LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

Beyond passive surveillance, how is OSINT actively weaponized against individuals and organizations?

OSINT enables four active threat vectors: social engineering attacks, doxxing, stalking with physical danger, and corporate espionage.

Harvested public data feeds social engineering, doxxing, stalking and corporate espionage.

* Four active OSINT threat vectors built from harvested public data. *

Social engineering. Attackers gather personal details through OSINT to craft convincing phishing emails, phone calls, or impersonation attempts. Knowing someone's boss's name, their recent vacation destination, their pet's name, and their bank creates highly targeted attacks. This is called spear phishing when aimed at specific individuals, and it's dramatically more effective than generic phishing.

Doxxing. The malicious publication of someone's private information, including home address, phone number, employer, and family details, intended to harass and intimidate. OSINT provides the raw material. The consequences range from online harassment to real-world threats and violence.

Stalking and physical threats. Location data, daily routines, and workplace information enable stalkers to track victims in the physical world. OSINT converts digital information into real-world danger. A regular gym check-in reveals where someone will be at a predictable time.

Corporate espionage, or Wirtschaftsspionage. Competitors use OSINT to gather strategic information about rival companies. Employee LinkedIn profiles reveal team structures and capabilities. Job postings reveal technology stacks and upcoming projects. Conference presentations reveal research directions. All of this is publicly available and perfectly legal to read individually, but systematic collection for competitive advantage raises serious legal and ethical questions.

Go deeper:

From Quiz: PRIVACY / TOM and OSINT | Updated: Jul 05, 2026