Threats Online
Doxxing
Doxxing is a low-level tactic commonly used by malicious actors online to acquire and expose the personal information of public figures. This tactic is used by many different types of people on the internet, including cybercriminals, hacktivists, trolls and hacking groups. Doxxing is now a normal tactic used to target journalists. This information is commonly available through a mix of public records, social media accounts and publications. The publishing of private information can lead to physical security threats.
Social Engineering
Social Engineering is a tactic where the attacker poses as a trusted individual in order to gain access to sensitive information. Attackers use information that is easily found online through social media, search engines and public record to build a believable pre-text for their attack. They execute this type of attack via the phone, through a phishing email or message, or in-person. Limiting your personal information online can curb these types of targeted attacks.
Search Engines
Search engines are usually the starting point for criminals looking to target people online. Search engines are used as initial recon to gather basic info about an individual. Data found is often used as pivot points to find other data.
Checking for your personal information on a search engine also gives a good overview of the data that is the quickest and easiest to find about yourself. We recommend leveraging search operators to give you specific results. Weāve outlined the ones we find most useful below.
| Google & Bing Search Operators | ||
|---|---|---|
| Operator | What it searches | Example |
| Site | Provides results of pages located on a specific domain | site:linkedin.com |
| AND/OR | Use the AND operator to return results containing two results. Use the OR operator to return results that contain one result or the other result. | āJohn Smithā AND (Portland OR Salem) |
| Asterisk | Google treats the asterisk as a placeholder for a word or words in a search string. | āJohn * Smithā |
| Hyphen | This operator allows you to exclude the text immediately following it. | āJohn Smithā -site:yournewssite.com |
| Filetype | Filter search results by a single file type extension Common File Types: | filetype:xls intext:you@youremail.com |
DOC/DOCX
XLS/XLXS
PPT/PPTX
TXT
JPG/JPEG/PNG (Image files)
PDF
| Bing Search Operators | ||
|---|---|---|
| Operator | What it searches | Example |
| LinkFromDomain | Creates results that link to every website within a website. | LinkFromDomain:website.com |
| Contains | Allows you to filter search results by a single file type extension on a specific website. | Contains:csv site:website.com |
Google Alerts
Google Alerts are a great way to keep tabs on new information that is indexed by Google. Google search operators can be used in Google Alerts for more specific alerts on your data.
Once youāre signed into your Google account, you can set up Google Alerts here: https://www.google.com/alerts
Public Records and Data Brokers
After searching for your information on a search engine, you will likely find results pointing to a website run by a data broker. These sites use public records to aggregate information about you. This often includes current and previous addresses, phone numbers, names of family members, or previous names (If youāve changed your name). See if you can find profiles of yourself on these sites and consider taking steps to opt out.
Below is a list of sites that aggregate personal data from various sources. Many of these sites offer that data for sale, and some provide it for free. The New York Times Information Security team has vetted the sites below, meaning that we are comfortable recommending you to engage with them to remove your data, and we are confident that they will remove your data.
Tips for Opting Out
| Please note that some of these sites will request you provide some personal data to opt out, such as email address, phone number, and address. Here are some tips for engaging with them: |
|---|
Only provide a site with the data they already have about you. If you see that they have an old home address, do not provide them with a current address, just provide them with the address they already have listed.
We recommend providing a less-frequently used email address. Setting up a burner email or opting out is a great way to ensure your email wonāt receive a bunch of spam.
If you are concerned about providing your phone number, consider setting up a Google Voice or other voice over IP (VoIP) account.
This part of the process is the most time consuming. We recommend breaking the delisting process out into more manageable chunks and setup a schedule to remove your information.
| Your data may show up again. These sites are pulling data from public records and open source, so if you move, get married, or make another life change, itās possible your data may repopulate on these sites. We recommend reviewing your information once a year and removing any new records that may have appeared. |
|---|
Social Media
Social media accounts allow malicious actors to gather specifics on things like your relationships, hobbies, or travels. Social media accounts donāt often consider how transparency on their platforms can lead to targeted attacks, so we have developed some guidance on locking down the most commonly used platforms below.
Identify your Social Media Accounts
Enter your commonly used handles into https://namecheckr.com to see where that handle is being used. This can help you discover old accounts you may have set up, as well as keep an eye for impersonation accounts
Searching on Facebook
Until recently, Facebook allowed users to search for things such as public posts and photos that a specific user had been tagged in. This information is still public but now more difficult to locate. Your privacy on Facebook depends on how private your friends and family are.
Facebookās internal search provides a limited set of options when it comes to searching accounts. To get an accurate view of what is public, partner with someone who is not friends with you on Facebook.
| Tip | You must have a Facebook account and be logged in to search for other Facebook users. |
|---|
Searching on Twitter
Twitter simple search: https://twitter.com/search-home
Twitter advanced search: https://twitter.com/search-advanced
| Twitter Search Operators | ||
|---|---|---|
| from | Messages username is sending out | from:username |
| to | Messages being sent to username | from:username to:username |
| geocode | Tweets occurring within range of specific GPS coordinates | geocode:40.753830318,-73.987329384,1km āsearch term hereā |
| AND/OR | Use the AND operator to return results containing two results. Use the OR operator to return results that contain one result or the other result. | from:username OR from:username |
| since:YYYY-MM-DD until:YYYY-MM-DD | Tweets occurring within a specific date range | From:username since:2005-01-01 until:2005-01-31 |
Searching on Instagram
Instagram recently made it more difficult to locate information about users who have private accounts. The in app search field only shows users and hashtags related to search terms.
Searching on LinkedIn
| Tip | If you are searching for others while logged into your profile, they will be able to see that you viewed their profile with the default settings. Me > Settings & Privacy > Privacy > Profile viewing options |
|---|
LinkedInās built in search features can be difficult to customize and provides results based on your interactions and connections. We recommend leveraging a search engine using custom search operators for a better understanding of the publicly available information on LinkedIn.
Search engine operators examples for LinkedIn
Site:linkedin.com āYour place of employmentā
Site:linkedin.com āYour LinkedIn headlineā
Securing your accounts
Visit our Social Media Security & Privacy Guide for a list of recommended settings to lockdown personal information on your social media accounts.
Additional Resources
Check to see if you email or username has been associated with a data breach at https://haveibeenpwned.com/
To search the Internet Archive for personal information use https://web.archive.org/
IntelTechniques Data Removal Handbook: https://inteltechniques.com/data/workbook.pdf