How to Prevent Identity Theft & Doxing including for Free
Identity Theft Prevention, Doxing Protection & Removing your Personal Information Online
Learn about identity theft prevention and doxing protection and how to prevent these rising crimes in the first place.
Our materials cover all the practical steps you can take to protect yourself from identity theft prevention and doxing attacks. These posts are long and detailed, so we have split them into the following parts:
Step #1: Understand that Protecting your Personal Information is an Uphill Battle
Getting a grip on your online privacy can seem overwhelming and daunting, as well as largely outside your control. Trying to prevent identity theft and doxing can be especially challenging as you can’t control how others handle your personal information.
For example, a growing majority of websites and apps are invisibly sharing your personal information. The permissions they rely on to do this are usually buried deep in the terms and conditions they know you will never bother to read.
In addition, websites, apps and businesses often change privacy settings and policies to your disadvantage without telling you or putting you on notice.
Every day we hear about more businesses and websites being hacked and their customer databases being breached. A whopping 91% of IT security expert executives say their company's sensitive data is vulnerable.
Making matters worse is that privacy laws are a bit of a mess, still evolving and always a few steps behind technological innovations. Things like revenge porn and “upskirting” are good examples: in many places they are still not illegal!
Because no standards for sharing private information exist, the industry is entirely self-regulated. You can expect the industry to put their profits ahead of what is good for you. And even if businesses are saying they comply with the law, how many more large-scale scandals do you need to realize that profit-driven companies don’t always tell the truth?
And if all these third parties are invisibly collecting, tracking, saving and sharing your data, who is to say your personal information has not already been compromised?
Another big but often overlooked factor is that sometimes keeping your information private also depends on the practices of friends and family. This means that even if you carefully follow all of our recommended steps, if your friends and family are posting information about you or have poor privacy settings for sites or apps, your personal information may be compromised in the process. This could be as simple as friends over-sharing information about you, whether through posts, location check-ins or photo and video tags.
Identity theft is an illegal act which involves the theft or misuse of your personal data, such as your name, birth date, social security number, account names and passwords, or any other personally identifying information (or “PII” for short).
Identity theft happens when someone obtains or uses this kind of information without your permission. Sometimes identity theft is carried out by perpetrators piecing together different bits of information about you from various sources.
Most identity thieves are in it for the money. They acquire and use your personal information for financial fraud (both online and offline) such as charging credit cards, withdrawing money, taking out loans, getting medical treatment, filing a tax return for a refund, signing up for services, or receiving government benefits, all in your name. Identity thieves may also put your personal information up for auction on the black market.
Identity theft is becoming more common with (by some reports) up to 7% of US households falling victim to it every year. Indeed, according to Gallup, identity theft is now more widespread in the US than burglary, mugging, car theft and physical assault combined.
Victims of identity theft can have their credit ratings destroyed, be held responsible for financial compensation, be pursued by debt collectors, be blacklisted from receiving future benefits or funding and even much worse nightmarish scenarios.
In addition, on average most identity theft victims take 12 months to realize that their identity has been stolen and used for fraudulent purposes. In that length of time, plenty of damage can be done to your credit rating, financial position and reputation.
Plus, you often find out about identity theft the hard way: your bank account is suddenly empty or credit cards are full. Or you may get a notice in the mail from the courthouse, tax office or other governmental authorities.
It can also take a long time to undo the damage caused by identity theft, so it’s important to take proactive steps to protect yourself from this rising crime.
Doxing is relatively new and although the number of victims per year is not high, it is increasing and the damage caused can be very severe.
Doxing is a distinct kind of identity theft. It’s when the perpetrator (the “doxer”) obtains your personal or private information and discloses or shares it with others, often by publishing it online for everyone to see. This is called “doxing” or being “doxed”.
The doxers could be strangers, “hacktivists” who have targeted you (especially if you are in the public eye) or people you've fallen out with who are out to harm you.
This large-scale public disclosure of your personal information could, for example, be your home address, a scan of your passport or the sharing of swathes of personal documents such as your personnel file at work or your medical records. The disclosure could be made to the public at large (for example, posted online) or to a private person (for example, sent by email to your spouse, your employer or a member of the press).
In contrast to classic identity thieves, doxers usually don’t financially benefit from their actions but instead publicly disclose your personal information in an attempt to harm or embarrass you. High profile people, such as celebrities or public figures, are often the target of doxing.
Some doxers consider themselves as performing a public service and liken themselves to whistleblowers such as WikiLeaks, but it’s a fine line. Doxing victims would disagree that doxers are a kind of whistleblower.
If you are doxed, you will usually find out very quickly. But by the time you have found out it’s usually too late to do much about it and to stop your information from spreading. The actual harm inflicted can range from inconvenience, embarrassment or job loss or putting you in actual danger.
Obviously, the more of your personal information that is publicly available, the more your privacy and maybe even your security are at risk. The more information about you that is “out there”, the easier it is for ID thieves to piece together your identity.
For example, sometimes small bits and pieces of your personal information can be found and combined to form a full picture of your identity. It’s easy for an ID thief to trick a website into changing your contact email or phone number and ultimately take-over your account. See for example the famous case of Wired reporter Mat Honan who was hacked in this way.
Doxing bring risks too. For example, if you have an abusive ex and have taken steps to keep a new home address private, its disclosure could put you at real risk.
When it comes to identity theft, usually what comes to mind is people with bad intentions that specifically target us. These are the classic scenarios, whether shadowy hooded hackers in faraway places trying to steal our identities and break into our online accounts or unethical companies selling our personal information to the highest bidders.
It’s true that hackers have many ways to steal passwords. And it’s also true that data brokers and marketers also never rest in constantly building and selling on detailed profiles about you, including what you like and what your habits are.
However, your privacy can also compromised accidentally and by people who may even have good intentions at heart such as when your friends or family members overshare.
Finally, you may inadvertently breach your own privacy through such things as bad privacy settings, poor judgment or bad habits.
The rest of the articles in this series are dedicated to how you can protect yourself and the concrete steps you can take to reduce the risks of identity theft and doxing. Hopefully, you prevent it from ever happening in the first place.