Executive & family privacy briefings
38 briefingsExecutives face a threat model that sits outside the scope of most corporate security programmes: personal targeting, enabled by open-source data that any adversary can access without authentication. The briefings in this collection address that model directly.
The records that create the exposure are held by data brokers, people-search platforms, company registries, and breach corpora. They include home addresses, family member names, personal phone numbers, and credential fragments — assembled from public sources without the subject's knowledge or consent, and queryable by anyone prepared to spend an afternoon on it. When those records reach a threat actor targeting a senior figure, they enable physical surveillance, social engineering, credential-based account compromise, and doxing campaigns.
These briefings cover the four executive threat types and how each operates, the country-specific removal mechanics for the broker systems that create the exposure, the infostealer economy that circulates personal credentials, and the protective disciplines — OPSEC hardening, broker erasure, active monitoring — that reduce the surface. The research is primary-source and practitioner-level; it assumes a reader who wants to understand the mechanism, not a summary of industry guidance.
Executive Privacy
View hub →Can You Audit Your Own Digital Footprint?
You can audit the visible part of your digital footprint yourself. Here is the method, and the four things a self-audit structurally cannot reach.
ANALYSISWhat Protective Intelligence Is, and Why It Starts With Your Profile
Protective intelligence is the discipline of seeing yourself the way an adversary would. Why it starts with your profile rather than the threat, and what it maps.
ANALYSISIs Executive Digital Protection Worth It?
Executive digital protection is worth it under specific conditions. When boutique protective intelligence beats standard precautions, and the gap it closes.
ANALYSISHow Doxxing Became a Physical-Security Threat
Doxxing began as a gaming-feud weapon and now reaches the front door. The real cases, the data-broker fuel behind them, and why exposure reduction is the defence.
ANALYSISCybersecurity Calls It Attack Surface. Criminologists Have Studied It for Fifty Years.
Cybersecurity’s attack surface and criminology’s exposure are the same model, discovered independently fifty years apart — and both point to reducing your footprint.
ANALYSISReputation Analysis vs Reputation Management: Why Diagnosis Comes First
Two services get sold as one. Diagnosing what people actually conclude about you comes before any attempt to change it.
GUIDEWhat Can Someone Find From Your Email Address?
An email address is the key a researcher starts from. What your email actually reveals about you, and how to see your own.
ANALYSISWhat a Future Employer Is Allowed to Research About You: The Law, and What Actually Happens
By the time a senior offer is on the table, someone has run a search on you. Here is what an employer may lawfully research under the GDPR, and what actually happens.
ANALYSISWhy Social Engineers Target the Executive's Family
A protected principal is a locked front door. The behavioural data shows the family is the side door: less defended, more susceptible, and the path attackers take to reach the principal.
GUIDEHow to Protect Your Digital Footprint: What You Can Do Now, and Where It Stops
Most guides on protecting your digital footprint stop at strong passwords and private accounts. The work that actually reduces your exposure is elsewhere — in metadata, identifiers, and device defaults.
ANALYSISThe Optimal Moment: How Your Digital Footprint Tells an Attacker When to Strike
Sophisticated social engineering attacks are not random. They are timed. The data that reveals when to strike is largely public — and most of it you have already published yourself.
GUIDEWhat Does the Internet Know About Me?
Your browser transmits a detailed fingerprint before you do anything on a page. This piece maps five standard data layers and dissects a real fingerprint to show how investigators chain device signals to a single identity.
ANALYSISThe Structural Doxing Problem: European Executives Face Harder Exposure Than Their US Peers
From Rotterdam to Glasgow, activist campaigns are targeting corporate offices across Europe through supply-chain research. In September 2025, that escalation reached executives' personal residences in the UK. Here is what the research chain looks like — and what you can do about it.
ANALYSISWhen Privacy Becomes a Price Tag: The Three-Tier Problem in Europe’s Data Market Debate
A Bruegel working paper proposes regulated data markets as Europe’s fix for the consent impasse. On examination, the three-tier model makes full privacy available only to those who can pay for it.
ANALYSISEU Facial Recognition: Loud Regulation, Quiet Enforcement
The EU has the strictest facial-recognition rules in any major jurisdiction. It also has Clearview AI, fined more than €110 million across five member states, paying nothing, still indexing EU residents’ faces. The gap between regulation and enforcement is the story.
GUIDEWhat Traces Do You Leave Online: The Silent Data Trail
Your visible online presence is only the surface. Below it sit contact graphs built by others, location broker pipelines, insurance registers, archive snapshots, and an AI assistant layer that logs and may train on everything you type.
METHODHow a Mirror Investigation Runs
What actually happens in 48 hours of a Mirror investigation: the four sequential stages a finding moves through before it appears in the report.
GUIDEIs Doxxing Illegal? How EU, UK and US Law Treat It in 2026
How doxxing is treated under Dutch, German, French, UK and US law in 2026: dedicated criminal statutes, GDPR overlay, federal-and-state patchwork, and what victims can do.
ANALYSISWhy Breaches Without Passwords Still Put You at Risk
When a breach notification says no credentials were exposed, the data that was exposed is often exactly what executive targeting is built from.
ANALYSISWhy CEO Fraud Starts With Data Brokers
BEC and whaling attacks rely on personal data gathered during the reconnaissance phase. Removing that data from brokers and breach databases disrupts the attack before it begins.
ANALYSISHow AI Search Engines Build Profiles About You
AI search engines build executive profiles by connecting data across brokers, breach databases, and public registries in real time.
GUIDEDeepfake Detection: A Practical Guide for Executives and Their Teams
How deepfake fraud works, why detection alone is failing, and the verification protocols that actually prevent losses.
METHODOSINT Research vs Stalkerware: Where Investigation Ends and Surveillance Begins
The FOUR rubric used by law enforcement — Fixated, Obsessive, Unwanted, Repeated — applied to the line between legitimate OSINT research and stalkerware surveillance, from both the investigator's and target's perspective.
ANALYSISHow OSINT Tracks Smuggling Networks: The Intelligence Tradecraft Behind Europol’s New Centre
Europol launched ECAMS and named OSINT a core strategic capability. Here is how open-source intelligence actually tracks smuggling networks — from Telegram forwarding chains to satellite change detection.
GUIDEHow Executives Get Doxxed — and What Europe Is Doing About It
From the CEO Database to the Netherlands' first doxxing arrest, executive targeting has become organised. Here is where the data comes from, what the law now says, and what you can do about it.
GUIDEWhat Is a Digital Footprint — and How Attackers Use Yours
Your digital footprint is the sum of all data that can be linked back to you online. Here is what it contains — and how attackers exploit each piece.
METHODUsername and Alias Correlation: Methodology, Tooling, and Likelihood Assessment
A username is not anonymous. It is a behavioural fingerprint dressed as a pseudonym. This is how analysts trace handles to real identities — and why the same process is used against private individuals.
METHODThe Mosaic Effect: How Harmless Data Combines Into a Complete Profile
Your employer is public. Your general location is public. Your gym, your commute pattern, your lunch spot — all public. None of it is sensitive on its own. But combine them, and something qualitatively different emerges.
ANALYSISWhat Cryptocurrency Transactions Reveal About You — Without You Knowing
Bitcoin transactions do not contain your name — but pseudonymous is not anonymous. The moment a wallet address links to your identity, that link is permanent and retroactive. Covers KYC breach risk, blockchain tracing methodology, Monero's reputational problem, and the Bitfinex and Colonial Pipeline cases.
ANALYSISIf Dutch Ministers Could Not Stay Out of the Odido Dataset, You Probably Didn't Either
Four ministers. A senior intelligence officer. Three individuals under active government protection. The Odido breach did not distinguish between ordinary customers and people who thought they were managing their exposure. What each data field enables — and why the window for acting is narrowing.
GUIDEThe Accounts You Forgot About Are the Ones That Expose You Most
Most people think about their current online presence. They overlook the usernames, photos, emails, and forum posts from a decade ago — and that is exactly what attackers are looking at.
ANALYSISYour Digital Profile Already Exists. You Just Have Not Seen It.
Before anyone searches for you, your profile is already assembled. Three freely available layers — social media, data brokers, and breach data — combine into something far more complete than most people realise.
ANALYSISWhen Does Investigation Become Surveillance?
Sherlock, GHunt, SpiderFoot, Recon-ng, Maltego — the same tools used in legitimate investigations are used in stalking and doxxing. A feature-by-feature ethics map of the most popular OSINT platforms.
GUIDEPunch the Monkey: OSINT and the Battle of Narratives
A baby spider monkey, three conflicting headlines — and a masterclass in how the same footage can be spun into entirely different stories. Here is how OSINT methodology cuts through viral fiction to find what is actually true.
INTELWhat Investigators See When They Search You: A 2026 OSINT Breakdown
A step-by-step walkthrough of how OSINT analysts build a complete profile on any individual using only public sources in 2026 — and what you can do about it.
INTELWhy Using ChatGPT for OSINT Leaves a Trail
Using ChatGPT or Perplexity for OSINT research leaves an auditable trace that compromises operational security. Why automation with manual interpretation is the correct methodology.
INTELHow Criminals Bypass KYC Checks Using Your Leaked Data
KYC identity verification was designed to stop fraud. Here's how criminals use your leaked data to defeat it — and what that means for your exposure.
INTELHow to Verify Information in the Age of AI: A Zero-Trust Approach
Until verified, everything is both real and fake. Learn how to apply Zero-Trust principles to validate intelligence in an age of AI-generated deepfakes and synthetic content.
If you want to know what a search like this returns about you, a Snapshot Scan tells you in 48 hours.
See what’s exposed