Swatters usually get the information needed to go through with these attacks in one of three ways: Anyone can become a target at any time. Luckily, there are measures you can take to protect yourself from swatting attacks: Ready to take a deep dive into what swatting is and how to avoid becoming a victim? Read our full article below. In this scenario, you’ve just become a victim of swatting — a dangerous hoax that online gamers, hackers, or anyone with malicious intent can commit. Though swatting incidents are pranks, several deaths have occurred as a result and it’s a crime that has serious consequences and should not be taken lightly. We’ll cover what exactly swatting is, who commits swatting, and how to steer clear of becoming a victim in the rest of this article.
What is Swatting?
Swatting is a dangerous hoax where hackers and other malicious parties dupe heavily-armed authorities and special services into responding to a false report. The swatters that call in these false reports hope that special units and emergency services will swarm in on innocent targets. The term “swatting” is derived from the acronym S.W.A.T. — the special weapons and tactics force of the United States that is called in for a serious emergency like someone holding hostages, bomb threats, active shooters, or other serious criminal activity. Though having SWAT teams respond to emergencies is a popular form of swatting incidents, swatters have also sent fire departments, police, ambulances, and even high-cost, cash-only pizza deliveries to targets. This means that, although SWAT is a special force in the United States, anyone in the world can become the victim of a swatting attack. Many cases of swatting have stemmed from the online gaming community. Rival gamers might go after one another through swatting attacks, for example. Even so, anyone who gives away too much information about themselves — on social media, in comment sections, private messages, or phone calls — could easily become a victim.
How do Swatters Gather Information?
In order to perform a swatting attack, swatters need certain information about their victim, like their home address. Going hand-in-hand with swatting are a few key ways of obtaining personal data. They are:
Doxing: The act of doxing is when someone posts private information on a public platform, revealing personal information like business or home addresses and IP addresses. Once that information is out there online, those looking to commit swatting attacks can use it. You can read our full article on doxing for more information. Social engineering: Social engineering is a method of manipulation that hackers and malicious actors use to get passwords, login data, and sensitive financial information of their victims. But swatters can also use this technique to get a home address or location needed for swatting attacks. They might pose as customer service, technical support representatives, or even as an authority at a victim’s job to squeeze out the data they need. For a deep dive into social engineering, take a look at our full article here. Social media: It’s a fact that in today’s online world, many users post a lot of information about themselves on social media platforms. They might put up pictures of the house or apartment they just bought or “check in” to various restaurants and businesses, revealing their location, at any given time. A swatting incident can even originate in the comments sections of social media platforms like Reddit, Twitter, or Facebook. That’s why it’s important to be mindful of what you put out there, as a savvy swatter could sift through accounts and pull out the information they need for potential swatting calls.
Who Commits Swatting and Why?
A swatting attack could come from a wide range of individuals or groups for a variety of reasons. Whether it’s gamers going after live streamers, simple online bullying, or someone looking to extort a victim, motives are only limited to the desires of the swatter.
Here’s a rundown of who commits swatting and why they do it.
Online gamers
Swatting often happens in online gaming chats and gaming forums, and some of the earliest online cases sprung from this community. Online games like Call of Duty, World of Warcraft, and Counter Strike have live chats that allow users to interact while playing, which can lead to rivalries, high competition, insults, or any other reason for targeting a victim’s home. A Pennsylvania gamer awoke to a team of state troopers at his door, pointing rifles at him and his family. A swatter had made a false claim that there were shots fired at the house. Though the incident ended peacefully after police arrived, the victim, Eric Altman, said the claim could have been revenge, a prank, or an action taken by someone who simply didn’t like his YouTube content. In July 2021, Louis Sammartino, a popular Twitch streamer with over 600,000 followers, was raided by a SWAT team after someone filed a false report during a live gaming stream playing Fortnite. He said he didn’t know who was behind the attack or what the reason might be. (Check out our list of the top VPNs for Twitch or go for one of these free options to help protect your privacy on the platform.) Other popular gaming streamers Summit1g and Ben “DrLupo” Lupo have also said that they are regularly harassed by followers who engage in swatting attacks against them.
Hackers
Whether it’s for money or mayhem, hackers have been key players in swatting attacks. Here are a couple of reported examples:
Pranking: Hackers are well-known for causing all kinds of havoc and swatting is no exception. Though it seems to be nothing but a prank and a desire to watch the chaos unfold, the FBI warned that hackers have used stolen email passwords on matching home security devices. When victims reuse their email passwords for home security systems, hackers were able to infiltrate the cameras and watch their swatting attack unfold, all the while interacting with police. Extortion: Hackers have been known to use the threat of a swatting attack as a form of extortion. They might try and squeeze Bitcoin, alternate cryptocurrencies, or other online valuables from a victim to avoid a swatting attack.
Politically-motivated groups
With political wars waging constantly across the globe, it should come as no surprise that politicians and leaders of political groups have become targets of swatting attacks. In the United States, Los Angeles Black Lives Matter leader Melinda Abdullah was targeted in a second swatting attack a day after filing a lawsuit related to the first. Swatters have honed in on conservative bloggers and writers with controversial opinions as well. Swatters have launched attacks against high-profile political figures, though whether or not the swatting attacks were politically motivated or simply pranks is unknown. Senator Ted Lieu of California was swatted after leading a legislative fight against the crime, and former First Lady Michelle Obama, former FBI director Robert Mueller, and former CIA Director John Brennan have all been targets of swatting calls.
Hate groups
Hate-driven swatting attempts aren’t as prevalent as some of the other categories listed, but they’re still there. Whether it’s animosity toward a particular race, sexual orientation, or religion, hate groups can use swatting to exercise their agenda. In one recent case, a former neo-Nazi leader used swatting attacks to target predominantly black churches, a university with high African-American enrollment, the ProPublica newsroom, and the home of a ProPublica staff writer for pieces they’d covered. John Denton, the neo-Nazi leader, was sentenced to 41 months in prison for his role in the swatting.
Pranksters swatting high-profile targets
While many swatters may have specific motives — be it toward streamers, rival players, or public officials — it seems some are merely pranksters looking to harass celebrities and other high-profile figures. Justin Bieber, Miley Cyrus, and Tom Cruise have all been swatted multiple times, and prank calls have also led Los Angeles police to storm Rihanna’s home in Pacific Palisades. Journalist Brian Krebs has been targeted multiple times for his reporting on cybersecurity.
Deadly and Dangerous Swatting Incidents
Though many swatting cases have ended peacefully once authorities realized it was a hoax, there are several cases where the prank ended in serious injury or death. Swatters use a variety of tools (like caller ID spoofing, voice changers, and VPNs) to hide their true identities and locations, so responding units have no choice but to take each call or report seriously. Here are a few cases where a swatting ended in the death of a victim:
In April 2020, a computer programmer who picked up a highly valued Twitter handle (@Tennesee valued for thousands on the dark web) was harassed by hackers to give it up. When he refused, they sent SWAT teams to his home which caused him to have a heart attack and die on the scene. In December 2017, a Wichita Kansas man, Andrew Finch, was shot by police in a swatting attack in his home. Investigators later uncovered that the swatter had made a mistake. Gamers playing Call of Duty: WWII got into an argument over a $1.50 bet, but the attacker sent police to the wrong address, Finch’s home, and authorities later discovered Finch wasn’t involved in the altercation at all. The perpetrator, Tyler Barriss, who police called a serial swatter, was sentenced to 20 years in prison for the incident. Two others involved also received prison time. Dispatchers at 911 received a call in January of 2015 from a man claiming to be Dallas Horton, who said that he had a bomb at a preschool. When the local police chief — Louis Ross — and a team of officers stormed Horton’s apartment, the chief was shot multiple times by Horton, who wasn’t aware it was police entering his home. They later discovered that the call didn’t originate from Horton’s home, but rather the call was a swatting attack from a man Horton had a prior disagreement with — Jame Edward Holly.
In addition to the dangers that can befall victims, swatting is also a costly burden on taxpayers. It’s estimated that an emergency SWAT response call in the United States can cost anywhere from $3,000 to $15,000 per incident. That depends on which state the response is called in, the overtime pay needed for officers on the call, and what resources are needed in the response. Even so, if each call was roughly $10,000 in taxpayer dollars, that would be $240,000 per year.
How to Prevent Swatting
In order for swatting to take place, the perpetrator has to have your physical address or location. They can gain this through various means, one of which is your IP address. To avoid having your private information pried from you via social engineering or being doxed online, there are several measures you can take to protect yourself.
1. Never give out your personal information online
It’s important to keep an eye on your privacy settings on Facebook, Snapchat, Instagram, and other platforms. Make sure they’re set correctly and keep your data protected. Also try to avoid checking into places that might give away your whereabouts online, and stray from posting pictures of your home on the internet. Once a persistent attacker can hone in a general area, a simple Google satellite search could figure out your address. Unless you’re one hundred percent certain that you know the person, never give them any private data.
2. Don’t use your real name for usernames
If you’re active in gaming chats, comments sections, or like to argue about politics and other controversial subjects online, make sure your user name is different from your real name. If you anger or offend a would-be swatter online, a quick search could pull up all kinds of info about you on Facebook, LinkedIn, or other platforms.
3. Use a VPN
VPN stands for Virtual Private Network. When you sign up for internet service, your internet service provider (ISP) assigns you an IP address. This IP address corresponds to the physical location of your router, which is typically in your home or office. Instead of your online activity being traced back to your real IP address — which savvy hackers and swatters can do — VPNs assign you a new anonymous IP address that spoofs your location from anywhere in the world. In practice, using a VPN means that, even if you were commenting from your home device in the United States, it would look like you were actually logged in from Switzerland, Australia, or a host of other countries VPNs have servers in. If you’d like to try out a VPN, we recommend NordVPN. This premium provider offers high levels of protection and is incredibly user-friendly. You’ll be able to protect your home address and location at all times, so you can stream, game, and communicate online without fear of swatting attacks. For more information on VPNs and their uses besides online privacy, make sure to check out our full VPN section here.
4. Join an anti-swatting registry
If you feel that you might be targeted in a swatting attack, you can add yourself to a registry that can alert authorities that your address is vulnerable to attacks. US police departments are pointing citizens concerned about their privacy toward Smart911 and Rave Facilities. Smart911 allows residents to register information about themselves in case of emergencies. While it could be that the homeowner is deaf or hard of hearing, users can also provide information to responders that they’ve been targets of swatting before. Rave Facilities is the commercial counterpart to Smart911, which allows businesses and commercial buildings to do the same.
The Legal Repercussions of Swatting
Many countries have made swatting illegal and impose imprisonment or fines as punishment. Though it’s possible to prosecute swatting on a federal level in the United States, it’s usually prosecuted at state level, with the consequences of swatting depending on that state and the severity of the attack. If death occurs, there can be serious consequences, such as life imprisonment and up to $250,000 in fines. Here are examples of the legal repercussions of swatting in the United States:
The highest reported punishment was Tyler Barriss’s 20-year prison sentence for his role in the death of Andrew Finch in 2017. Though Barriss made the swatting call from California, the death took place in Kansas. In Kansas, the charge of giving false alarm while disguising your voice with an electronic device can carry a prison sentence of up to three years alone. Once the death was involved, the judge imposed a higher penalty. In most US states, if no victims are injured or killed, the charges are typically filing a false police report and aggravated harassment. These are misdemeanors and typically carry very light punishment. In California, swatters must pay the full cost of the SWAT or tactical response team, which can be upwards of $10,000. Filing false police reports, cyberstalking and aggravated harassment are misdemeanors until death occurs. In the state of New York, swatters can be charged with murder if a hoax call ends in the death of a target, though filing false police reports is still a misdemeanor. Kentucky and Utah are considering making swatting a felony offense, though legislation has yet to pass.
Swatting: A Wrap-Up
Though the act of swatting is meant to be a joke or prank, the cases we mentioned have proven that swatting can end in death or life-threatening injury for an unsuspecting victim or law enforcement officers. When this happens, the crime could be considered manslaughter or murder. If you’re concerned for your privacy and want to avoid becoming a victim of swatting attacks, it’s important to remember to protect and hide your personal information online. Especially when gaming, you should take special care to conceal your identity with usernames different from your own. We’d also advise you to use a VPN to hide your IP address. Though things might get heated in chats, comment boards, and online forums, try to keep a cool head and avoid making enemies. Be wary of social engineering tactics and never give out any personal information online unless you’re totally confident that you know the person you’re giving it to. Protect yourself against other social engineering tactics by reading our series of guides:
What is a Watering Hole and How Do You Prevent It? Man-in-the-Middle Attacks: Everything You Need to Know What is Social Engineering?
Swatting is a prank where attackers send heavily-armed tactical teams — “swatting” comes from SWAT team — after filing a false police report. This may be a hostage situation or claims of an active shooting or murder. Swatters can get locations for their attacks from doxing.