Introduction



title: ‘Self-Doxing Guide’

abstract: This guide contains tips and resources for exploring open source intelligence on oneself to prevent malicious actors from finding and using this information for publishing, blackmailing or other forms of harassment. Access Now Digital Security Helpline is at your service if you have any questions.


Last updated: December 2018

Please consider this date when evaluating the accuracy and security of the following guide.

Access Now Digital Security Helpline

Self-Doxing Guide

The threat

Doxing (also “doxxing”, or “d0xing”, a word derived from “documents”, or “docs”) consists in tracing and gathering information about someone using sources that are freely available on the internet (called OSINT, or Open Source INTelligence).

Doxing is premised on the idea that “The more you know about your target, the easier it will be to find their flaws”. A malicious actor may use this method to identify valuable information about their target. Once they have found sensitive information, they may publish this information for defamation, blackmail the target person, or use it for other goals.

Self-Doxing to Prevent Doxing

Harassers and stalkers use several tools and techniques to gather information about their targets, but since these tools and techniques are mostly public and easy to use, we can also use them ourselves, on ourselves, as a preventative measure. “Self-doxing” can help us make informed decisions about what we share online, and how. (Of course, these same instruments can also be used to learn more than is immediately obvious about someone we have met online before we give them our full trust - for example to decide if we want to admit them to a private mailing list or group on social networking platforms.)

Methods used for doxing (and self-doxing!) include exploring archives, yellow pages, phone directories and other publicly available information; querying common search engines like Google or DuckDuckGo; looking for a person’s profile in specific services; searching for information in public forums and mailing lists; or looking for images that the person has shared (and for instance may have also published in another, more personal, account). But it can also simply consist in looking up the public information on the owner of a website, through a “whois search” (see below, in the “Search engines and more” section).

Warning: when practicing self-doxing, there is a risk of getting exposed to results that you may find disturbing. If you think you may need support, make sure you have close friends around when you do your research.

Before we start exploring these web services and looking for our digital self, it’s a good idea to use anonymisation tools like the Tor Browser.

What to search for

To decide what to search for, you should try to understand what activities expose you to a higher risk of being attacked by trolls or other malicious actors. Why would someone want to spend hours of their time to track information on you in the internet?

This kind of attacks often affects minorities or people who support controversial opinions online, and the attack starts from the information that the malicious actor will find immediately available - like the nickname and profile used by the target in the platform where the attack has started, or the pictures the target has published in their page.

So if you think that someone might want to harm you by looking for personal information on you, start asking yourself how they got to know you. If you use your name and surname or a picture of your face on the platform where they learned about your existence, then this is what they will start from, and what you should start from for your self-doxing exercise.

If, on the other hand, a potential attacker knows you by a pseudonym (like the nickname or handle you use on that platform), your search efforts should focus on any connection that there might be between that pseudonym and your physical life (your name and surname, the place where you work, your home address, etc.).

If you are using a unique handle in the platform where your sensitive activity is happening, and have never used it for anything else, some traces might still be public, for example your IP address or your geolocation data. Check the properties of the pictures you’ve uploaded and the posts you’ve published: do they contain any identifying details, like your IP address or your location? If so, you might want to edit them so as to delete any sensitive information they may contain. Read more on how to control the information you share online in this guide on secure identity management.

Search engines and more

Once you have identified all the names and nicknames you want to look for, as well as pictures and other personal data (web domains you own, birth date, city where you live, etc.) you may have posted in your most exposed online profiles and web pages, you can start your search.

What follows is a list of search engines and other online services that you can use.

When you do your search, use a different browser than usual so that you aren’t logged into your online accounts. In alternative, you can delete the history and cookies, and clear the cache.

Image searches

If you have a photo, icon, or avatar, do a TinEye or Google reverse image search. With these search engines you can look for all the pages that contain the image you are searching for.

For example, if you use your portrait for your Facebook profile, you can check that this picture hasn’t been used in other web pages by looking for the URL of your icon. To find out what the URL of your icon is, right-click the image and click “Copy Image Location”, then paste the URL in the search engine bar.

Check if your online account has been previously compromised

Over the years, many company and platform databases have been breached, and the user names, email addresses, and passwords in those databases published online. You can find out if any of your accounts’ credentials are included in these leaked databases by looking for your email on ’;–have i been pwned?.

If you find an account of yours was compromised, and you are using that same password for other accounts, you should immediately change that password. This could also be a good moment to set new strong and unique passwords and multi-factor authentication for all your accounts. The Access Now Digital Security Helpline team is happy to guide you in this process.

How to delete your traces

If you find sensitive information that you need to delete, in the European Union you can often rely on the right to be forgotten.

Access Now Digital Security Helpline is ready to guide you through the necessary steps.

Further reading