Open-Source Intelligence (OSINT)
The collection and analysis of publicly available information — from social media, websites, public records, and data brokers — used by both security researchers and criminals to build target profiles.
Also known as: OSINT, open-source research, public data intelligence
Last reviewed: 10 June 2026
Open-source intelligence describes the practice of gathering information from publicly accessible sources: social media posts, news articles, company filings, domain registration records, academic papers, court records, and data aggregated by brokers. Security researchers and law enforcement use OSINT to investigate fraud, track criminal infrastructure, and identify threat actors. Criminals use the same techniques to profile and target victims.
For a fraudster preparing a spear-phishing or social-engineering attack, OSINT provides the personal details needed to build a convincing pretext: the target's employer and role, recent travel based on check-ins, family members' names, the bank mentioned in a complaint tweet. A single LinkedIn profile combined with Facebook check-ins and a people-search site can yield a remarkably complete dossier without any hacking.
Consumers can reduce their OSINT exposure by auditing their social media privacy settings, limiting what personal information is publicly indexed, opting out of data broker databases, and being thoughtful about what they share in online comments and reviews. Complete elimination of an online footprint is impractical for most people, but a meaningfully smaller footprint raises the cost and difficulty of targeted attacks.