Doxxing Extortion Scam

Doxxing extortion combines two harmful acts: the aggregation and threatened or actual publication of someone's private identifying information, and the use of that threat to coerce compliance. The word 'doxxing' derives from 'dropping documents' — releasing identifying records about a person without their consent.

The personal information used may come from public social media profiles, data-breach dumps, people-search websites, voter rolls, or aggregated from multiple mundane-seeming sources. The perpetrator may invest very little effort and yet assemble a dossier that feels terrifyingly comprehensive to the victim. This tactic is used in harassment campaigns, targeted attacks on public figures, and financially motivated extortion against ordinary individuals.

The perpetrator identifies a target and spends minutes to hours aggregating publicly available information from social media, professional networks, and data-aggregator sites.

They then contact the victim with a sample of the gathered data to establish credibility, accompanied by a demand. The threat is typically to post the information in a public forum, to contact the victim's employer with damaging claims, or to send physical mail to the victim's home to demonstrate they know the address.

If the victim complies, the scammer may go silent temporarily but almost always returns with additional demands. If the victim does not comply, the scammer may publish a portion of the information to demonstrate they are serious before escalating.

Home addresses are particularly frightening because they bridge the online world to the physical one. The fear that a stranger could appear at one's home is visceral and not irrational, making this form of threat especially effective.

The victim often feels responsible for protecting family members who may not even be aware of the situation, which compounds pressure to pay. The relative ease with which personal data can be assembled from public sources means the perpetrator's 'research' often looks more extensive than it actually was.

The victim receives a message — typically via social media, email, or a gaming platform — from someone who claims to have gathered their real name, home address, employer, and details about family members. The scammer may paste back some genuine-looking detail (often assembled from public sources or social media) to demonstrate they have done their research. They then demand money, online gaming currency, favours, or that the victim perform an action in exchange for keeping the information private. In some cases the scammer has published a first tranche of information on a paste site or forum to show intent and increase pressure. Victims who pay usually receive further demands within days.

"I know you live at [ADDRESS] and work at [COMPANY]. Pay me [AMOUNT] in Bitcoin or I post everything to [FORUM] and your neighbours will know exactly who you are."

"I have compiled everything about you and your family. Your kids go to [SCHOOL]. This stays between us if you send [AMOUNT] in the next 12 hours."

"I already posted your details on [SITE]. Pay [AMOUNT] and I will delete the post and never contact you again."

Assess what information the scammer actually has. Paste their claims into a search engine to see which public sources it could have come from. Many dossiers consist entirely of information visible on the victim's own social media or professional profiles.

Check known data-aggregator websites to see your own public footprint. If the scammer's information matches what is already publicly indexable, their special access was simply a browser search.