Tag Archives: online safety

What is doxing, and how can you protect yourself?

Posted on by

The blog group loved this article from The Conversation, originally published on 13 February 2024. We hope you do too!

Rob Cover, RMIT University

The Australian government has brought forward plans to criminalise doxing, bringing nationwide attention to the harms of releasing people’s private information to the wider public.

The government response comes after the public release of almost 600 names and private chat logs of a WhatsApp group of Australian Jewish creative artists discussing the Israel-Hamas war.

As a result, some of the people whose details were leaked claim they were harassed, received death threats and even had to go into hiding.

While we wait for new penalties for doxers under the federal Privacy Act review, understanding doxing and its harms can help. And there are also steps we can all take to minimise the risk.

What is doxing?

Doxing (or doxxing) is releasing private information — or “docs”, short for documents — online to the wider public without the user’s consent. This includes information that may put users at risk of harm, especially names, addresses, employment details, medical or financial records, and names of family members.

The Australian government currently defines doxing as the “malicious release” of people’s private information without their consent.

Doxing began as a form of unmasking anonymous users, trolls and those using hate speech while hiding behind a pseudonym. Recently, it has become a weapon for online abuse, harassment, hate speech and adversarial politics. It is often the outcome of online arguments or polarised public views.

It is also becoming more common. Although there is no data for Australia yet, according to media company SafeHome.org, about 4% of Americans report having been doxed, with about half saying their private emails or home addresses have been made public.

Doxing is a crime in some countries such as the Netherlands and South Korea. In other places, including Australia, privacy laws haven’t yet caught up.

Why is doxing harmful?

In the context of the Israel-Hamas war, doxing has affected both Jewish and pro-Palestinian communities and activists in Australia and abroad.

Doxing is harmful because it treats a user as an object and takes away their agency to decide what, and how much, personal information they want shared with the wider public.

This puts people at very real risk of physical threats and violence, particularly when public disagreement becomes heated. From a broader perspective, doxing also damages the digital ecology, reducing people’s ability to freely participate in public or even private debate through social media.

Although doxing is sometimes just inconvenient, it is often used to publicly shame or humiliate someone for their private views. This can take a toll on a person’s mental health and wellbeing.

It can also affect a person’s employment, especially for people whose employers require them to keep their attitudes, politics, affiliations and views to themselves.

Studies have shown doxing particularly impacts women, including those using dating apps or experiencing family violence. In some cases, children and family members have been threatened because a high-profile relative has been doxed.

Doxing is also harmful because it oversimplifies a person’s affiliations or attitudes. For example, releasing the names of people who have joined a private online community to navigate complex views can represent them as only like-minded stereotypes or as participants in a group conspiracy.

A person using a laptop and smartphone simultaneously
There are steps you can take online to protect yourself from doxing without having to complete withdraw. Engin Akyurt/Pexels

What can you do to protect yourself from doxing?

Stronger laws and better platform intervention are necessary to reduce doxing. Some experts believe that the fear of punishment can help shape better online behaviours.

These punishments may include criminal penalties for perpetrators and deactivating social media accounts for repeat offenders. But better education about the risks and harms is often the best treatment.

And you can also protect yourself without needing to entirely withdraw from social media:

  1. never share a home or workplace address, phone number or location, including among a private online group or forum with trusted people
  2. restrict your geo-location settings
  3. avoid giving details of workplaces, roles or employment on public sites not related to your work
  4. avoid adding friends or connections on social media services of people you do not know
  5. if you suspect you risk being doxed due to a heated online argument, temporarily shut down or lock any public profiles
  6. avoid becoming a target by pursuing haters when it reaches a certain point. Professional and courteous engagement can help avoid the anger of those who might disagree and try to harm you.

Additionally, hosts of private online groups must be very vigilant about who joins a group. They should avoid the trap of accepting members just to increase the group’s size, and appropriately check new members (for example, with a short survey or key questions that keep out people who may be there to gather information for malicious purposes).

Employers who require their staff to have online profiles or engage with the public should provide information and strategies for doing so safely. They should also provide immediate support for staff who have been doxed.

Rob Cover, Professor of Digital Communication and Co-Director of the RMIT Digital Ethnography Research Centre, RMIT University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Crypto scams will increase over the holidays – here’s what you need to know to not fall victim

Posted on by

by Ashish Nanda, CyberCRC Research Fellow, Centre for Cyber Security Research and Innovation (CSRI), Deakin University; Jeb Webb, Senior Research Fellow, Centre for Cyber Security Research and Innovation (CSRI), Deakin University; Jongkil Jay Jeong, CyberCRC Senior Research Fellow, Centre for Cyber Security Research and Innovation (CSRI), Deakin University; Mohammad Reza Nosouhi, CyberCRC Research Fellow, Centre for Cyber Security Research and Innovation (CSRI), Deakin University, Deakin University, and Syed Wajid Ali Shah, CSCRC Research Fellow, Centre for Cyber Security Research and Innovation, Deakin University

We loved this article from The Conversation, originally published on 14 November 2022

Each year, as the festive season arrives, we must also keep an eye out for potential scammers trying to ruin the fun. This is because scammers become more active during the holidays, targeting us while we have our guard down.

So far in 2022, Australians have lost around half a billion dollars to scams, which is already significantly more than had been lost by this time last year. The majority of these losses – around $300 million – have involved investment or cryptocurrency scams.

Researchers from Deakin University’s Centre for Cyber Security Research and Innovation had a opportunity to interview recent victims of these scams. Here is what we found.

Anyone can fall for a scam

I was shocked and could not accept that this happened to me although I was very careful […] I was numb for a couple of minutes as it was a large amount of money. – (26-year-old female office manager from South Australia)

These scams have become highly sophisticated and criminals have become less discriminating about whom they target. This is reflected in recent victim demographics, showing a wide variety of backgrounds, a more even distribution across several age groups, and an almost even split on gender.

So, how can you spot these scams and where can you get help if you have fallen victim?

If it sounds too good to be true, it might just be a scam

I was dumbfounded, to say that ground shattered under my feet would be an understatement, it will take me a very long time to recover from it, financially and mentally. – (36-year-old female, legal practitioner from Victoria)

Most crypto scams involve getting the victim to buy and send cryptocurrency to the perpetrator’s account for what appears to be a legitimate investment opportunity.

Cryptocurrency is the currency of choice for this type of crime, because it’s unregulated, untraceable and transactions cannot be reversed.

Victims of such scams are targeted using a number of different methods, which include:

Investment scams: scammers pretend to be investment managers claiming high returns on crypto investments. They get the victim to transfer over funds and escape with them.

“Pump and dump”: scammers usually hype up a new cryptocurrency or an NFT project and artificially increase its value. Once enough victims invest, the scammers sell their stake, leaving the victims with worthless cryptocurrency or NFT.

Romance scams: involves scammers using dating platforms, social media or direct messaging to engage with you, gain your trust and pitch an amazing investment opportunity promising high returns, or ask for cryptocurrency to cover medical or travel expenses.

Phishing scams: an old but still effective scam involving malicious emails or messages with links to fake websites promising huge returns on investment or just outright stealing credentials to access users’ digital currency wallets.

Ponzi schemes: a type of investment scam where the scammers use cryptocurrency gathered from multiple victims to repay high interest to some of them; when victims invest more funds, the scammers escape with all the investments.

Mining scams: scammers try and convince victims to buy cryptocurrency to use in mining more of it, while in reality there is no mining happening – the scammers just make transfers that look like returns on the investment. Over time, the victim invests more, and the scammers keep taking it all.

Although methods evolve and change, the telltale signs of a potential scam remain relatively similar:

  • very high returns with promises of little or no risk
  • proprietary or secretive strategies to gain an advantage
  • lack of liquidity, requiring a minimum accumulation amount before funds are released.

Where to seek help if you’ve been scammed

I felt helpless, I didn’t know what to do, who to reach out to, I was too embarrassed and just kept blaming myself. – (72-year-old male, accountant from Victoria)

If you think you have fallen victim to one of these scams, here is what you need to do next:

  • inform the Australian Competition and Consumer Commission (ACCC) here or reach out to relevant authorities as per advice on the ScamWatch website
  • reach out to your friends and family members and inform them of the scam; they can also be a source of help and support during such times
  • as these events can have a psychological impact, it’s recommended you talk to your GP, a health professional, or someone you trust
  • you can also reach out to counselling services such as LifeLine, beyond blue, Sucide Call Back Service, Mens Line, and more for help and support.

If you ever find yourself in a difficult situation, please remember help and support is available.

Finally, to prevent yourself becoming the next statistic over the holiday period, keep in mind the following advice:

  • don’t share your personal details with people online or over a call
  • don’t invest in something you don’t understand
  • if in doubt, talk to an expert or search online for resources yourself (don’t believe any links the scammers send you).

This article is republished from The Conversation under a Creative Commons license. Read the original article.