What Is Doxxing? How Can Teachers Ensure Their Online Privacy?

What Is Doxxing? Taking particular details about someone and distributing them online or in some other way to the public is what this doxing definition is all about. This long-standing tradition is because documents serve as irrefutable records of facts regarding individuals and their actions and words, which can be utilized as formidable tools in legal proceedings. 

However, hackers started dropping documents on persons sheltering behind phony names in the 1990s, when the term “doxing” first gained prominence. This allowed hackers to reveal their rivals in the hacking community. Removing their identities made them vulnerable to others attempting to apprehend them, including the authorities.

What Is Doxxing? 

The term “doxxing,” which came from the colloquial term for “dropping documents,” describes a kind of cyberbullying in which the perpetrator humiliates or harms the victim by disclosing or using private information about the criminology professor at Florida Atlantic University, Sameer Hinduja.

 He has found that public databases such as Spokeo, BeenVerified, Spydialer, and county records can reveal personal information such as phone numbers, addresses, family names, and political affiliations, making us all susceptible to doxxing.

In addition to online or live stalking, SWAT tactics, or identity theft, Hunduja warned that doxxing could lead to other forms of harassment. 

For instance, the AFT garnered nearly 12,000 signatures on a petition aimed at Instagram’s CEO, urging the company to crack down on anonymous school “confession” channels where students post photos and information about their teachers and classmates without permission, frequently leading to harassment.

The anonymity of ‘confessions’ accounts makes them “very susceptible to vicious cyberbullying,” as pointed out by AFT President Randi Weingarten. 

Talking about these tales makes teachers uncomfortable because it draws more attention to the bullying, rumors, and their schools. We are also aware that instructors can be victims of data breaches, including their personal information.

Sally argued that disclosing students’ private information can hinder instructors’ ability to enforce classroom discipline or communicate with students’ families.

CERN

How Is Doxing Performed?

The premise of doxing is that almost everyone’s personal information is on the internet, behind various layers of security (or none at all). Finding this data is the first step in turning it into a weapon to attack the target.

1. Monitoring User IDs

Many people use the same or very similar usernames across many online accounts. Cybercriminals, activists, and others can easily identify your accounts using the usernames you provide. You can build a more comprehensive portfolio of documents that reveal information about you by using data from each of these accounts.

2. Performing a Domain Name WHOIS Lookup

A registry stores information about domain name owners, including their contact details. A basic WHOIS search will usually reveal this registry. When you register a domain, you will typically have the ability to conceal your identity. Anyone, with the right tools, may see your full name, phone number, address, email, and even company address if you choose not to make it private.

3. Spear Phishing

If you are the victim of a phishing scam or someone gains access to your email, they can steal personal information or launch a doxing attack using your account. In a phishing scam, the victim is tricked into divulging critical information using a link leading to an imposter website.

4. Perpetuating Online Profiles

Any information you provide in your profile or publish on your social media sites becomes publicly accessible when you make it public. This might include your workplace, friends, family, photos, hobbies, travels, pets, and more.

With this kind of data, a doxer may potentially figure out how you answer standard security questions like “Who is your favorite pet?” or “Who is my best man?”

5. Examining Official Documents

Information that could be utilized in a doxing assault is stored on several government websites, including county records, company licenses, marriage licenses, voter registration information, and the Department of Motor Vehicles (DMV).

6. Protecting Internet Protocol Addresses

By deducing your Internet Protocol (IP) address, doxers can launch an attack based on your physical location. To gain further information on you, they could, for instance, contact your ISP while pretending to be you and asking them questions.

7. Locate a Cell Phone Number in Reverse.

Hackers can start digging for personal details if they get their hands on your cell phone number. They could find out your identity by using a reverse phone lookup service like Whitepages. They can usually collect enough information for a doxing assault, even if it costs money to gain more than just your state and city.

8. Sniffing Out Packets

One tactic attackers utilize during doxing is packet sniffing. As information moves across the internet, it is structured into packets. An attacker can learn what data is contained in a packet by “sniffing” it. Credit card numbers, bank account details, passwords, and more can all be obtained this way.

Doxxers accomplish this by gaining access to a network, bypassing its security measures, and capturing all the data transmitted via the network.

9. Brokers Of Data

Data brokers, as the name implies, are individuals who acquire data to sell it on to other parties. A data broker will visit many websites that contain public records to obtain information about possible targets. Sites that collect information about you through your online activities, such as loyalty card programs, may do this by recording your search queries and other personal details.

The dark web is a marketplace where data brokers can buy and sell data with one another.

Green Schools Conference 2024

What Kind of Data Are Doxers Seeking?

Some common types of information that doxers look for are:

• The criminal can use these phone numbers to call the victim while posing as someone else and probe for personal details. They can also be used to access accounts that are meant to be secure.
• A person’s social security number is needed to verify their identification on many websites and businesses that save personal information.
• An attacker might use a home address for two purposes: to validate the identity of someone attempting to access a private account; and apply for new accounts under the victim’s guise.
• Information about a person’s credit card: Criminals can use this data to steal money, damage a person’s credit score, or access other private information.
• facts of your bank accounts: Since these facts are usually only accessible after a user has met security procedures, they could be utilized to “verify” your identity by someone posing as you. Additionally, they can be used to transfer funds from one account to another or in a doxing attack to expose the target.

Can Someone be Sued For Doxing?

Doxing is often not unlawful because the leaked information is already available to the public online. That the target has granted the entity the right to disseminate it legally occurred at some time. The act itself may not be unlawful, but the use of the information might be. This is especially true if the victim is threatened, harassed, or stalked.

The disclosure of specific information could make doxing an unlawful act as well. For instance, Doxing a federal employee is against US law. It is a crime on a federal level. Even while it’s not technically “illegal,” doxing is unethical since it exposes personal information about someone without their consent.

A Guide to Avoiding Doxing?

Due to the abundance of personal information that most people have placed online, becoming a victim of doxing is practically inevitable. But you may protect yourself against doxers by taking specific measures, especially about the most sensitive material that could cause the most harm.

1. Use a VPN

Encrypting and securely transmitting your internet transmissions is the job of a virtual private network (VPN). Decryption happens at the receiving end, allowing the other party or entity to view or use the data. However, a doxer cannot access the data in transit without the decryption method.

2. Choose robust passwords.

A doxxer can easily guess a weak password.ncluding words, predictable sequences of numbers, or derivatives of your name. But there are things you can do to make a doxer’s attack on you far more complex. 

Password strategies include creating unique passwords for each account, utilizing complex combinations of letters, numbers, and symbols, or utilizing a password manager to create and store extremely difficult-to-guess passwords.

3. Make Periodic Adjustments to Your Privacy Settings.

Regularly review and update your privacy settings.if you use social media and occasionally publish anything considered sensitive or private. Sharing specific details about yourself publicly on social media might be helpful when using these platforms for work-related goals.

By periodically adjusting your privacy settings, you can ensure that no one can view your details, photos, posts, likes, or dislikes, and any information you may not want misused.

4. Disregard Phishing Emails At All Costs.

Keep your guard up if you receive an email requesting personal information that seems to have come from a financial institution. Also, use caution before visiting any website linked in an email. You can be putting yourself in danger of doxing if, after visiting the page, you are prompted to enter information.

5. Make Sure Each Email Account Serves a Distinct Purpose.

You should probably separate your personal, professional, and spam email accounts. You should use your work email for professional exchanges, especially if you’re self-employed. On the other hand, you can use your spam email address for any subscription or offer signups.

Send more informal, personal emails to your social media account. A doxer will have difficulty breaking your email address more if you use separate login credentials for each account. Even if they do, they might not have access to your data.

Remember that it is common for spam emails to have links that lead directly to user accounts, complete with profile details. As a result, you should take extra precautions to ensure that your spam email is impossible to hack.

American Teaching

6. Make Sure Your Social Media Accounts are Private.

Everything you publish on social media becomes visible to everyone, and it’s possible that someone may grab it before you can remove it.

Even if you hide your identity behind a pseudonym, doxers can still find out who you are by looking at how your friends mention you on different platforms.

 They can accidentally reveal your true identity by using your given name instead of your alias. Another red flag is when a doxer notices that some social media accounts use fictitious names while others use your real identity.

Master Calculus with These Top Books and Easy Steps 

7. Conceal Domain Registration Details From The WHOIS Search

When you register for a domain name or URL, it is best to conceal your information because WHOIS contains contact details, including your address. If you need help or have questions about making your information private, just contact your domain registrar.

8. When Granting App Permissions, Exercise Caution.

An app may be used to administer online quizzes. You might be asked to grant the app access to your social network accounts when you sign up for it. Your personal information can be used against you by doxers if you let them access your apps.

 Furthermore, a doxing hacker may bypass the app’s security measures and steal your data. In most cases, creating a separate username and password for the app during registration is safer than linking it to your social media account.

homework

How Can Teachers Protect Their Online Privacy From Doxxing?

It is essential for educators to be approachable to their pupils and their families and to be willing to share information. However, even a small amount of knowledge might pose risks.

• A class of children in Baltimore County’s middle school art program once zoom-bombed their teacher. She claimed that pranks became so severe when her family’s home address became public that they began “SWATing,” or falsely contacting emergency services.
• “My parents, who are in their 60s, were startled awake by a complete SWAT team in the middle of the night,” she lamented. Luckily, the cops promptly recognized it was all an elaborate prank, and no one was injured.
• Upon conducting a Google search following the incident, the woman revealed that her address was shown as her parents when she initially looked it up. She resigned from her teaching position in 2022.
• Legal safeguards are not keeping pace with the growing problem of students’ harmful use and disclosure of personal information, a growing concern for educators, even though they have long been susceptible to student pranks.
• “Schools all across the country are all dealing with these issues [of teacher privacy protection] at the same time,” said Ronn Nozoe, executive director of the National Association of Secondary School Principals. “People have to come up with their solutions because there isn’t a playbook for dealing with this.”
• Cyberbullies frequently target educators because of their prominence in public discussions about LGBTQ+ rights, school curricula, and other topics.
• According to David Sallay, who used to be the chief privacy expert for the Utah State Department of Education the social media accounts of teachers are being closely watched by cyberbullying organizations.
• However, a nationally representative study conducted in April by the EdWeek Research Center found that instructors are more likely to face threats or doxxing from their students or parents than from outside groups.
• An equal number of teachers and parents have admitted to threatening or disclosing personal information, such as home addresses, photographs, and social media posts, by either their children or their children’s peers.

Teacher Doxxing: Who’s Responsible?

The EdWeek Research Center conducted a nationally representative poll and found that one out of every twenty K-12 educators have experienced students threatening or disclosing personal information to the community against their choice.

 Parents threatened or were actually “doxxed” by the same percentage as educators, while community members with personal ties threatened twice as many instructors.

Although the government does not collect statistics on disclosing personally identifiable information, a yearly poll conducted by SafeHome.org indicates that teachers’ experiences are consistent with the general public’s. 

One in five victims reported having personal information about their family shared, and approximately 4% of persons surveyed in the US have experienced a doxxing incident as of 2024.

For their students’ privacy, here is what teachers should know.

How Can Teachers Ensure the Security of Their Students’ Personal Data?

Much of the information that doxxers use is already public but misinterpreted; for instance, a teacher’s remarks in an adult social media group could be shared with pupils or the whole public after the hacker accessed their private files. Experts agree that the best defense is a strict separation of private and public life.

Being a teacher makes you a public figure. You are a public person, Sallay added, even if you don’t want to be or aren’t seeking office. Think carefully about the resources you, as a teacher, are making available to the public. Consider what a group of parents could do with this if it became public knowledge.

Additionally, Sallay suggested that educators routinely perform basic information audits, such as checking one’s identity on search engines and examining access to social media accounts.

Teachers’ records are more accessible than other professionals because they are considered public employees and internet privacy protections differ among states. 

Teachers in Colorado, for instance, can seek to have their home addresses and other personally identifiable information removed from official state websites if they or a family member receives a safety threat (but not in advance).

If a Teacher Receives a Doxxing Threat, What Should They Do?

Teachers should examine whether they would feel okay with the widespread distribution of a student’s or parent’s social media post or photo and take action accordingly if they mention it without threatening to distribute it without permission.

Officials from the American Federation of Teachers have urged their members to keep records of any communications involving threats to use or disclosure of student information to harm teachers.

 It is essential to note whether the perpetrator would have needed to hack into private accounts to obtain this information.

No, I don’t consider myself to be constantly worried or afraid. The former Baltimore County teacher continued to do her work to the best of her ability, even after the SWAT attempt. 

On the other hand, she claims to utilize information removal services frequently and now keeps tabs on her social media and public information searches. Some businesses will delete your data at no cost if you ask them to, while others may charge you to remove it from your platforms.

“I would simply advise educators to be cautious about their students’ abilities and to take additional measures to prevent being the object of a harassment campaign,” she stated.

Students

How Can District and School Administrators Lend a Hand?

The experts agree that staff and students need explicit instructions.

• District administrators have a policy in place to deal with kids who try to dox instructors, according to the EdWeek Research Center poll (41%). Nevertheless, 26% of principals and 15% of educators felt the same way, indicating a gap in the clarity with which districts communicate their policies.
• “Make sure that the entire student body is clearly aware of this and that administrators specifically outline penalties for doxxing by students,” Hunduja said.
• Administrators are responsible for restricting how parents or students can access teachers’ personal information. Sallay says schools shouldn’t compile employee contact information (such as email addresses or home phone numbers) in databases for security reasons.
• Because “if you are collecting and that personal information becomes more publicly available, someone is going to misuse it,” Sallay warned administrators, “even if you are coming from a good place, draw a line between personal and professional life” when it came to staff information collected. On top of that, it’s usually unnecessary.
• Safer options for teachers to interact with their school communities can be provided by districts as well. For instance, school administrators should limit the use of recording devices in classrooms, urge teachers to use school-issued or internet-based phone numbers when corresponding with students and their families, and refrain from posting photos of class projects on personal social media accounts.
• The use of smart gadgets has led to a dramatic increase in students bringing in devices and videotaping or recording class, according to Sallay. “It seems to me that educators should be cognizant of that vector.”
• Nozoe, of the NASSP, emphasized the equal significance of cultivating a school culture that values respect and accountability.

“We won’t be able to teach children to be good digital citizens by banning certain things,” Nozoe stated. “While it’s true that there are some reasonable limits on technology and that we can use those tools, the overarching objective is to ensure that children, as they grow up, fully grasp the distinction between the morally right and wrong ways to utilize technology.”

Visit blogkingworld.com, and I will share more useful articles and stories and information if you find this educational article helpful. To learn even more tips on learning, business, health and fitness, climate change and more, subscribe to my LinkedIn.