Most people assume online scammers need to hack a database or steal a password. This is a misconception. Scammers primarily leverage information already accessible online, legally and easily found.

An entire industry, known as data brokering, collects and sells personal details. Without your consent, websites publish your name, address, phone numbers, age, past addresses, and even relatives' information. This data is compiled from public records, voter registrations, court filings, and property transactions.

Scam operations often use spreadsheets filled with such data to identify targets. For instance, a network of call centers defrauded Americans using lists containing names, ages, and income information. They then used this research to make fraudulent calls convincing.

Scammers weaponize this public data in several ways:

  1. Impersonating your bank: They use your known bank, name, and address to sound legitimate before requesting account verification.
  2. Family emergency calls: Information on relatives allows scammers to impersonate a grandchild in distress, using personal details to build a convincing story.
  3. Targeted phishing: Personalized emails or texts using your name, address, or neighborhood details are far more believable than generic messages.

Even without social media presence, your information is often listed on data broker sites due to home purchases, voter registration, or property filings.

To reduce your exposure:

  • Search for your name and address on people-search sites and submit opt-out requests.
  • Encourage elderly family members to do the same.
  • Be skeptical of calls or messages starting with personal details.

Because data brokers have varying removal processes and refresh databases, automated data removal services are recommended for ongoing protection. These services manage requests to numerous sites and monitor for reappearing data, making you a significantly harder target.