How Can You Protect Your Executives and Employees From Doxxing?

Emotional Harm to Employees and Executives

A doxed employee or executive can result in workplace conflicts, loss of employment, or damage to professional reputation.

Brand Reputation Damage

A doxing attack can focus on an executive, attacking moral standing; cybercriminals may identify highly personal information or make up a scenario using Generative AI images and video. A study found that 1 in 5 incidents included personal information about the victim's family.

Privacy Violations and Non-Compliance

Cybercriminals who steal data on customers and use it to dox victims leave the affected company in breach of data security and privacy regulations.

Identity Theft of Customers and Targeted Employees

Doxxing is a form of identity theft, as the information used against the victim is Personally Identifying Information (PII). If the cybercriminal decides to take the attack further, they can use this PII to create verified identities that can be used to open bank accounts, take out loans, etc.

Cybersecurity Risk Increase

Doxxing involves PII, and cybercriminals will stop at nothing to obtain the personal data of a targeted employee or executive, increasing an organization's risk level.

Financial Loss (Extortion)

Doxxing may result in financial losses. The cybercriminals behind the attack may use the intelligence gathered on the victim or use deepfakes to extort money from the victim.

Fines for Data Breaches and Privacy Violations

Doxxing occurs when a cybercriminal uses personal information against an individual. If this information belongs to a customer or employee, the SMB may be found to be at fault.

In the USA, various states have data protection and privacy laws. Non-compliance with these laws results in fines. The fine levels vary; however, for example, the California Consumer Privacy Act (CCPA) has fines of up to $7,500 per intentional violation and up to $2,500 per unintentional violation.

In addition to these fines, the CCPA has a provision for a citizen's private right of action, allowing consumers to seek damages between $100 and $750 per incident or actual damages if greater. The violations cover incidents involving unauthorized access, theft, or disclosure of non-encrypted and non-anonymized personal data.

Reputation Damage

A doxxing incident can cause a company embarrassment or even severely tarnish a brand. Consumer trust is an essential aspect of a successful business. If a cybercriminal takes to social media to dox a business or one of its executives, the impact can cause a loss of customer trust.

On a personal level, a doxed executive may lose their career. The cybercriminals may even use fake information or misinformation to carry out the attack. For example, a finance marketing executive was misidentified online and falsely accused of assault and racism. The attack escalated on social media, with the executive's home address published online; the executive was then inundated with threats.

Risks to Business From Cybersecurity Impact

The business risks from a doxxing incident affect a company's cybersecurity posture. Along with the risk of non-compliance fines mentioned earlier, the potential for cyberattacks, including data breaches, has associated financial costs. Identity theft, for example, has been shown to cost businesses £23 billion, according to Javelin Strategy & Research. Cybersecurity attacks that may originate from a doxxing incident can cost between $25,000 and $3 million, depending on the type of attack and size of the company.

Phishing and Social Engineering

Cybercriminals use social engineering alongside techniques like phishing to trick people into handing over sensitive information.

Social Media and Web Stalking

Social media can provide a rich seam of information for a cybercriminal looking to collate data. By stalking social media and forums like Reddit, a cybercriminal can find out a person's online usernames, links to family members, places they have visited, pet names, and much more.

MitM (Wi-FI Sniffing)

Intercepting a device's connection to a network can allow cybercriminals access to data transmissions like email. Man-in-the-middle (MitM) attacks or Wi-Fi sniffing are cybersecurity hacks that use poorly secured Wi-Fi networks to intercept data.

Reverse Mobile Lookup

Once a cybercriminal has a phone number, they can use online directories and other tools to obtain further information on the owner of the number.

IP Address Lookup

IP addresses can be linked to a physical location. If the doxxer knows your IP address, they can use methods like social engineering of a call handler at an ISP to find out your location. Various online tools can also help to establish location and other personal data from an IP address.

Dark Web Marketplaces

Often, when a data breach occurs, the stolen information ends up on dark web marketplaces for sale. Anyone wanting to carry out a doxxing attack could potentially locate a target's data using the dark web.

Insiders

Cybercriminals can co-opt company employees into revealing data on executives and other employees either accidentally or maliciously.

Data Brokers

Data brokers collect and sell personal and company information for a profit. The information is acquired from publicly available records, online searches, loyalty cards, social media platforms, and other sources. A doxxer can purchase the gathered data for a modest charge.

Social Media Doxxing

Using a social media platform like X to publish the victim's personal details, like a home address. This form of doxxing is often used to harass an individual with whom the doxxer disagrees.

Proxy or Faulty Doxxing

This is a type of disinformation in which the doxxer misrepresents the victim and accuses them of something they did not do. The victim is then harassed and bullied, typically via social media or another online forum.

Politically Motivated Doxxing

Doxxing has become synonymous with hacktivism, whereby a politically motivated group attacks a company or individual with whom they disagree.

Extortion Doxxing

Doxxing for financial gain or "doxtortion" uses threats of releasing embarrassing or personal information to extort money from the victim. The doxxers may use deepfakes to put the victim under pressure to pay the ransom.

Cyber Hygiene and Security Awareness Training

Teach your staff, including executives, safe internet use. This should include the importance of not oversharing on social media.

Phishing awareness is essential, as 'doxxers' can use this method to trick your staff into revealing personal information and login credentials. Exposed login credentials can lead to the theft of confidential information on other staff members, including C-level executives.

It is also essential to train all staff members on the safe use of mobile devices to avoid social engineering and other malicious uses of mobile devices, including insecure Wi-Fi use.

Put in place a process allowing staff members to report any doxxing attack quickly so your company can mitigate the attack.

Privacy-Awareness

Privacy awareness should be an integral part of security awareness training. As 'doxxers' may gather data using online resources, it is essential to educate employees and executives on the dangers of adding their personal details to online directories like PeopleFinder and Info Record. If an employee's details are already on an online directory, the employee can request that the information be removed from the site.

Robust Authentication (Strong Passwords/MFA)

A foundational security measure that covers many security risks is to ensure that your authentication is optimized. This means using robust authentication like multi-factor authentication (MFA) and strong passwords. Having a layer of strong authentication at login prevents certain doxxing attacks, which use phishing and social engineering to steal login credentials and data.

Anti-Phishing Solutions

Advanced anti-phishing solutions use AI to identify unusual email patterns that could potentially indicate phishing. As some doxxing attacks rely on phishing and social engineering to help gather the data of a targeted individual. Therefore, it is important to use tools that help prevent phishing emails from landing in employees' inboxes.

Anti-Malware Solutions

Some malware, such as keyloggers and info stealers, gathers data from keystrokes and other computer-related activities. The data is stored in a file and then periodically sent to the attacker. These data can be used to dox targeted individuals. Anti-malware uses various technologies, often including AI, to identify potential malware infections, including emerging threats and malware designed to evade detection.

VPN

A Virtual Private Network (VPN) can help prevent MiTM attacks and Wi-Fi sniffing. This stops a potential doxxer from intercepting data during an online session or accessing private emails.

WHOIS

Use the "domain privacy" service in the domain registry WHOIS to hide any personal details held against your web domain.

Dark Web Monitoring

Dark Web monitoring tools allow a business to identify any risks to their business from within the dark web. The tools monitor an array of business information, including your domain, company email address, passwords, and corporate credit cards. By continuously monitoring the dark web for stolen data, your business can be forewarned and stay ahead of doxxing and other harmful cyber incidents.