What is Swatting and How do you Avoid Becoming a Victim?

Click here for a short summary.

A Quick Guide: What is Swatting and How do you Avoid Becoming a Victim?

Swatting is an extremely dangerous and sometimes life-endangering prank. Gamers, hackers, and other malicious actors find targets and make emergency calls that trick heavily-armed authorities and first responder services into responding to false threats at their location.

Swatters usually get the information needed to go through with these attacks in one of three ways:

1. Doxing
2. Social engineering
3. Scouring social media

Anyone can become a target at any time. Luckily, there are measures you can take to protect yourself from swatting attacks:

1. Never give out your personal information online.
2. Use a VPN to hide your IP address.
3. Don’t use your real name in your online usernames.
4. Sign up for anti-swatting registries so first responders know you’re at risk.

Ready to take a deep dive into what swatting is and how to avoid becoming a victim? Read our full article below.

Imagine sitting at your computer, you’re reading this article and all of a sudden spotlights flash through your window. A tactical team of heavily armed law enforcement officers is storming up to your home and screaming at you to “come out with your hands in the air!” You’ve never committed a crime in your life, your heart is racing and it must be some mistake, so what do you do?

In this scenario, you’ve just become a victim of swatting — a dangerous hoax that online gamers, hackers, or anyone with malicious intent can commit. Though swatting incidents are pranks, several deaths have occurred as a result and it’s a crime that has serious consequences and should not be taken lightly.

We’ll cover what exactly swatting is, who commits swatting, and how to steer clear of becoming a victim in the rest of this article.

What is Swatting?

Swatting is a dangerous hoax where hackers and other malicious parties dupe heavily-armed authorities and special services into responding to a false report. The swatters that call in these false reports hope that special units and emergency services will swarm in on innocent targets.

The term “swatting” is derived from the acronym S.W.A.T. — the special weapons and tactics force of the United States that is called in for a serious emergency like someone holding hostages, bomb threats, active shooters, or other serious criminal activity.

Though having SWAT teams respond to emergencies is a popular form of swatting incidents, swatters have also sent fire departments, police, ambulances, and even high-cost, cash-only pizza deliveries to targets. This means that, although SWAT is a special force in the United States, anyone in the world can become the victim of a swatting attack.

Many cases of swatting have stemmed from the online gaming community. Rival gamers might go after one another through swatting attacks, for example. Even so, anyone who gives away too much information about themselves — on social media, in comment sections, private messages, or phone calls — could easily become a victim.

How do Swatters Gather Information?

In order to perform a swatting attack, swatters need certain information about their victim, like their home address. Going hand-in-hand with swatting are a few key ways of obtaining personal data. They are:

• Doxing: The act of doxing is when someone posts private information on a public platform, revealing personal information like business or home addresses and IP addresses. Once that information is out there online, those looking to commit swatting attacks can use it. For a full run-down on doxing, check out our full article here.
• Social engineering: Social engineering is a method of manipulation that hackers and malicious actors use to get passwords, login data, and sensitive financial information of their victims. But swatters can also use this technique to get a home address or location needed for swatting attacks. They might pose as customer service, technical support representatives, or even as an authority at a victim’s job to squeeze out the data they need. For a deep dive into social engineering, take a look at our full article here.
• Social media: It’s a fact that in today’s online world, many users post a lot of information about themselves on social media platforms. They might put up pictures of the house or apartment they just bought or “check in” to various restaurants and businesses, revealing their location, at any given time. A swatting incident can even originate in the comments sections of social media platforms like Reddit, Twitter, or Facebook. That’s why it’s important to be mindful of what you put out there, as a savvy swatter could sift through accounts and pull out the information they need for potential swatting calls.

Who Commits Swatting and Why?

A swatting attack could come from a wide range of individuals or groups for a variety of reasons. Whether it’s gamers going after live streamers, simple online bullying, or someone looking to extort a victim, motives are only limited to the desires of the swatter.

Here’s a rundown of who commits swatting and why they do it.

Online gamers

Swatting often happens in online gaming chats and gaming forums, and some of the earliest online cases sprung from this community. Online games like Call of Duty, World of Warcraft, and Counter Strike have live chats that allow users to interact while playing, which can lead to rivalries, high competition, insults, or any other reason for targeting a victim’s home.

A Pennsylvania gamer awoke to a team of state troopers at his door, pointing rifles at him and his family. A swatter had made a false claim that there were shots fired at the house. Though the incident ended peacefully after police arrived, the victim, Eric Altman, said the claim could have been revenge, a prank, or an action taken by someone who simply didn’t like his YouTube content.

In July 2021, Louis Sammartino, a popular Twitch streamer with over 600,000 followers, was raided by a SWAT team after someone filed a false report during a live gaming stream playing Fortnite. He said he didn’t know who was behind the attack or what the reason might be.

Other popular gaming streamers Summit1g and Ben “DrLupo” Lupo have also said that they are regularly harassed by followers who engage in swatting attacks against them.

Hackers

Whether it’s for money or mayhem, hackers have been key players in swatting attacks. Here are a couple of reported examples:

• Pranking: Hackers are well-known for causing all kinds of havoc and swatting is no exception. Though it seems to be nothing but a prank and a desire to watch the chaos unfold, the FBI warned that hackers have used stolen email passwords on matching home security devices. When victims reuse their email passwords for home security systems, hackers were able to infiltrate the cameras and watch their swatting attack unfold, all the while interacting with police.
• Extortion: Hackers have been known to use the threat of a swatting attack as a form of extortion. They might try and squeeze Bitcoin, alternate cryptocurrencies, or other online valuables from a victim to avoid a swatting attack.

Politically-motivated groups

With political wars waging constantly across the globe, it should come as no surprise that politicians and leaders of political groups have become targets of swatting attacks. In the United States, Los Angeles Black Lives Matter leader Melinda Abdullah was targeted in a second swatting attack a day after filing a lawsuit related to the first. Swatters have honed in on conservative bloggers and writers with controversial opinions as well.

Swatters have launched attacks against high-profile political figures, though whether or not the swatting attacks were politically motivated or simply pranks is unknown. Senator Ted Lieu of California was swatted after leading a legislative fight against the crime, and former First Lady Michelle Obama, former FBI director Robert Mueller, and former CIA Director John Brennan have all been targets of swatting calls.

Hate groups

Hate-driven swatting attempts aren’t as prevalent as some of the other categories listed, but they’re still there. Whether it’s animosity toward a particular race, sexual orientation, or religion, hate groups can use swatting to exercise their agenda.

In one recent case, a former neo-Nazi leader used swatting attacks to target predominantly black churches, a university with high African-American enrollment, the ProPublica newsroom, and the home of a ProPublica staff writer for pieces they’d covered. John Denton, the neo-Nazi leader, was sentenced to 41 months in prison for his role in the swatting.

Pranksters swatting high-profile targets

While many swatters may have specific motives — be it toward streamers, rival players, or public officials — it seems some are merely pranksters looking to harass celebrities and other high-profile figures.

Justin Bieber, Miley Cyrus, and Tom Cruise have all been swatted multiple times, and prank calls have also led Los Angeles police to storm Rihanna’s home in Pacific Palisades. Journalist Brian Krebs has been targeted multiple times for his reporting on cybersecurity.

Deadly and Dangerous Swatting Incidents

Though many swatting cases have ended peacefully once authorities realized it was a hoax, there are several cases where the prank ended in serious injury or death. Swatters use a variety of tools (like caller ID spoofing, voice changers, and VPNs) to hide their true identities and locations, so responding units have no choice but to take each call or report seriously. Here are a few cases where a swatting ended in the death of a victim:

• In April 2020, a computer programmer who picked up a highly valued Twitter handle (@Tennesee valued for thousands on the dark web) was harassed by hackers to give it up. When he refused, they sent SWAT teams to his home which caused him to have a heart attack and die on the scene.
• In December 2017, a Wichita Kansas man, Andrew Finch, was shot by police in a swatting attack in his home. Investigators later uncovered that the swatter had made a mistake. Gamers playing Call of Duty: WWII got into an argument over a $1.50 bet, but the attacker sent police to the wrong address, Finch’s home, and authorities later discovered Finch wasn’t involved in the altercation at all. The perpetrator, Tyler Barriss, who police called a serial swatter, was sentenced to 20 years in prison for the incident. Two others involved also received prison time.
• Dispatchers at 911 received a call in January of 2015 from a man claiming to be Dallas Horton, who said that he had a bomb at a preschool. When the local police chief — Louis Ross — and a team of officers stormed Horton’s apartment, the chief was shot multiple times by Horton, who wasn’t aware it was police entering his home. They later discovered that the call didn’t originate from Horton’s home, but rather the call was a swatting attack from a man Horton had a prior disagreement with — Jame Edward Holly.

In addition to the dangers that can befall victims, swatting is also a costly burden on taxpayers. It’s estimated that an emergency SWAT response call in the United States can cost anywhere from $3,000 to $15,000 per incident. That depends on which state the response is called in, the overtime pay needed for officers on the call, and what resources are needed in the response. Even so, if each call was roughly $10,000 in taxpayer dollars, that would be $240,000 per year.

How to Prevent Swatting

In order for swatting to take place, the perpetrator has to have your physical address or location. They can gain this through various means, one of which is your IP address. To avoid having your private information pried from you via social engineering or being doxed online, there are several measures you can take to protect yourself.

1. Never give out your personal information online

It’s important to keep an eye on your privacy settings on Facebook, Snapchat, Instagram, and other platforms. Make sure they’re set correctly and keep your data protected. Also try to avoid checking into places that might give away your whereabouts online, and stray from posting pictures of your home on the internet. Once a persistent attacker can hone in a general area, a simple Google satellite search could figure out your address. Unless you’re one hundred percent certain that you know the person, never give them any private data.

2. Don’t use your real name for usernames

If you’re active in gaming chats, comments sections, or like to argue about politics and other controversial subjects online, make sure your user name is different from your real name. If you anger or offend a would-be swatter online, a quick search could pull up all kinds of info about you on Facebook, LinkedIn, or other platforms.

3. Use a VPN

VPN stands for Virtual Private Network. When you sign up for internet service, your internet service provider (ISP) assigns you an IP address. This IP address corresponds to the physical location of your router, which is typically in your home or office. Instead of your online activity being traced back to your real IP address — which savvy hackers and swatters can do — VPNs assign you a new anonymous IP address that spoofs your location from anywhere in the world.

In practice, using a VPN means that, even if you were commenting from your home device in the United States, it would look like you were actually logged in from Switzerland, Australia, or a host of other countries VPNs have servers in.

If you’d like to try out a VPN, we recommend NordVPN. This premium provider offers high levels of protection and is incredibly user-friendly. You’ll be able to protect your home address and location at all times, so you can stream, game, and communicate online without fear of swatting attacks.

For more information on VPNs and their uses besides online privacy, make sure to check out our full VPN section here.

4. Join an anti-swatting registry

If you feel that you might be targeted in a swatting attack, you can add yourself to a registry that can alert authorities that your address is vulnerable to attacks. US police departments are pointing citizens concerned about their privacy toward Smart911 and Rave Facilities.

Smart911 allows residents to register information about themselves in case of emergencies. While it could be that the homeowner is deaf or hard of hearing, users can also provide information to responders that they’ve been targets of swatting before. Rave Facilities is the commercial counterpart to Smart911, which allows businesses and commercial buildings to do the same.

The Legal Repercussions of Swatting

Many countries have made swatting illegal and impose imprisonment or fines as punishment. Though it’s possible to prosecute swatting on a federal level in the United States, it’s usually prosecuted at state level, with the consequences of swatting depending on that state and the severity of the attack. If death occurs, there can be serious consequences, such as life imprisonment and up to $250,000 in fines.

Here are examples of the legal repercussions of swatting in the United States:

• The highest reported punishment was Tyler Barriss’s 20-year prison sentence for his role in the death of Andrew Finch in 2017. Though Barriss made the swatting call from California, the death took place in Kansas. In Kansas, the charge of giving false alarm while disguising your voice with an electronic device can carry a prison sentence of up to three years alone. Once the death was involved, the judge imposed a higher penalty.
• In most US states, if no victims are injured or killed, the charges are typically filing a false police report and aggravated harassment. These are misdemeanors and typically carry very light punishment.
• In California, swatters must pay the full cost of the SWAT or tactical response team, which can be upwards of $10,000. Filing false police reports, cyberstalking and aggravated harassment are misdemeanors until death occurs.
• In the state of New York, swatters can be charged with murder if a hoax call ends in the death of a target, though filing false police reports is still a misdemeanor.
• Kentucky and Utah are considering making swatting a felony offense, though legislation has yet to pass.

Swatting: A Wrap-Up

Though the act of swatting is meant to be a joke or prank, the cases we mentioned have proven that swatting can end in death or life-threatening injury for an unsuspecting victim or law enforcement officers. When this happens, the crime could be considered manslaughter or murder.

If you’re concerned for your privacy and want to avoid becoming a victim of swatting attacks, it’s important to remember to protect and hide your personal information online. Especially when gaming, you should take special care to conceal your identity with usernames different from your own. We’d also advise you to use a VPN to hide your IP address.

Though things might get heated in chats, comment boards, and online forums, try to keep a cool head and avoid making enemies. Be wary of social engineering tactics and never give out any personal information online unless you’re totally confident that you know the person you’re giving it to.