Reading Time: 2 minutes

What Is OSINT (Open Source Intelligence)?

OSINT stands for Open Source Intelligence, which refers to collecting information from publicly accessible sources — like social media, blogs, websites, forums, and even search engines.

Attackers use OSINT to create detailed profiles of their targets, which helps them carry out phishing, identity theft, stalking, or even physical crimes.

Why It Matters

You don’t need to be famous to be targeted. Anyone with a digital presence is vulnerable. Attackers use OSINT to:

• Find your email, phone number, address
• Learn about your job, family, and habits
• Craft convincing fake messages (“Hi, I’m from your gym…”)
• Bypass security questions (mother’s maiden name, pet’s name, etc.)

Real Examples of OSINT Attacks

• Social Media Oversharing: A hacker followed a public Instagram account to learn a woman’s routine, then called pretending to be from her child’s school.
• Data Broker Leaks: Using leaked phone numbers and names from public databases, attackers created phishing texts that included the victim’s address.
• LinkedIn Exploits: Attackers impersonated recruiters using job and work history scraped from LinkedIn.

How Attackers Gather OSINT

What It Protects Against

Learning how OSINT is used against you protects against:

• Phishing & Spear Phishing

• Stalking & Harassment

• Identity Theft

• Business Email Compromise (BEC)

• Doxxing & Social Engineering

How to Protect Yourself from OSINT Exploitation

1. Lock Down Social Media

• Set profiles to private

• Remove birthdate, school info, phone number

• Avoid location tagging in real-time

• Don’t post your child’s school or routine

2. Use Alias or Pseudonyms Where Possible

• Use separate emails for different purposes (shopping, banking, personal)

• Avoid using your full name everywhere online

3. Regularly Google Yourself

Search your name + city, name + email, and check images to see what’s publicly exposed

4. Opt Out of Data Broker Sites

Visit sites like https://optout.prescott.dev or https://joindeleteme.com to remove your info from aggregators

5. Be Mindful of Metadata

Strip metadata from photos before uploading — use tools like ExifCleaner

6. Think Like an Attacker

Try to build a profile of yourself using only public data — whatever you find is what others can use against you

Recommended Tools and Services

• DeleteMe – removes your data from 750+ data broker websites

• ExifCleaner – strips identifying data from photos

• Firefox with Multi-Account Containers – separates online identities

• Google Alerts – set up alerts for your name or email

🛡️ Explore More on Demysti5
Want to dive deeper into personal online safety? Demysti5 offers tailored guides and tools for everyone—from parents and families, students, and senior citizens to remote workers, job seekers, and high net worth individuals.

You can also:

• Check your Online Safety Score
• Get practical Cyber Advice
• Adopt Secure Habits to protect your digital life
• Explore Cyber Safety for Business and Colleges
• Spread the Word to help others stay secure
• Read the latest on the Demysti5 Blog
• Access the Web App to track your cyber safety progress and complete personalized tasks
• Download the Android App or get it on Google Play
• Follow Demysti5 on Facebook and YouTube

Stay informed. Stay protected. Demysti5 it.