Skip to content

Your Personal Data, Up for Grabs

Fraudsters can easily learn all about you. Here's how they do it

Scam Alert: Grabbing your digital data


Scammers can buy your personal data — birth date, previous addresses, family members’ names — for a few dollars from people-search websites.

En español l For $33, I purchased an online dossier on myself, just as anyone with a credit card could do. It had enough in it to get the ball rolling for identity theft.

This on-demand file included my birth date, past employers and addresses — including rentals from decades ago — that could be used to apply for fraudulent credit in my name. It included my relatives' names and ages, useful for the so-called grandparents scam (in which fraudsters pretend to be grandchildren in distress) and other impostor schemes. It provided emails, phone numbers and other personal nuggets that I'd prefer scammers not know.

And it's all publicly available — and legal — on people-search websites such as Spokeo, Instant Checkmate, Pipl, Intelius, BeenVerified, PeekYou, PeopleFinders and PeopleSmart, each of which gets millions of visitors a month. And there are more than a dozen others.

With access ranging from $1 trial memberships to ongoing, $10-per-month subscriptions for unlimited searches, users can get access to scam-worthy details on pretty much whomever they want, with assurances of anonymity.

Are scammers using these sites? It's hard to prove, though anecdotal evidence suggests they are, according to Paul Stephens of the Privacy Rights Clearinghouse.

In my own case, some of the information about me was spot-on accurate, often coming from public records — including my one brush with the law, a traffic ticket in 2010. Some was way off-base — including relatives, jobs, addresses, social media accounts, emails and phone numbers that I never had (including reported employment at the Federal Trade Commission).

But that 15-minute search on myself was typical of what can be done: provide enough to create "a very complete picture of you that can be used for evil," says Andrew Sudbury of Abine, an online privacy company.

From names of hometowns and high schools (helpful in answering website security questions) to past sweepstakes you entered (to target you for bogus contests), anyone with Internet access can buy data nuggets on virtually every American consumer. It's all collected and sold by some 200 data broker firms — with no laws to protect you.

So what can you do?

Be proactive. Some search sites do let you opt out. Get step-by-step instructions at But prepare yourself: Some (like Intelius) require a photocopy of your driver's license and other hoop-jumping. And if you're removed from the site, which doesn't always happen, data may be reposted, so you should regularly recheck. For a fee, such companies as Abine, Safe Shepherd and AVG PrivacyFix will do the legwork for you.

Check all your possibilities. Data on you may be filed under your first and last name. But it may also be listed with your middle name. Or with your middle initial. Or with name misspellings.

Don't help them. You can't control some details about yourself — such as those pooled from public records — but you can withhold others by taking precautions, such as making sure you don't complete product-warranty cards (you still have the warranty regardless), take part in surveys or enter contests. Some data may be taken from social networks, so guard what you post on Facebook, Twitter, LinkedIn and the like.

Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.

Also of Interest

Join AARP Today — Receive access to exclusive information, benefits and discounts