Tactical Privacy Wire #17

May 27, 2025
Fast actionable privacy intel for people who live at risk.

🔴THE THREAT LANDSCAPE🔴

Privacy Quake

Urgent, high-priority info. Active exploits, major doxxing incidents, geopolitical tech shifts.

🔴 Those Political SMS Texts Could be Smishing. And Data Brokers Might be Paying.

Coordinated smishing campaigns now impersonate grassroots political organizers, especially in battleground states and marginalized communities.
Trend Micro reports a surge in such activity.

Messages mimic voter outreach but are designed to collect geolocation, device metadata, and contact networks. This isn’t ordinary phishing—it’s data cleansing disguised as criminal activity.

Smishing offers a low-cost method for dataset validation. “That weird call or text from a senator is probably an AI scam.”

Brokers may be harvesting data passively or underwriting campaigns directly.

Defense strategies:

• Data supply chain audits
• Enforced communication protocols
• Legal pressure on brokers

Disruption starts with visibility. Silence enables escalation.

DARK SIGNALS

New, evolving, or resurgent privacy/security threats.

🔴 70% of Meta’s New Advertisers Push Scams
Meta documents reveal:

• 70% of new advertisers promote scams or low-quality goods
• Ties to Southeast Asian crime syndicates
• Fake ads using AI and crypto tools
• 32 fraud “strikes” possible before bans

Critics say Meta protects its $160B ad revenue over user safety.

Sources: Daily Hodl, WSJ, LinkedIn Post

TERMS OF ABUSE

Public failures of data stewardship.

🔴 184 Million Login Credentials Leaked… From Where?
A massive, unprotected database containing over 184 million unique login credentials (usernames, plaintext passwords, and emails) was discovered by cybersec researcher Jeremiah Fowler.

The db totaled ~47 GB. It included sensitive info from major platforms like Google, Apple, Microsoft, Facebook, Instagram, Snapchat. Also credentials for banking, health, and government portals from at least 29 countries.:

• Plaintext passwords
• Sensitive platform access
• Unencrypted and publicly exposed
• Believed to be harvested via infostealer malware

Recommended tools for protection:

• Bitdefender
• Malwarebytes
• No-log VPN
• Encrypted DNS

🔴 Last year DocuSign Quietly Enabled AI Training
DocuSign may use signed contract data to train AI models. Vague consent via contractual mechanisms. Risk applies to sensitive legal, political, or whistleblower content. Most people missed this. We say be careful with DocuSign and all e-sign documents.

Alternative e-sign tools:

• Skribble
• Xodo (formely Eversign)

🟢TOOLS, TACTICS, & ALLIES🟢

Active Measures

Privtech tools worth knowing.

🟢 BlockParty (Strategic Partner of ObscureIQ)

• Manages social media privacy
• Filters abuse on X (formerly Twitter)
• Auto-quarantine toxic replies
• Bulk-block abusive accounts
• Shareable blocklists

✅ Boosts safety and control over public discourse.

🟢 Control D (Encrypted DNS)

• Encrypts web lookups
• Blocks trackers and adtech servers
• Controls app/domain access
• Especially valuable for mobile & high-risk users

✅ Enhances both privacy and security.

Field Manual

From our privacy ops playbook.

🟢 Shield Your Public Calendars

Many executives and content creators unknowingly expose their entire travel calendar via integrations with Google Calendar, Calendly, or conference websites.

Steps to lock down:

1. Disable public sharing of calendar URLs.
2. Scrub identifying metadata from event registration pages.
3. Use burner accounts for RSVP confirmations if speaking at events.
4. If possible, move to a more privacy friendly calendar solution such as Cal.com

Real-world example:
A stalker exploited an RSVP list to track a well-known author.

🟢 Accessing Your Money Off-Grid
If you had to disappear, how would you access your cash without giving yourself away?

Our latest guide breaks down practical, tactical ways to move and spend money without lighting up your digital footprint. Key strategies include:

• Setting up a foreign LLC to hold and move funds under a separate legal identity.
• Using fintech tools like Wise and Revolut to create multi-currency, non-U.S. accounts.
• Leveraging Privacy.com virtual cards to mask purchases and reduce traceability.
• Avoiding common traps like U.S. virtual cards and ID-linked prepaid cards.
• Practicing hardened operational security to protect metadata and device fingerprints.

🔗 Read the full post for a full breakdown of tools, tactics, and execution tips.

SIGNAL BOOST

What's up at ObscureIQ?

🟢 New: Active Threat Monitoring is here!
Elite threat detection across three intelligence layers:

1. Social & News Monitoring – Elite tools + human review
2. Dark Web Chatter – AI + OSINT
3. Geo Surveillance – Local digital risk detection

Custom scans tailored to your profile:
Names, addresses, creds, keywords, crypto, more.

Contact Colby to setup threat monitoring for you, your org or your event.

🟢 Next ObscureIQ Privacy Training
📅 Thursday, June 26 ⋅ 5:00–6:00 PM
Open to public + clients. Covers threats, risk factors, solutions, with live Q&A.
Want a private session? Contact: Greg Manwelyan

🟢 Revised Collateral Available

• Digital Executive Protection
• Wealth Management / Family Offices
• Protection Package Comparisons

🟢 The Human Data Perimeter:
Mapping the Employee Threat Surface in an AI World
Jeff Jockisch’s presentation at the Cognitive Security Institute

ObscureIQ’s “The Human Data Perimeter” presentation reveals a critical shift in cybersecurity: Employees are now the primary threat surface in an AI-powered world. 

As attackers leverage AI to mimic communication styles, hijack trust signals, and weaponize personal data, traditional perimeter defenses fall short. Social engineering tactics like phishing, deepfakes, and personalized manipulation exploit psychological and behavioral patterns rather than technical flaws. With most threat vectors hidden beneath the surface (like ad tracking, breaches, and location history) digital footprint management has become essential.

Key Takeaways:

• Employees are now the primary threat surface
• AI enables hyper-targeted phishing, deepfakes, impersonation
• Social engineering exploits human behavior, not tech
• Digital footprint protection is critical but underfunded

Privacy is now a frontline defense.

Get the Slide Deck

ObscureIQ.com
Elite privacy services and data suppression for people with everything to lose.