Key Takeaways:

  • Use a strong, unique password (12+ characters with mixed numbers and symbols), change it every three months, log in only via the official streeteasy.com site, and never share your password or one-time access code. StreetEasy® will never request credentials by email, phone, or text.
  • Verify that emails you receive from us are from @streeteasy.com, and beware of phishing attempts via messages or listing inquiries sent through the StreetEasy platform. Check all URLs before clicking.
  • Share only essential details when communicating with prospective buyers or renters. Never disclose sensitive information such as your SSN or bank account numbers.
  • Report any suspicious activity to support@streeteasy.com. StreetEasy continuously monitors for fraudulent behavior and promptly removes content or users that violate our terms of service.

As a real estate agent using StreetEasy®, it’s important to keep your account secure at all times. StreetEasy and Zillow® take the security of As a real estate agent using StreetEasy, it’s important to keep your account secure at all times. StreetEasy and Zillow® take the security of your account seriously and do everything we can to keep your information safe, but there are additional steps you can take to prevent malicious activity. We encourage you to apply the actions and best practices outlined below.

Login & Password Best Practices

Keeping your account safe starts with maintaining a secure password, exercising caution when logging into StreetEasy, and protecting your login credentials. Always follow these best practices:

  • Create a strong password. A strong password is long (at least 12 characters) and uses a mix of upper and lowercase letters, numbers, and symbols. It shouldn’t contain any references to personal information (e.g. your birthday, dog’s name) or common words, patterns, or sequences (password, abcd, 1234, qwerty, etc.). 
  • Make your password unique. Choose a password you’ve never used before, and are not currently using for any other account (especially the email associated with your StreetEasy account). Make sure it’s not a derivative of any of your other passwords, too. Once created, don’t use the password anywhere else.
  • Change your password regularly. Every three months is recommended.
  • Always make sure you’re logging into the official StreetEasy website. Check the URL in your browser before logging into your StreetEasy account. It should always start with streeteasy.com.
  • Never share your password or one-time access code. You should be the only person who knows your password. Don’t share it with anyone — including members of your team. Additionally, never share your one-time access code with anyone. StreetEasy will never ask you for your password, access code, or other login credentials via phone, email, or text message. We will only ever ask you for this information directly on streeteasy.com.

Fraudsters and other bad actors commonly use a tactic known as phishing, in which they send emails or messages pretending to be from a reputable source and dupe users into revealing sensitive personal information. There are ways to recognize phishing attempts and avoid falling for one. 

Practice the following in regards to emails, messages, or other communications you receive from (or through) StreetEasy.

Check all emails you receive from StreetEasy and verify that it’s really us.

The best way to confirm is by checking the sender’s email address: it should have streeteasy.com in the domain.

If you’re using Gmail or Yahoo Mail on desktop, look for the blue checkmark shown below:

Look out for any suspicious communications you receive in relation to your listings.

Phishing attempts can occur over email, but may also come in the form of messages or listing inquiries sent through the StreetEasy platform. Keep an eye out for anything that seems “off”: excessive typos, unusual formatting, strange wording, suspicious links, or requests for sensitive personal or financial information.

Without clicking, hover your cursor over any links contained in StreetEasy communications, and look to the lower left corner of your browser or email client to see the link’s URL. (On mobile, you can hold down the link to preview it, which will show its URL). Check the URL for anything suspicious before clicking. 

Official StreetEasy website URLs will always contain streeteasy.com. Check for any variations of the domain suffix, too, which should always be .com.

Exercise caution with all links, including external links to a webpage other than the StreetEasy website. For instance, there have been phishing attempts where a user requests a Zoom meeting with an agent and disguises a malicious URL as a Zoom link. We strongly advise checking any and all URLs you receive before clicking, and ideally, sending your own meeting links and details to users who need to meet virtually.

Limit the Amount of Personal Information You Share

You may need to share some personal information — your email address and phone number, for example — in your communications with StreetEasy or with prospective buyers or renters. However, keep it to a minimum: the more you share, the more risk of fraudsters attempting to use it for malicious purposes. Never share sensitive personal or financial information such as your SSN, date of birth, or bank account numbers. Practice common sense and use your best judgment.

The security of your account, information, and data is important to us, and we take reports of suspicious activity seriously. You can report such activity by emailing support@streeteasy.com. Furthermore, our teams monitor activity in several different ways to actively screen for suspicious content, and anything found to be in violation of the StreetEasy Advertising Terms of Service or Zillow Terms of Use is removed from our sites as quickly as possible.