{"id":16692,"date":"2019-10-25T08:10:03","date_gmt":"2019-10-25T16:10:03","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/10\/25\/news-10431\/"},"modified":"2019-10-25T08:10:03","modified_gmt":"2019-10-25T16:10:03","slug":"news-10431","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/10\/25\/news-10431\/","title":{"rendered":"How to protect yourself from doxing"},"content":{"rendered":"

Credit to Author: Osama Tahir| Date: Fri, 25 Oct 2019 15:37:31 +0000<\/strong><\/p>\n

\u201cAbandon hope all ye who enter.\u201d <\/em><\/p>\n

This ominous inscription affixed atop the gates to Hell in Dante\u2019s Divine Comedy<\/em> applies peculiarly well to describe the state of the Internet today. <\/p>\n

It\u2019s hard to draw a parallel to the utility that the Internet has offered to modern civilization\u2014perhaps no other technological innovation has brought about greater change. Yet, one of its many consequences is the steady erosion of individual privacy, as cybercriminals (and even regular users) become more creative with malicious activities perpetrated against others online.<\/p>\n

Among the many harmful techniques of threatening a user\u2019s online privacy is doxing. Doxing<\/a> refers to the collection of a user\u2019s private information, which is inevitably spread across multiple platforms (including social media), and publishing it publicly. Doxing may be conducted by researching public databases, hacking, or through social engineering<\/a>. While there are some legitimate reasons for doxing, such as risk analysis or to aid in law enforcement investigations, it\u2019s mostly used to shame, extort, or enact vigilante justice. <\/p>\n

The act of doxing poses serious dangers not only to the privacy of an Internet user, but also to their physical safety. It\u2019s not uncommon for a doxing victim to be harassed in person or be targeted for swatting<\/a> spoofs. Nonetheless, you can take some effective measures to prevent becoming a potential victim of a doxing attempt. <\/p>\n

1. Make all social media handles\/usernames private<\/h3>\n

It is a fairly simple matter for anyone stalking you online to cross-reference your multiple online personalities (read usernames\/handles) from different social media platforms. If all your profiles are visible at a single click to any random Tom, Dick, or Harry with a working Internet connection, you may be leaving yourself open to doxing.<\/p>\n

The good news is that most popular social media platforms have considerably improved their privacy controls. It is advisable to explore privacy settings for all your profiles, and keep personally identifiable information, such as your phone number, addresses, and other sensitive data invisible to anyone you don\u2019t know.<\/p>\n

2. Use unique usernames for each platform<\/h3>\n

The easiest way to make yourself target practice for someone learning the art of doxing is to use the same username for every online message board, social media, and service you are using. Avoid this at all costs\u2014unless you are developing an online persona or influencer program. If so, hiding personal details associated with those profiles becomes even more imperative.<\/p>\n

For the rest of us, it\u2019s wise to have a unique username for different situations and compartmentalize usernames on the basis of purpose. For instance, if you use Instagram, comment on an online gaming forum, and participate in a community for political discussions, use a different username for each of these purposes, with no obvious connection between them. For this reason, we don\u2019t recommend using social media profiles to sign in to other services<\/a> (i.e. sign in using Facebook or Twitter).<\/p>\n

Separating online account identities makes it quite difficult for anyone that might take an interest in launching a doxing attack against you to collect all the necessary pieces to form a true identity. And while it can be frustrating to manage so many different usernames and passwords, software such as password managers<\/a> can assist in the juggling act.<\/p>\n

3. Be wary of online quizzes and app permissions<\/h3>\n

The philosophy of maintaining online privacy is simple: limit sharing of personal information online unless absolutely necessary. Online quizzes and needless mobile app permissions are the antitheses to this philosophy.<\/p>\n

Online quizzes seem completely innocent, but they are often goldmines of personal information that you happily provide without thinking twice. For example, some parts of a quiz may even serve as security questions to your passwords. Since many quizzes ask for permission to see your social media information or your email address before showing who your spirit animal is, they can easily associate this information with your real identity.<\/p>\n

As we saw with Facebook\u2019s Cambridge Analytica fiasco<\/a>, those online quizzes aren\u2019t always as innocent as they seem. Without much context on who is launching the quiz and why, it\u2019s best to avoid taking them altogether.<\/p>\n

Mobile apps are also rich sources of personal data. Many apps ask for access permissions to your data or device that shouldn\u2019t concern the app software at all. For instance, an image editing app has no logical use for your contacts. If it\u2019s asking to access your camera or photos, that makes sense. But if it also wants to look at your contacts, GPS location, and social media profiles, there\u2019s definitely something fishy going on.<\/p>\n

So while we can\u2019t say \u201cavoid downloading apps that request permissions\u201d altogether, we do recommend you take a good look at which permissions are being requested and consider whether they\u2019re necessary for the app to function.<\/p>\n

4. Use VPNs<\/h3>\n

VPNs (virtual private network) hide your IP address from third parties on the web. Normally, every website that you access can see your IP, which can reveal a lot about you, such as the city you are located in and even your real identity. VPNs boost your online privacy by giving you a fake IP address associated with a different location, which can easily throw off a doxer trying to track your trail.<\/p>\n

The only problem is that there are a lot of VPNs out there, and not all of them are secure. The task of choosing one that suits your needs can be made easier with VPN comparison resourcessuch as this<\/a>, as well as our article on mobile VPNs<\/a>.<\/p>\n

Learn how to configure your VPN to support all devices in your home network. Read more: One VPN to rule them all<\/a><\/em><\/p>\n

5. Hide domain registration information from WHOIS<\/h3>\n

WHOIS<\/a> is a database of all registered domain names on the web. This public register can be used to find out details about the person\/organization that owns a given domain, their physical address, and other contact information\u2014all the stuff doxers would love to get their hands on.<\/p>\n

If you are planning to run a website (domain) anonymously without giving your real identity away, don\u2019t forget to make your personal information private and hidden from the WHOIS database. Domain registrars have controls over these privacy settings, so you\u2019ll have to ask your domain registration company about how to do so.<\/p>\n

Final thoughts<\/h3>\n

Online privacy is becoming harder and harder to preserve as our connectedness <\/em>expands, courtesy of the Internet. Organizations look for personal details of their customers for more successful, targeted marketing opportunities. Applications request private information to support functionality\u2014and sometimes ask for too much. Social media networks and search engines mine personal data for advertising profits. At this point, simply having an online presence is enough to put your privacy at risk.<\/p>\n

At the same time, remember that for a great majority of cases, taking a few extra steps to hide, scatter, or make more difficult to access personal information online can throw doxers off your scent and protect your privacy. This strategy is effective in turning away all but the most persistent doxers from gathering pieces of information about you and publishing it on the Internet. As an added bonus, protecting your PII from doxers also makes it more difficult for cybercriminals to scoop up your details to use in a social engineering attack. <\/p>\n

Perhaps we needn\u2019t abandon all hope online after all.<\/p>\n

The post How to protect yourself from doxing<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Osama Tahir| Date: Fri, 25 Oct 2019 15:37:31 +0000<\/strong><\/p>\n\n\n\n
<\/a><\/td>\n<\/tr>\n
Doxing, or collecting and spreading private information about a user online, is a form of cyber harassment, stalking, and even a potential threat to physical safety. Here\u2019s what you can do to protect yourself against it.<\/p>\n

Categories: <\/p>\n