It’s no secret that cybercriminals thrive on personal information to pull off scams, commit bank fraud, and engage in identity theft. But did you know that a lot of the information they need is readily available on people search sites? It might surprise you to learn that these companies gather and sell your personal data—everything from your contact details to information about your family—often without you even realizing it.
What’s more, this data can become even more vulnerable to breaches simply by being stored on these sites. For instance, I recently discussed an alarming incident where 2.7 billion records were stolen from a background search site called National Public Data and then shared for free on a cybercrime forum.
Having your personal information floating around on these people search sites and data broker databases significantly increases your risk of falling victim to scams. But don’t worry. I’ll dive into the details of how this happens and, more importantly, what you can do to protect yourself and stop it.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
Cybercriminals exploit people search sites for personal data
People search sites like Whitepages, Spokeo, and BeenVerified are designed to help users find and connect with others, but they’ve become a goldmine for cybercriminals. Despite warnings against using the data for stalking, harassment, or harm, these sites offer a wealth of information that can be exploited by malicious actors.
Scammers can access a wide range of personal details, including addresses, phone numbers, email addresses, birthdates, family information, employment history, and even religious beliefs or political affiliations. They can also find property records, court and police records, and information about hobbies and interests.
This comprehensive data allows cybercriminals to build detailed profiles of potential victims, making it easier to craft convincing scams or carry out identity theft. The abundance of personal information available through these sites poses a significant risk to individuals’ privacy and security.
3 ways scammers use people search sites
Let’s talk about how scammers are using people search sites to find their next victims. It’s pretty alarming, but understanding how this works can help us stay one step ahead.
1) Finding victims
At its core, cybercriminals can easily browse people search sites to dig up information about random individuals. They can look up names and uncover a treasure trove of details—like email addresses, phone numbers, and other contact info. This is where things start to get a bit dicey.
2) Profiling victims
Once they have access to this information, scammers can create detailed profiles of their targets. They might find out about someone’s job history, whether they have kids, or even if they’re single and looking for love. They can also determine if someone is elderly, which can make them more susceptible to confusing tech jargon. Research indicates that a staggering 60% of cybercrimes against seniors—who are particularly vulnerable—are at least partly fueled by the personal information available online, often through data brokers and people search sites.
3) Putting the plan into action
With all this information in hand, scammers can launch targeted phishing attacks to trick victims into revealing sensitive information. They can create scams designed to steal money or even commit identity theft. There are countless stories of individuals falling prey to these scams and losing their identities. In many cases, the scammers likely sourced their information from people search sites. In some shocking instances, certain data brokers—like Epsilon, Macromark, and KBM—have been caught red-handed selling personal information directly to scammers, giving them the tools they need to exploit vulnerable individuals.
4 ways to keep your personal information off people search sites (and away from scammers)
With the threat data aggregators like people search sites pose, it’s definitely a good idea to keep your information off their databases. While it won’t put a definitive stop to scammers, it will make it harder for them to find the information necessary to target you. It will also limit the number of places your data can be found online, thereby reducing the chances of it ending up in a data breach. That said, removing your information from people’s search sites can be easier said than done. It’s not impossible, though. Here’s what to do:
1) Track down and opt-out from people search sites that sell your data
The first and most obvious step is to track down people search sites that sell your personal information and make them remove it. Fair warning—this requires a time commitment and ongoing maintenance.
You’ll first have to look up your own name, phone number, email address, or home address on any popular search engine. You’ll likely see a bunch or people search sites in the search results. From there, you go through the results pages, visit each website that shows up, and send individual opt-out requests to each one.
Since they refresh their databases often, most people search sites will add your personal information again after some time, though. So if you want to keep your data offline, you’ll have to check back every few months and remove it again.
If you have a few bucks to spare, I recommend using an automated personal information removal service like Incogni. They remove your data from people search sites and tons of other data broker types. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.
Special for CyberGuy Readers (60% off): Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $5.99/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 190+ data brokers. You can add up to 3 emails, 3 home addresses and 3 phone numbers (U.S. citizens only) and have them removed from data-broker databases. I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.
Get Incogni for your family (up to 4 people) here
2) Limit the number of online tools and services you use
You should also exercise some good digital hygiene practices. Like being more discerning about the online tools and services you use. Many of them actually harvest your personal information and sell it to third parties—including people search sites and data brokers.
Even something as seemingly benign and widely used as extensions can be leaking your data online. A study conducted by researchers over at Incogni revealed that 44% of Chrome extensions collect your personally identifiable information (PII). Even if they don’t sell it, this increases the risk of data breaches and malicious activity if the extension goes rogue.
You should reevaluate the apps, extensions, and online accounts you use. Remove anything you don’t really need. Those you do—check the privacy policies for their data collection and sharing practices. You can always find more privacy-conscious alternatives.
3) Use throwaway emails and burner numbers wherever possible
Living in the digital age, I know it’s not really possible to go without any online tools. To sign up for most, you need to share at least an email or phone number. Unfortunately, those details are often shared with third parties, end up with people search sites and data brokers, circulate the web, and ultimately result in increased spam and malicious attacks.
It’s a lot safer to use burner numbers and masked or throwaway accounts. This allows you to sign up, receive communication, and maintain control of your online accounts while keeping all of the associated data and activity from being linked to your real identity.
4) Use private browsers and search engines
Browsers and search engines are another big source of data. Most of them track and share at least some of your online activity. Thankfully, there are plenty of browsers and search engines designed with privacy in mind.
I’ve previously recommended a few privacy-conscious search engine alternatives. They come with their own benefits and drawbacks but they all keep your search history private. The same goes for the browser itself.
HOW TO RECOGNIZE AND AVOID BEING A VICTIM OF VACATION RENTAL SCAMS
Kurt’s key takeaways
It’s clear that while people search sites can be useful for reconnecting with friends or finding information; they also pose significant risks to our privacy and security. By taking proactive steps to protect our personal data, we can make it much harder for cybercriminals to exploit our information.
In your opinion, what should be the responsibility of companies that collect and sell personal data regarding user privacy? Let us know in the comments below.
FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
1 comment
what should be the responsibility of companies that collect and sell personal data regarding user privacy?
They should be shut down and put out of business. As far as I can see, they serve no purpose other that to create channels of opportunity for those that would do you harm.