Doxing

Doxing refers to gathering personal and sensitive information about an individual and releasing it publicly for malicious purposes, such as public humiliation, stalking, identity theft, targeting for harassment, or attempts to silence the individual. Doxing may be conducted by researching public databases, hacking, or through social engineering. The term "doxing" is derived from the phrase "dropping dox (documents)."

Doxing often involves hackers attempting to embarrass or shame individuals by publishing confidential information, images or videos obtained from their personal accounts. Initially, doxing was used by hackers to "out" the identities of fellow bad actors/hackers. However, more recently, it has been used to attack users with opposing viewpoints.

Santa Monica College has deployed numerous security measures to protect sensitive information about its students and employees. In the section below—Tips to avoid doxing—we encourage everyone to adopt similar safeguards in their own online activities.

Collapse

Tips to avoid doxing

Adjust your social media settings:
- Ensure that your profiles, usernames/handles are kept private
- Remove any addresses, places of work, and specific locations from your accounts
- Set your posts to “friends only"
- Avoid discussing personal information that could be used against you, as well as anything that can identify your address, workplace or contact information
Use secure Wi-Fi networks or Virtual Private Networks. If you must use public Wi-Fi, turn off the public network sharing functionality on your device
Use strong and unique passwords, especially for your most important accounts, e.g. financial, email, government, etc.
Vary usernames across platforms.
Create a unique email address for your most important contacts and accounts.
Hide domain registration information from WHOIS (a database of all registered domain names on the web).
Monitor and remove your personal data collected by websites and data brokers. For information, see https://inteltechniques.com/workbook.html
Conduct periodic searches of your name and other personal details to see what information is publicly available online.
Consider using services that help track and remove unwanted personal data from the internet.

What should I do if I experience doxing?

Document the abuse by saving evidence like screenshots, URLs, and any communication related to the harassment, as these will be useful if you decide to report the incident.
Request takedowns contacting website hosts or platforms to request removal of your information. Platforms like social media sites often have dedicated channels for reporting and taking down harmful content.
Report the incident by contacting local authorities.
Seek legal advice to understand your rights, especially if you're dealing with threats or other forms of harassment.
If the doxing involves your workplace, inform your employer and request support. This may include internal policies for responding to harassment. If the doxing is sub-related, the employer should be prepared to offer assistance, including providing security measures, helping with content removal, and offering resources for coping with the emotional impact.
Take care of your mental health. Dealing with doxing can be stressful and emotionally taxing. Take time for self-care and seek professional support, including counseling or talking to a trusted colleague or supervisor

Additional links that provide guidance on Doxing prevention

US Department of Homeland Security: Resources for Individuals on the Threat of Doxing
American Association of University Professors: Dox Defense Resources
National Cybersecurity Alliance: Manage Your Privacy Settings - National Cybersecurity Alliance
PEN America: Managing Your Online Footprint and Protecting from Doxing - Online Harassment Field Manual
National Center for Free Speech and Civic Engagement: Tweets, Threats, and Censorship: Campus Resources to Support Faculty Through Incidents of Targeted Harassment

Reporting of doxing incidents

Santa Monica College has a reporting procedures for doxing incidents. You can report doxing by using the form found here. Upon submitting the form, the College will reach out to you.

If you feel unsafe, call the Santa Monica College Police Department (310-434-4300). If you or those close to you are in imminent physical danger or there has been a direct threat of physical violence, you should immediately call 911.

Doxing

Protect Yourself from "Doxing"

Tips to avoid doxing

What should I do if I experience doxing?

Additional links that provide guidance on Doxing prevention

Reporting of doxing incidents