Connect with us

Tech News

What is doxing and what to do if you’ve been doxed

(TECHNOLOGY) Doxing is an attack that used to be primarily done in hacker and gamer circles, but is now spilling over to victimize people from all walks of life. Like you.

Published

on

what to do if you've been doxed

Having your private information posted to the internet against your will is a nightmare come to life. Your phone numbers, social networks, personal email address, and even physical address can be leaked in a practice known as doxing.

Doxing is a cyber attack where someone’s private information is publicly posted to the internet without their consent.

Information posted may have been difficult to obtain prior to doxing, and can reveal personally identifiable details of previously anonymous accounts.

In most cases, the intent is to maliciously violate someone’s privacy for perceived justice or revenge. Victims of doxing often experience harassing phone calls to their bosses at work and comments on their social media at the very least.

Friends and family members of doxing victims can end up getting harassed as well if their contact information is leaked.

In extreme cases, doxing victims have had false police reports filed against them, causing authorities to show up investigating fake claims of abuse, hostage situations, or bomb threats.

Although doxing is most common among gamer and hacker communities, anyone can be a victim as it becomes increasingly common.

Your best bet is to prepare for the worst-case scenario
.

Eva Galperin, cybersecurity director at the Electronic Frontier Foundation, provided several helpful tips that follow.

First things first: be aware of what you’re intentionally posting. Galperin notes, “What people can really give away about you is the stuff that you’ve already given away about yourself.”

Google yourself to see how much public information is already out there. Remove yourself from people-search lists, and ensure your number is unlisted and on the Do Not Call Registry.

Posting your location on Twitter or enabling location tagging on Instagram can expose your information to bad actors. Carefully consider if you really want to include your location with every social media post (and learn here how to turn it off everywhere).

Pay attention to how many personal details you’re including in online profiles. A study by NYU and University of Illinois professors found Facebook is the most commonly included social media site in doxed files.

This is likely because Facebook contains more sensitive information regarding the user’s relationship to others. On your account, you can note parents, siblings, and other degrees of connection, providing more insight to those prying (pro tip – here’s how to see what the public has access to on your Facebook account).

Get familiar with the Terms of Service of any websites you’re using, especially the privacy sections. Make sure you learn how to file a takedown in the event your information does get posted.

Another exciting part of doxing is the possibility of compromised login credentials, allowing hackers to post as you. Decrease the likelihood of that dumpster fire by using strong, unique passwords for every account. Use a password manager to keep track.

Whenever possible, you should opt for two-factor authentication. Add another layer of security by using an authentication app instead of text messages for push notifications.

Since mobile accounts can be infiltrated, someone could theoretically hack your cell’s SIM card to receive text messages meant for you.

You can call your cell company and enable password protection for your SIM card so no one can make to the account changes without providing a PIN.

While this may seem like a lot of tinfoil hat preparation, the reality is that our digital information is vulnerable.

Even if you’re not a prominent public figure or higher up at your company, your private information could be compromised.

It’s better to have an emergency plan set in place so you’re not overwhelmed if you do happen to get doxed.

Fortunately, doxing is against the Terms of Service for most websites. Reporting doxing usually leads to account suspension for the offending user, or removal of the posts.

Lock down your info now so you’re not an easy target.

Lindsay is an editor for The American Genius with a Communication Studies degree and English minor from Southwestern University. Lindsay is interested in social interactions across and through various media, particularly television, and will gladly hyper-analyze cartoons and comics with anyone, cats included.

Tech News

This phishing simulator tests your company’s (lack of) readiness

(TECHNOLOGY) Phishero is a tool which tests your organization’s resistance to phishing attacks. Pro tip: Most companies aren’t ready.

Published

on

phishing simulator

In the wake of any round of cyberattacks, many organizations question whether they’re prepared to defend themselves against things like hacking or other forms of information theft. In reality, the bulk of workplace data thievery comes from a classic trick: phishing.

Phishing is a catch-all phrase for a specific type of information theft which involves emailing. Typically, a phishing email will include a request for sensitive data, such as a password, a copy of a W-4, or an account’s details (e.g., security questions); the email itself will often appear to come from someone within the organization.

Similar approaches include emailing a link which acts as a login page for a familiar site (e.g., Facebook) but actually stores your account information when you sign in.

Luckily, there’s a way for you to test your business’ phishing readiness.

Phishero, a tool designed to test employee resistance to phishing attacks, is a simple solution for any business looking to find any weak links in their cybersecurity.

The tool itself is designed to do four main things: identify potential targets, find a way to design a convincing phishing scheme, implement the phishing attack, and analyze the results.

Once Phishero has a list of your employees, it is able to create an email based on the same web design used for your company’s internal communications. This email is then sent to your selected recipient pool, from which point you’ll be able to monitor who opens the email.

Once you’ve concluded the test, you can use Phishero’s built-in analytics to give you an at-a-glance overview of your organization’s security.

The test results also include specific information such as which employees gave information, what information was given, and pain points in your current cybersecurity setup.

Phishing attacks are incredibly common, and employees – especially those who may not be as generationally skeptical of emails – are the only things standing between your company and catastrophic losses if they occur in your business. While training your employees on proper email protocol out of the gate is a must, Phishero provides an easy way to see how effective your policies actually are.

Continue Reading

Tech News

Domino’s asks Supreme Court to take up web accessibility case

(TECHNOLOGY) Domino’s is going all the way to the top to ask the Supreme Court to decide if ADA applies to their (and your) website.

Published

on

accessibility

As long as your company is following the rules and regulations set by the Americans with Disabilities Act of 1990 (ADA), customers with disabilities should be able to access your brick-and-mortar store. The ADA ensures that stores have parking spots, ramps, and doors wide enough for folks in wheelchairs.

But does the ADA also extend to your business’s website? That’s a question that the Supreme Court may soon have to answer.

As an increasing number of services and opportunities are found online in this day and age, it’s quickly becoming a question that needs answering. Several New York wineries and art galleries, Zillow, and even Beyoncé have been sued because their websites were unusable for people who are blind.

In 2016, Domino’s Pizza was sued by a blind customer who was unable to order a pizza on Domino’s website, even while using the screen reading software that normally help blind people access information and services online. The Ninth Circuit Court ruled that Domino’s was in violation of the ADA and that the company was required to make their sites and apps accessible to all. Three years later, Domino’s is petitioning SCOTUS to take on the case.

Domino’s argues that making their sites and apps accessible would cost millions of dollars and wouldn’t necessarily protect them or any other company from what their lawyer called a “tsunami” of further litigation.

That’s because the ADA was written before the internet had completely taken over our social and economic lives. While the ADA sets strict regulations for physical buildings, it has no specific rules for websites and other digital technologies.

The Department of Justice apparently spent from 2010 to 2017 brainstorming possible regulations, but called a hiatus on the whole process because there was still much debate as to whether such rules were “necessary and appropriate.”

The Domino’s case proves that those regulations are in fact necessary. UsableNet, a company that creates accessibility features for tech, reports that there were 2,200 court cases in which users with disabilities sued a company over inaccessible sites or apps. That’s a 181 percent increase from the previous year.

While struggling to buy tickets to a Beyoncé concert or order a pizza may seem like trivial concerns, it’s important to consider how much blind people could be disadvantaged in the modern age if they can’t access the same websites and apps as those of us who can see. Christopher Danielsen from the National Federation of the Blind told CNBC that “If businesses are allowed to say, ‘We do not have to make our websites accessible to blind people,’ that would be shutting blind people out of the economy in the 21st century.”

If the Supreme Court decides to take the case, it could set an important precedent for the future of accessibility in web design.

Continue Reading

Tech News

Slack video messaging tool for the ultra lazy (or productive) person

(TECHNOLOGY) Courtesy of a company called Standuply, Slack’s notable lack of video-messaging options is finally addressed.

Published

on

slack video updates

Slack — the popular chat and workflow app — is still going strong despite its numerous technical shortcomings, one of which is its notable lack of native video or audio chat. If you’re an avid Slack user, you might be interested in Standuply’s solution to this missing feature: video and audio messaging.

While it isn’t quite the Skype-esque experience for which one might hope when booting up Slack, Standuply’s video messages add-on gives you the ability to record and send a video or audio recording to any Slack channel. This makes things like multitasking a breeze; unless you’re a god among mortals, your talking speed is significantly faster than your typing, making video- or audio-messaging a viable productivity move.

The way you’ll record and send the video or audio message is a bit convoluted: using a web browser and a private Slack link, you can record up to five minutes of content, after which point the content is uploaded to YouTube as a private item. You can then use the item’s link to send the video or audio clip to your Skype channel.

While this is a fairly roundabout way of introducing video chat into Slack, the end result is still a visual conversation which is conducive to long-term use.

Sending video and audio messages may feel like an exercise in futility (why use a third-party tool when one could just type?) but the amount of time and energy you can save while simultaneously responding to feedback or beginning your next task adds up.

Similarly, having a video that your team can circle back to instead of requiring them to scroll through until they find your text post on a given topic is better for long-term productivity.

And, if all else falls short, it’s nice to see your remote team’s faces and hear their voices every once in a while—if for no other reason than to reassure yourself that they aren’t figments of your overly caffeinated imagination.

At the time of this writing, the video chat portion of the Slack bot is free; however, subsequent pricing tiers include advanced aspects such as integration with existing services, analytics, and unlimited respondents.

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!