🔒Privacy

Swatted because someone found my address online — how do I scrub my info

Swatting attack after personal address was found through people search sites

6 min readUpdated Mar 2026

Someone called in a fake emergency to your home. Armed officers showed up, weapons drawn, because a stranger on the internet decided to weaponize your address. You were swatted. This isn't a prank — people have died from swatting attacks. And the reason it happened is almost always the same: your home address was sitting on a people search site, free for anyone to find.

The immediate danger may be over, but the vulnerability isn't. If your address is still out there, it can happen again. Here's how to lock everything down and make sure this never happens twice.

🚨

If you are currently being swatted or officers are at your home

Stay calm. Keep your hands visible at all times. Do not make sudden movements. Comply with all instructions from law enforcement. Once resolved, immediately inform officers you believe you are the victim of a swatting attack. Ask for a case number.

Immediate Steps After a Swatting Attack

Do these within the first 24 hours

File a police report

Ask responding officers to document it as a swatting incident before they leave. Get the case number — you'll need it.

Many departments maintain a registry of known swatting targets. When dispatch receives a call about your address, they'll verify before sending a tactical response. This one step can prevent a repeat attack.

Contact the FBI

Swatting is a federal crime under 18 U.S.C. § 1038. File a report at tips.fbi.gov. Federal investigators have better tools to trace spoofed calls and VoIP services.

Document everything

Screenshot any threats, messages, or posts connected to the attack. Save usernames, timestamps, and platform URLs.

1,000+

Estimated swatting incidents per year in the US

90%

Of swatters find addresses via people search sites

Deaths directly attributed to swatting attacks

How Swatters Find Your Address

Swatters aren't sophisticated hackers. They're using the same tools available to anyone. Understanding how they found you tells you exactly what to fix:1

People search sites

The #1 source. Sites like WhitePages, Spokeo, FastPeopleSearch, and TruePeopleSearch aggregate your name, address, and phone number — all publicly accessible. A swatter just needs your real name or an old username linked to your identity.

Gaming platform leaks

Xbox, PlayStation, Steam, and Discord have all had data breaches. If your gaming account links to your real email, which ties to your real name, the chain to your address is short.

Social media OSINT

Geotagged photos, check-ins, posts mentioning your neighborhood — all of these can be pieced together. From there, a people search site fills in the rest.

WHOIS records and public records

Domain registrations without WHOIS privacy, voter rolls, and property records are all public and feed directly into data broker databases.

⚠️

Your username is often the weak link

If you use the same username across gaming platforms, forums, and social media, a swatter can trace your gaming handle back to a social account with your real name. Use different usernames for anything connected to your real identity vs. your gaming life.

Scrubbing Your Address from People Search Sites

This is the most important thing you can do. Every major people search site has an opt-out process, but they're all different and they all take time:2

Major data broker opt-outs

WhitePages / WhitePages Premium

Go to whitepages.com/suppression-requests. Find your listing, request removal. Processing takes 24-48 hours.

Spokeo

Visit spokeo.com/optout. Paste the URL of your listing, enter your email for confirmation. Removal takes 24-48 hours.

BeenVerified / PeopleLooker

Submit at beenverified.com/faq/opt-out. One removal may cover several properties they own.

FastPeopleSearch

Go to fastpeoplesearch.com/removal. One of the faster removals — usually same day.

TruePeopleSearch

Visit truepeoplesearch.com/removal. Processing within 24-72 hours.

Intelius / Zabasearch / US Search

Intelius owns several sites. Submit at intelius.com/opt-out. Requires form with ID verification.

Radaris

Find your profile, click "Control Information" and request removal. Can take 48+ hours.

ℹ️

There are 100+ data broker sites

The ones listed above are the biggest, but comprehensive protection requires ongoing monitoring across all of them. Removing from the top 10 handles the majority of exposure, but data brokers re-list you over time.

We remove your information from 100+ data broker sites and monitor for re-listings. One submission — we handle every opt-out, verification, and follow-up.

Start Your Removal →

Lock Down Your Digital Footprint

WHOIS Privacy: If you own domain names, enable WHOIS privacy immediately. Most registrars offer this free. For old cached records, submit removal requests to DomainTools and who.is.

Social Media: Set all profiles to private. Remove location information, turn off geotagging, and delete old check-ins. Audit your follower lists — remove anyone you don't know.

Gaming Platforms: Use different emails and usernames for gaming vs. personal social media. Enable 2FA everywhere. Set profiles to private.

Long-Term Protection

Get a virtual mailbox or P.O. Box. Stop using your home address for anything public-facing. Use it for domain registrations, business filings, and online purchases from unfamiliar retailers.

The re-listing problem: Data brokers re-add your information. You can spend a weekend submitting opt-outs, and three months later you're back on half of them.^3] One-time removal is a start, but [ongoing monitoring catches re-listings before someone uses them. This is the biggest gap in most people's post-swatting security plan.

💡

Set a recurring calendar reminder

If handling removal yourself, check the top 10 data broker sites every 30 days. Search your name, old addresses, and phone numbers. A re-listing caught quickly doesn't get scraped by dozens of other sites.

Legal Consequences for Swatters

Federal law: 18 U.S.C. § 1038 carries up to 5 years in prison. If someone is injured, up to 20 years. If someone dies, life imprisonment.4

State laws: Most states prosecute under false reports, criminal threats, and endangerment statutes. Many have enacted specific anti-swatting laws.

Civil liability: You can sue for emotional distress and property damage. The FBI and Secret Service have traced swatters through VPN logs and payment records. Multiple swatters have received federal prison sentences.

Before

Home address exposed on 50+ people search sites. Gaming accounts linked to real identity. No swatting flag with local PD.

After

Address scrubbed from data brokers with ongoing monitoring. Identities separated. Police flagged. Virtual mailbox for all public records.

Frequently Asked Questions

Free Resource

Swatting Prevention & Recovery Kit

Local PD registration template, complete data broker opt-out list with links, gaming platform privacy checklists, and law enforcement reporting guide.

Get the Free Kit

Sources & Citations

1
Anti-Defamation League report on doxxing and swatting: how personal information is weaponized through publicly available databases and people search sites. Anti-Defamation League ↗
2
FTC report on data brokers: collection and sale of consumer personal information including names, addresses, and phone numbers. Federal Trade Commission ↗
3
Privacy Rights Clearinghouse: Data broker opt-out challenges and the re-listing problem facing consumers. Privacy Rights Clearinghouse ↗
4
18 U.S.C. § 1038 — False information and hoaxes, including penalties for swatting attacks resulting in injury or death. Cornell Law Institute ↗