Virtual 3D tours on real estate websites, such as Zillow and Redfin, could pose privacy risks to the current residents.
Sometimes the homes in these tours are staged, but other times they contain evidence of current residents’ lives. University of Washington researchers were curious about whether personal belongings visible in 3D tours could introduce privacy risks.
The team examined 44 3D tours on a real estate website. Each tour was for a home in a different state and had at least one personal detail—such as a letter, a college diploma, or photos—visible. The researchers conclude that the details left in these tours could expose residents to a variety of threats, including phishing attacks or credit card fraud.
The team will present their findings at the USENIX Security Symposium 2023. Support for the work came from the National Science Foundation, the university’s Tech Policy Lab, Google, Meta, Qualcomm, and Woven Planet.
Lead author of the study Rachel McAmis, a doctoral student in the University of Washington’s Paul G. Allen School of Computer Science & Engineering, describes the findings: