Doxxing is the malicious practice of researching and broadcasting private information about individuals or organizations without consent, typically to enable harassment, intimidation, or reputational damage. Derived from "dropping documents," this tactic has evolved into a sophisticated enterprise threat that targets executives, employees, and corporate infrastructure through coordinated information exposure campaigns.
Modern doxxing attacks combine open-source intelligence (OSINT) gathering with social engineering to compile comprehensive profiles of organizational personnel, aggregating data from public records, social media, breach databases, and corporate directories to create detailed dossiers that expose home addresses, phone numbers, family information, and internal organizational structures.
Common Doxxing Variants
Executive Targeting: High-profile executives and board members are targeted to enable extortion, reputational attacks, or as a precursor to more sophisticated business email compromise campaigns.
Employee Database Leaks: Exposing employee contact information, organizational charts, and internal communications to facilitate social engineering, phishing, and competitive intelligence gathering.
Supply Chain Mapping: Revealing key vendor relationships and internal contacts to enable targeted supply chain attacks.
Competitive Intelligence: Exposing proprietary business information, client lists, or strategic plans to benefit competitors.
Whistleblower Retaliation: Exposing the identities of individuals who report corporate misconduct to silence them or deter future reporting.
Enterprise Security Implications: Doxxed employees become high-value targets for spear phishing, business email compromise, and social engineering attacks. The personal information exposed through doxxing enables attackers to craft highly personalized and convincing attack scenarios. Organizations should have incident response plans for doxxing events and provide support resources for targeted employees.
Pangratis protects against follow-on attacks that leverage doxxed information, detecting spear phishing and impersonation attempts that use personal details to appear legitimate.