How to safeguard yourself from data theft and doxing

Anna Larkina,
Web content analysis expert

Yuliya Loktyushina, Web Analytics Group Manager

Anna Larkina, a web content analysis expert at Kaspersky, shares a few ideas on online privacy and dangers. Based on her experience, she gives advice on how to avoid data theft and minimize personal negative impact from data leaks.

The problem of privacy and user data safety is something we often face today. A few years ago, when I was just beginning to study the topic, many people believed that it was a temporary concern and that there was nothing to worry about. As time passes, however, the issue is only growing in importance.

If you consult the privacy policies of the various services that you use every day, you can find all kinds of interesting things: for instance, your data is being sent to a third party and its safety is not guaranteed. In most cases this means that your data is being sent to an analytical agency. Don’t underestimate this: remember that you are sharing valuable information about your preferences, interests, and behavior – in short, a psychological portrait of yourself. This not only leads to getting relevant ads, but also helps marketing companies to better understand the client and create products and targeted offers.

So free services are not as free as we used to think they are. Opacity, data analysis and distribution and greed are the real problems here. Data leaks can happen even if a company protects its servers technically – there’s always the human factor to consider. Leaked data can end up being sold on the black market and used for doxing.

Terminology

Doxing is the practice of finding or publishing personally identifying information about someone on the internet without their permission, and can result in catastrophic consequences. For instance, a person may become a target of attacks (in virtual or real life) that can provoke anxiety, stress, insomnia, depression, social stigma and depression.

The motives of so-called “doxers” are very different. Some of them think they are doing the right thing and exposing criminals, while others try to intimidate their online opponents or do it just for fun. The sheer volume of private information available means this damaging experience can happen to anyone. Last year at Kaspersky we carried out some research, and 40% of interviewees admitted that their partner had shared screenshots online of their conversations without their consent, threatened them with personal information they had found online, leaked intimate photos of them, or stalked them in real life – also a direct consequence of doxing. The tragedy is that you don’t need any special skills to become a doxer.

So we have to stay alert and to follow the rules, which will help us to avoid this kind of experience:

\\ Do not reveal confidential information on the internet. Carefully check what you post and remember that nothing is temporary online – do not include any information that can reveal your address, phone number, or other confidential data.

\\ Check your social network account settings. Make your Instagram or Facebook profile open to friends only.

\\ Set up two-step verification. When this feature is enabled, no one will be able to sign in to your account unless they use your password and a one-time security code sent to your mobile phone number or generated in your authenticator app. Use only those e-mails which support two-step verification.

\\ Use different passwords and password managers. Do not rely on just one safe password – use different combinations and follow the rules for creating passwords. Use a password manager to remember the passwords and keep them in one place.

\\ Play the role of a doxer and search the internet for information about yourself. This interesting exercise can help you become more aware of the information that is available about you. Use search engines, social networks and professional websites. Try building a dossier on yourself and connect the services that know too much about you.

\\ Avoid logging into one service with the help of another – do not use your Google or Facebook account to sign in to a suspicious website.

\\ Be aware of the hazards of sexting. Consider the risks and take a conscious decision whether to share intimate photos.

If you are aware of the fact that your data is not 100% safe on the internet, you certainly won’t share everything at once. And once you follow these easy rules and keep your data as safe as possible, social networks, apps for services and the internet will become a welcoming space suitable for communication and other needs.