutsch was doxxed.

Chen was able to do the doxxing because Michael Brutsch took risks with his identity. For one, he actually met Reddit users in real life, in meetups and parties. In photo shoots, he asked for his face to be blurred. Not only that, but he also hosted a podcast, which Chen used in a phone call with Michael Brutsch to see if the voices matched.

After he was doxxed, Brutsch ended up losing his job and enduring a very public shaming, which was made even worse by his decision to do a CNN. After this episode, there is little information to go around as to what happened next to Michael Brutsch. But his life as a notorious Reddit troll is just one search away.

Her naked images were revealed on the Internet, alongside her name and address

This user’s life was turned upside down after naked photos of her were posted on the infamous website 4chan. By the time she wrote her story, 24,000 men had seen her photos. Her Facebook inbox was filled with soliciting messages from men she never knew. Some of them physically went to see her at the address posted by the 4chan doxxer.

In her words, she became an Internet commodity.

Doxxing turned her body into an internet commodity.
Click To Tweet

She was doxxed by a famous Instagram page

What happens if you take a stand against a popular Instagram page that posts sexist content?  Quite a lot as this journalist would find out.

Stef wrote a series of critical comments on the photos from a famous Instagram account. Her comments touched a nerve, so the admins retaliated by publicly revealing her name, her partner’s name, her telephone number and address, with an explicit instruction to harass Stef.

The fans duly followed the instructions and insulted Stef with racist comments, unearthed some of her business ventures as well threatening to reveal her Social Security Number.

The harassment eventually died out, but only after Stef went through complicated legal hoops and issued DMCA takedown notices.

The methods used to doxx you

Cybercriminals and trolls can be very resourceful in how they doxx you. They can use a single clue, and then follow it up until they slowly unravel your online persona and reveal your identity.

Here’s what you should look out for if you want to stay anonymous on the web.

Revealing your identity through the information you post

The more you write on forums and message boards, the higher your chances become of accidentally revealing personal information about you.

You don’t even have to outright say where you live. Instead, it’s possible to roughly pinpoint your location by way of elimination.

For instance, you make a post saying you don’t live in the Americas. In another you said you wanted to visit a different continent, so you chose Asia.

With only two posts, the cybercriminal made an educated guess you most likely lived in Europe.

In another post, you said Walmart isn’t present in your country, but that Carrefour is the dominant retail chain.

By now, your possible location has been narrowed down to 3-4 countries.

As the doxxer keeps sifting through your information, he slowly figures out what country you live in, and even your current city.

A doxxer can use what you post on forums to reveal your identity
Click To Tweet

Packet sniffing

Packet sniffing is a hacking method where the doxxer intercepts your Internet data, looking for valuable information about you, such as emails, passwords, credit card data and so on.

Basically, the doxxer connects to a network, such as a Wi-Fi, breaks its security measures and after that he intercepts all of the data coming in and out of the network.

What’s more, the malicious hacker has access to this data in real time, so everything you type in a form, will simultaneously show up on his screen.

Here’s a more thorough guide on how you can protect yourself from wireless sniffing.

Matching information between online persona and social media profile

Ross Ulbricht was the founder of infamous dark net website Silk Road, which traded drugs, guns and so on.

To hide his identity, he used the nickname “Dread Pirate Roberts”.

The police was able to connect Ross Ulbricht and Dread Pirate Roberts partly because both of these “personas” said they were a) libertarians b) followers of the Mises Institute c) both of them wanted to create “an economic simulation of what it would be like to live in a world without systemic use of force”.

During the trial, Ross Ulbricht built his defense claiming he gave away the Dread Pirate Roberts account, and someone else made Silk Road the Internet’s hot spot for illicit trade.

As far as coincidences go, this was a bit too much to believe. The judge threw out the defense and sentenced Ross Ulbricht to a long time in jail.

I bet you never really expected Clark Kent to actually be Superman, did you?

Doxxers analyze file metadata

Microsoft Office files such as Word or Excel documents have something called “metadata”.

This is information about the document, which you can find by right clicking a Microsoft Office file -> Properties -> Details



This section contains data about who made the file, when, from what computer, the company who made it and even total editing time.

Simply by glancing over this metadata, a doxxer can learn a great deal about you. Here’s a guide by Microsoft on how to limit the amount of metadata you share with a document.

But it’s not just Microsoft Office files that remember metadata, even photos have something similar called EXIF data. This contains data regarding camera or smartphone model, resolution, location (if you enabled GPS) and time when it was taken.

Doxxing through IP logging

IP loggers are tools used on the Internet to sniff out a person’s IP address. In a nutshell, these loggers attach an invisible code to a message or email, and once the receiver opens the message, the code tracks his IP address and secretly sends it back to the IP logger.

Doxxing prevention

Protect your IP address with a VPN/Proxy

VPN is short for Virtual Private Network, and acts as a filter for Internet traffic. Basically, the traffic from your PC or other device goes into the VPN and acquires its identifying properties, meaning its IP address, location and any other similar data. It even encrypts your data and makes it so that even your ISP isn’t able to figure out your IP address.


An IP logger, for instance, wouldn’t reveal your real personal IP, but the IP of the VPN.

proxy server is a bit different than a VPN, even though it works on roughly the same principles. For one, a proxy server doesn’t encrypt your data like a VPN does, so an ISP knows your real IP address at all times. Since your Internet traffic isn’t encrypted, it’s also more vulnerable to hacking and other interception methods.

Don’t use the Login with Facebook/Google buttons

Most apps and websites that require you to register now use the “Login with Facebook” or “Login with Google” buttons.

These login methods register you on the website by using the email you used to create your Facebook or Google account.

But on top of that, you will automatically give the website information attached your Facebook/Google account, such as current city, job, phone number, your native language, family info and more.

Sure, it’s not as convenient, but by introducing your data manually, you can control the type of information the website has about you.

Don’t use your personal email to register on forums or other similar websites.

Chances are your main email goes something like this: [firstname][lastname]

It’s a simple, professional looking combination. However, it immediately gives away your identity if someone learns it.

In most cases, forums have weak security measures so malicious hackers can break into them and then leak the emails used to register the accounts.

But if the website publicly displays user emails, then all an attacker needs to do is to simply check out your user profile.

So as a takeaway advice, use a different email than your main one when registering on forums or message boards.

Hide your personal data from a website’s WHOIS.

Owning a blog or website requires that you register the Internet domain with some personal information. This information is then stored into a database called WHOIS.

The problem is that this database is public, meaning everyone can see the information used to register a website, including addresses, phone numbers and so on. Below you can find the WHOIS information for

However, by paying a small fee, you can hide some of your personal information from the public search.

To edit your information, simply go to your domain registrar and see what options they provide for you to make your WHOIS information private.

Remove yourself from data broker websites

Some websites function as a sort of Yellow Pages, mining the Internet for data and gathering it all in one place. This can include an address, social media profile, photos, phone number, email.


If you find this hard to believe, then simply check out http://www.peoplefinder.comor We warn you though, the amount of information stored in this sort of databases can be downright creepy.

Fortunately, most of these companies offer a way for you to opt out and remove any information they have about you. Unfortunately, this is bad for business, so they make it as difficult and time-consuming as possible.

The service we previously recommended, DeleteMe, cleans up all this information for you, so you don’t have to.

Make sure Google doesn’t have any personal information about you

This can be a pretty tough undertaking, since you would have to go up against one of the world’s biggest corporations.

Simply google your name, and see if you’ve revealed who you are on internet forums, Reddit, niche social networks, messaging boards or any other similar websites.

Delete any information you find, including the accounts if they aren’t valuable to you anymore. If you don’t have access, ask the web administrator to do it for you.

If you want to outsource this effort to another company, then we recommend you check out DeleteMe, which specializes around removing your personal data from the Internet.

Know your rights, and use the law whenever possible

If you live within the EU or Argentina, then you benefit from a so called “right to be forgotten”. This allows you to petition a search engine to remove a search results concerning you.

The legal options available in the United States are more limited, but Google for one does offer an option for you to remove content about you.


Reading this, you might say you’re safe from doxxing because you don’t have anything to hide, but is that really true? Not to imply that you might do anything immoral or illegal, but everyone has some aspects of their lives that they would rather keep private, and not share with others, even if those aspects are completely harmless.

That’s why we’ve written this guide, to help you stay safe and anonymous.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Heimdal Security
We protect users and companies from cyber-criminal actions, by keeping confidential information and intellectual property safe. We build products focused on proactive cyber security and we dedicate a big part of our efforts to cyber security education for everyone.
Promoted Content
Expert Roundup: Is Internet Security a Losing Battle?
A while ago, one of our readers asked us to answer the following questions: Is Internet security a losing battle? How come companies are always 1-2 steps behind the fight? How can the bad guys respond so fast?That reader is certainly not the only one with this issue on his mind. Many Internet users feel discouraged by the current state of cyber crime and its consequences, and the rest don’t yet understand why they should care about it. We wanted to do something to change this.Naturally, users like you and me are not the only ones who wrestle this dilemma. Within the industry, cyber security experts are deeply involved in studying the causes and changes which have brought us to this point so they can create better solutions. Each of these experts brings a different perspective to the discussion, because no single person can ever claim to have the full picture.That is why we reached out to some of the most experienced cyber security specialists in the field to gather their thoughts on the topic. We believe that the questions we received are justified and they deserve an honest answer. And you will find plenty of them in the article!

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?