Scam emails aren’t random. The recipient fields already tell you a lot. 📥 TO, CC & BCC Explained TO: You’re the main target Your email is openly listed. They contacted you directly. CC: Everyone can see each other If strangers are CC’d, it’s a bulk blast from a scraped or leaked list. BCC: You don’t appear anywhere You’ll receive the email, but your address won’t show in To/CC. Classic sign of mass phishing campaigns. If you see “To: (empty)” or the sender’s own address → you were BCC’d. 🔍 How to Track Where Your Email Leaked ✔ Plus Addressing Use aliases like: name+amazon@… name+instagram@… If spam arrives on that alias → you know exactly who leaked or sold it. ✔ Have I Been Pwned Check if your email appeared in a breach. Turn on notifications so you get alerts immediately. ✔ Email Headers (advanced) or click: “<> Show original” in the menu with the three dots if you use G Mail. Look at return path, server, and SPF/DKIM/DMARC. If it doesn’t match the claimed sender → scam. We’ll take a deep dive into this in an advanced E-mail course. What can you do moving forward? 🛡️ Protect Your Inbox - Use aliases or +addressing - Turn on HIBP alerts https://haveibeenpwned.com - Unique passwords + app-based MFA - Don’t click links! Open sites manually

People think deleting cookies makes them invisible. Modern tracking doesn’t care about your cookies, it cares about you. Here’s how companies (and sometimes investigators) still identify you: 1️⃣ Device Fingerprinting Your device leaks a unique “signature”: • Screen size • Timezone • Installed fonts • Graphics card • Browser version Put together? It’s more unique than your fingerprint. 2️⃣ Canvas Tracking Websites force your browser to draw an invisible image. How your device renders it reveals exactly who you are. You can’t delete this. You can’t block this. Most people don’t even know it exists. 3️⃣ Passive Signals Your browser gives away: • Battery percentage • Audio hardware • Touchscreen capability • System acceleration • Keyboard language These tiny details build a profile that’s almost impossible to fake consistently. 4️⃣ IP Triangulation Not just your IP. Your IP history, movement patterns, login timing, and behavioural rhythm. Humans are predictable. Machines notice. OSINT Lesson: If you think you’re “anonymous,” it just means the person investigating you hasn’t started yet. 🎭 101 ANONYMITY course is coming next week where I’ll teach what basic measures you can take to maximize your anonymity so you can browse safely and responsibly,

Newly released emails show Epstein in 2011 discussing GPS-tracking shoes to track kids and clients, with Sultan Ahmed Bin Sulayem. From an OSINT perspective, what stands out is not the concept itself, but how long the technology had already existed before it appeared in those emails. 🟦 Timeline of the Technology 1998: Enemy of the State The film (released on VHS btw), depicts real-time tracking via devices hidden in Will Smith’s shoes, clothing, and personal items as he is being tracked by NSA. While presented as fiction, the techniques reflected surveillance capabilities already tested or deployed at the time. 2007: Commercial GPS Shoes GTX publicly launched GPS-enabled footwear marketed for child safety, dementia patients, and remote monitoring. In other words: consumer-level tracking shoes were already on the market four years before the emails. 2011: Epstein Emails The idea reappears, framed as an “innovation,” despite the concept being well-established both in media and in commercial technology. 🟦 Why This Matters (OSINT Lens) The progression shows a familiar pattern in surveillance tech: 1. Hollywood normalizes it (1998) 2. Industry commercializes it (2007) 3. Private actors take interest (2011) 4. Public suddenly notices (years later) For investigators, it’s a reminder that: - Technologies framed as “new” often have a 20+ year operational history. - Pop-culture depictions can serve as early indicators of real-world capabilities. - Public shock rarely aligns with the actual development timeline. 🎬 Movie Tip For context and historical framing, revisit Enemy of the State (1998). Its portrayal of shoe-based tracking predates the 2007 commercial products and the 2011 emails by a wide margin, making it a valuable cultural reference for understanding the evolution of surveillance technology. Have a nice weekend! @cultrodistro