It may come as a surprise, but social media has been a part of our world for almost 25 years now. It has evolved from basic online networking provided by the likes of SixDegrees.com, to today’s Snapchat, Twitter, Facebook and Instagram-filled world, showcasing the minutia of our day-to-day lives. While these platforms connect us like never before, there are inherent risks that are associated with an online presence.
Doxing is defined by Technopedia as, “the process of retrieving, hacking and publishing other people’s information such as names, addresses, phone numbers and credit card details”. The term originates from 90s hacking slang ‘dropping dox’, which was the method of leaking someone’s personal (usually incriminating) documents onto the internet. It was done to question someone’s legitimacy – for example Hillary Clinton’s leaked emails during her 2016 presidential campaign – or to cause general havoc, like the hack that leaked the names of people on the Ashley Madison database.
Self-doxing is a more recent phenomenon. To self-dox is to inadvertently leak your personal information onto the internet, and the advent of Twitter, Facebook, Instagram and other popular social media channels has made it easy to do. Kim Kardashian’s £7.8m robbery in Paris in 2016 was an example of self-doxing. Kardashian uploaded a selfie to Instagram (with her location tagged in the post) showcasing her 18.88-carat engagement ring; she was then tracked down to the flat she was staying in and robbed of millions of pounds worth of jewellery.
This also happens in the crypto world. Here’s a crypto example of self-doxing:
Your digital footprint
Self-doxing can happen to anyone. You can inadvertently give away personal information in photos, videos, gaming, statuses, comments – anything that contributes to your digital footprint.
Think of your digital footprint as the trail you leave behind you as you move around the internet. It includes things you post, comments you leave and cookies that track your browsing activity.
With a bit of digging, a hacker can uncover a wealth of information about you that will enable them to commit fraud. In November 2018, RBS was forced to pay out thousands of pounds in compensation as a result of a phone banking scam. According to a report by the BBC, bank records show the fraudster initially called the bank, posing as the customer, and asked for her account to be reset for security reasons. Staff followed the bank’s usual security protocol and called the customer’s landline number, unaware that the call had been diverted to a mobile number.
All a hacker needs are small bits of information – like your pet’s name or the place you were born – to be able to pass security. They can then unearth more personal information, to access your accounts or even visit your home.
How to safeguard yourself
It’s important to remember that much of what you put online can be seen by anyone, and so vigilance is key to keeping yourself safe. Thankfully, there are measures you can take to make yourself less of a target, including:
- Google yourself – no, not out of vanity. Googling yourself in incognito mode shows you your visibility online. Whatever comes up on Google is what others can see. If you don’t like it, change it. Which leads us to…
- The Right to be Forgotten – since 2014, the Right to be Forgotten has been officially part of EU law, and further supported with the introduction of GDPR legislation, which states “EU residents have the right to request that links to pages of data that are out of date, irrelevant, excessive or inaccurate be removed from Google search results”.
- Long, strong and varied passwords – this makes them more difficult to be guessed and hacked. It’s also advisable to enable 2FA with an authenticator app (rather than authentication by text) so that more than one device is required for logins.
- Read policy updates – don’t blindly accept social media app updates and policies, they generally change your visibility settings. When you click accept, go to your settings and check what’s changed in terms of privacy.
- Uploads – when uploading onto social media, think about what your photos, tweets and posts might reveal of your personal information.
- Friend requests – don’t be that person who has 4000+ Facebook friends – no one really knows that many people. If you receive a friend request from someone you don’t know, you should ignore it. Scammers send requests to profile you in the hopes of getting enough information to either scam you or send malicious links that contain viruses, spyware, or ransomware that can compromise your devices.
- Beware of geotagging – any time you add a location to an Instagram post, or tag yourself on Facebook flying off from an airport, you’re sharing your exact location – potentially with the world. It’s not difficult for someone to quickly build up a picture of your routine, or worse, know exactly when you’re away from your home.
At Wirex, the security of our customers is our priority. Our FCA-regulated service allows customers to manage their crypto and traditional currencies with confidence. We use multi-sig wallets, offer 24-hour customer support and boast a watertight verification process. The result is that Wirex users can buy, store, convert and spend their Bitcoin, XRP, Ether and Litecoin with confidence.
Stay safe and stay vigilant, Wirex users. Don’t let yourself get doxed.