What if you run the risk of doxing on Facebook?
In recent years, concerns about privacy on social media have increased dramatically. Data breaches and other incidents have caused many users to question their use of social media and the security of their personal information.
Take this instance where a Facebook user claimed that their phone number was made public by the social media platform without their consent.
In a Reddit post, the user stated that their phone number was shared with over 90,000 followers of their YouTube Channel. They have accused Facebook of doxing, adding that the privacy violation took place despite them being inactive on Facebook for over 1 year.
How the privacy breach took place via Facebook
The user realized that their information had been mishandled by Facebook after they received a text on WhatsApp enquiring about them via their pseudonym. The message read, “Is this Drongo?” This terrified the user as their phone number was hidden on the social media platforms used by them and only shared while creating the account.
According to the user’s Reddit post, to create a YouTube channel, they needed to log in using their Facebook account and put in their phone number. However, the user claimed that Facebook publicly linked their personal number to their fan page without their permission or knowledge.
They further stated that neither their data was made public nor had their Facebook account been updated in the past 2 years.
Facebook allows individuals to create an account with a few details while signing up. Similarly, YouTube offers the option to log in using their other accounts, such as Facebook. If this data is not safe, users can get affected in a number of ways starting with data theft.
A young user may not be totally aware of who might have access to the data they are sharing on the social media platform. They might also get confused if user data from two accounts are shared with each other without their knowledge. Moreover, young YouTube users, who are unaware of the privacy policies, may panic on receiving such messages.
The user’s Reddit post depicted the same by saying, “after having kept my personal details intentionally hidden for the duration of my online career, my stomach hit rock bottom. Had I been hacked? Was this a leak? What did this person want? How did they get this number that NO ONE knows?”
What is doxing?
Doxing, also spelled d0xing or doxing is the exploitation of personal information by making it public. The word doxing is made by combining docs (documents) and compiling or releasing information. Personally identifiable information (PII) belonging to an individual or company from any online source unethically or unlawfully must be avoided.
Social media content is not to be used without the consent of the user. In a media statement, a spokesperson of the Privacy Commissioner for Personal Data (PCPD) spoke about a Gazette about doxing being a criminal offense and said, “The Government spokesman urged members of the public not to defy the law by attempting to commit the concerned doxxing acts. The PCPD and the Police will step up law enforcement actions to protect the personal data privacy of the public.” This post was made on October 8, 2021.
The dark web advertising doxing tutorials for newbie cybercriminals
The Cambridge Analytica scandal, in which the consulting firm harvested the private information of over 50 million Facebook users to influence the 2016 U.S. presidential election, brought the enormity of how individual user information could be misused.
This and other similar incidents have led to a decline in public trust, causing many users to question their ability to control their own data.
According to a study by the Pew Trust, 80% of social media users are worried about businesses and advertisers accessing and using their posts.
As a result, there has been a growing push for stricter regulations and greater scrutiny of companies responsible for protecting personal data.
Legal authorities may have to deter doxing tutorials that are shared with individuals or learning cybercriminals by threat actors who are also selling tools on the dark web marketplace.
A user named Alchacofo said in their post on the dark web that the doxing tutorial thread, which was earlier deleted, had been reuploaded by them. The post also maintained that it has some additional tools for doxing that were found on the forums.
