1.1 k

Understanding Doxxing in the Crypto World

When experts claim “data is the new oil”, it may be hard to understand all the statement’s implications. But, in short, information and data are receiving a higher valuation on the market year after year.

A few decades ago, Wall Street saw energy-related companies among those with the highest market cap. Today, the attention has moved towards data-based companies, such as social networks.

Of course, the other side of the data-coin is that information online is becoming more sensitive. Unfortunately, not everyone on the Web has good intentions, and this is where doxxing comes to mind.

Our article will give more details on the doxxing phenomenon, summarizing several typical practices belonging to this group. But, most importantly, we will provide information on preventing doxxing and responding to it.

Understanding doxxing

Today, more than ever, we all deal with documents online. Many of us frequently shorten the “documents” word into “docs”. The “doxing” (or “doxxing”) neologism derives from this usage.

A typical doxxing process consists of three steps:

  • First, collecting information: websites such as social networks provide a wide range of data on users. Anyone with average technological skills can retrieve personal information from most people.
  • Compiling information: once someone collects data from different sources, users can connect the various pieces of information.
  • Sharing information: having collected sensitive information on somebody, users could decide to share them against standard privacy rules.

Doxxing aims at revealing sensitive information about anyone online. However, the practice can bring more damage when a user desires to remain completely anonymous online.

Since blockchain and cryptocurrencies primarily rely on an encrypted system, doxxing is a real issue in the industry. Therefore, let us introduce a few typical forms of doxxing in the following section.

Types of doxxing

Doxxers have several tricks that they can use to achieve their illicit goal. Listing the most common strategies may help users avoid falling into these traps:

  • IP and ISP doxxing: it may surprise you how easy it is for hackers to retrieve IP addresses. With it, anyone can recover your physical location.
  • Spoofing: even worse, hackers may contact your internet service provider (ISP) and collect sensitive data. All they need is to make an ISP worker believe they are calling from your address (using the spoofing technique).
  • Social network doxxing: social networks typically allow users to make their profiles private. Doxxers take advantage of people who disregard this step.
  • Beware of “data brokers”: most people find online terms and conditions too long and complex to read. Many websites deliberately sell your data to third parties without guarantees on their intentions.
  • Sniffing: sniffing software can intercept online data exchange, another popular doxxing technique.
  • Phishing: a seemingly ordinary email or message may push us to click on a link. Doxers typically exploit this mechanism to download sensitive data on their victims.

Is it possible to avoid doxxing?

Designing a strategy to avoid doxxing may be too optimistic. However, we can certainly reduce the risk of falling for it.

VPN services, for example, allow users to establish internet connections by using different IPS. Even better, anyone can ask these systems to rotate their IP addresses, hence avoiding a common doxxing strategy.

While platforms such as Google and Facebook have made significant steps toward data protection, no one should trust them blindly. Think carefully before using these services to log into third-parties websites. If doxxers gain access to these accounts, you may find yourself in trouble.

Social doxxing prevention starts with making our online profile private. Whenever it is possible, go for the tightest privacy settings.

You may have heard that deleting a social network account does not trigger the elimination of your data. Unfortunately, the debate on the matter is still ongoing, making it vital to avoid sharing sensitive data on social media.

The recommendation on being careful with the data you share applies to a broad set of other media. As a general rule, we should always read the online terms and conditions whenever we create an account.

Not everyone may know that many websites clearly state that they may sell your data to advertisers. Since we do not know who these advertisers are, our data may fall into the wrong hands.

Everything we have mentioned is particularly true for the encrypted world of blockchain, with a further recommendation. Those using services such as MetaMask should always be careful before connecting a wallet to a new website.

The simple connection cannot, per se, lead to a loss of tokens. However, as users report on Reddit, nothing can stop a doxxing website from retrieving your IP address.

How can doxxing victims respond to the attack?

In doxxing, as in other domains, prevention is better than cure. Unfortunately, at the moment, the tools we can use to fight doxxing are not particularly sophisticated.

First, we should note that doxxing is illegal, but the policymakers appear to be slower than doxxers. In the U.S., the matter is still in the hands of single States, with no Federal legislation.

To make the matter even more complicated, not all States have bills that specifically address the issue. Other authorities seem to treat the subject on a case-by-case basis.

In general, doxxing victims can and should report any related matter to the police. However, the national cybercrime authorities in the country typically handle the case.

It may be a good idea to respond by locking social media accounts. Changing any password and even creating new online profiles are also effective operations.

Final thoughts

Doxxing is among the new problems we discovered following the digitalization of the world economy. Since new issues require innovative solutions, we are all looking for the right way to tackle the matter.

Bitcoin live price
price change

Cyber education is becoming more and more important nowadays. For example, distinguishing between a legit message and a phishing attempt is an essential skill. Furthermore, a data-driven world needs to have data-educated citizens, and we should always keep this in mind.

Stay up to date with our latest articles

More posts

Here are the Benefits of Auditing Your Smart Contract with SolidProof

Auditing a smart contract is vital to ensure that the code functions as intended. SolidProof offers a wide range of services to help with this process. The company guarantees a sound audit process and an experienced team of auditors.  Here are the benefits of auditing a smart contract with a reputable company such as SolidProof: A wide range of services: SolidProof offers a wide range of services to help with the audit process, including code review, security analysis, and more.…

Smart Contracts Vulnerabilities Specific to The DeFi Space

As the financial world moves increasingly online, it's becoming more and more essential to ensure that all transactions run securely. One way this is possible is through the use of smart contracts.  Smart contracts are computer programs that automatically execute the terms of a contract. They provide a secure way to conduct transactions without relying on third-party intermediaries.  While the use of smart contracts offers many advantages, they are also vulnerable to attack. In this blog, we will explore how…

Real Yield: The Top DeFi Tokens for Generating Actual Revenue

This year’s brutal bear market has claimed a sizable batch of crypto startups and nascent coins. To weather the volatility, the long-term believers in decentralized finance (DeFi) are in search of one thing: “Real Yield.” The term has grown in popularity among those looking for hidden gems in the market for decentralized finance applications. More importantly, it marks an appetite for responsible crypto investment opportunities that can outlast a turbulent market cycle.  So what exactly is “real yield” in the…

Get Top Notch Smart Contract Audit and KYC Services for your Crypto Project with Solidproof

Solidproof is one of the top auditors in the crypto industry with an increasing offer of smart contract auditing, KYC, and marketing services. The German company has developed quickly since its inception in 2021, building a vast portfolio of prestigious and successful clients. The DeFi space is a nourishing environment for crypto and decentralized finance projects. However, it is also a breeding ground for scammers, multi-million hacks, fraud, and money laundering. Protocols running on faulty codes risk exposure to cybercriminal…

How Does KYC Work in the DeFi Space?

Decentralized finance (DeFi) has the potential to reach mainstream adoption and empower people worldwide financially. However, without regulations and identity control, it can easily become a platform for scams, fraud, and money laundering. The paradox is that by introducing stricter control on who can access DeFi products, the industry loses its "decentralization" factor. After all, this is what set it apart from traditional centralized finance (CeFi) in the first place. This is where KYC (Know Your Customer) standards come in…

The Importance of Smart Contract Auditing

Smart contracts are the innovation that propelled blockchain technology to where it is today. This invention fulfills the agreement between all the parties in a deal without the need for intermediaries. As a result, it boosts the security and immutability of a blockchain network, allowing numerous and diverse applications to develop. Unfortunately, smart contracts are not flawless and could lead to million-dollar losses if hackers can exploit their tinniest loopholes. For example, some famous attacks on smart contract code glitches…

How Smart Contract Audit and KYC Secures the DeFi Space

The decentralized finance (DeFi) space has developed substantially in the past three years. However, the threat of hacks and scams still looms large on the horizon, leading to FUD (fear, uncertainty, and doubt) in users and projects. Fortunately, smart contract audit and KYC services can tilt the balance towards a secure, more lucrative future for this sector. Auditing companies ensure that investors get behind real and feasible projects. Moreover, KYC standards guarantee the reliability of development teams and reduce malicious…

How SolidProof Ensures Transparency and Security through Audit and KYC Systems

Solidproof is among the most trusted blockchain security and smart contract auditing companies in the crypto market today. The Germany-based company has its objectives to fix the security and transparency issues smothering the crypto space. Unfortunately, as the industry attains more progress, so do the opportunities for bad actors to victimize honest investors. According to a yearly report on crypto crimes by Chainalysis, $14 billion of all transactions in crypto in 2021 were associated with scams or money laundering. These…

Top 10 DeFi Tokens To Invest In 2022

DeFi or decentralized finance tokens continue to be the center of attention in the crypto realm. Many individuals have started to make the most out of DeFi coins. After all, DeFi coins make it possible to address outdated issues in the financial sector. The truth is that DeFi coins have had consistent demand, and this trend continues to head in an upward direction. But once you’re interested in investing in decentralized finance, the key is to choose the “right” DeFi…

Understanding Doxxing in the Crypto World

When experts claim “data is the new oil”, it may be hard to understand all the statement's implications. But, in short, information and data are receiving a higher valuation on the market year after year. A few decades ago, Wall Street saw energy-related companies among those with the highest market cap. Today, the attention has moved towards data-based companies, such as social networks. Of course, the other side of the data-coin is that information online is becoming more sensitive. Unfortunately,…