OSINT

Social MediaLanguage and ToneGeolocationMetadataVPN/DNS

Social Media

Language and Tone

Geolocation

Threat actors can use social media content to goelocate field workers, regardless of wether a location is attached to the post. A social media post can be geolocated from metadata attached to images and videos, AI-powered geolocation tools or visual recognition.

Organisation policies should advise or prohibit members in the field from posting to social media in realtime. The risk environment and the organisation's need for social engagement should drive the organisation's social media policy.

Strategies to reduce the risk in relation to social media and geolocation include:

  - Appointing a dedicated social media manager (not in the field) to review and post social media content on behalf of the team in the field

  - Banning members from live streaming and posting social media content from the field

  - Delaying social media posting until the team has left the location

Metadata

VPN/DNS

  • Cloudflare 1.1.1.1
Last updated: 31/03/2026