Security News > 2021 > March > Corporate doxing is on the rise: Here's how hackers are doing it and how to stop them
Doxing an individual can be a time-consuming and ultimately fruitless process, but the potential payout for doxing corporate employees can be huge, making them a much more tempting target.
Traditionally thought to be a risk for individuals, Kaspersky reports that it's increasingly being used to target corporate employees: 1,646 unique instances of one particular type of attack were detected by Kaspersky in February 2021, alone.
The doxing of individuals can be time-consuming and costly, and can result in little net gain for an attacker looking to financially capitalize.
"However, when doxing is aimed at the corporate sector, cybercriminals are less hindered by the cost of an attack because the potential monetary rewards are much larger," Kaspersky said, noting that corporate doxers are turning to the same tactics as those used by advanced persistent threat groups like The Lazarus Group and other nation-state-sponsored hacking collectives.
Email and phone phishing continue to be popular methods of hijacking accounts in order to give attackers a foothold from which they can steal additional information and launch more complicated doxing attacks.
"The doxing of organizations, just as of people, may result in financial and reputational losses, and the more sensitive the confidential information extracted is, the higher the harm. At the same time, doxing is one of the threats that could be prevented or at least significantly minimized with strong security procedures within an organization," said Kaspersky security researcher Roman Dedenok.