Publicly available data can paint a much clearer picture of our lives than most of us realize, and this episode takes a deeper look at how those tiny digital breadcrumbs like photos, records, searches, even the background of a Zoom call can be pieced together to reveal far more than we ever intended. To help break this down, I’m joined by Cynthia Hetherington, Founder and CEO of The Hetherington Group, a longtime leader in open-source intelligence. She also founded Osmosis, the global association and conference for OSINT professionals, and she oversees OSINT Academy, where her team trains investigators, analysts, and practitioners from all experience levels.

Cynthia shares how she started her career as a librarian who loved solving information puzzles and eventually became one of the earliest people applying internet research to real investigative work. She talks about the first wave of cybercrime in the 1990s, how she supported law enforcement before the web was even mainstream, and why publicly accessible data today is more powerful and more revealing than ever. We get into how OSINT actually works in practice, from identifying a location based on a sweatshirt logo to examining background objects in video calls. She also explains why the U.S. has fewer privacy protections than many assume, and how property records, social media posts, and online datasets combine to expose surprising amounts of personal information.

We also explore the growing role of AI in intelligence work. Cynthia breaks down how tools like ChatGPT can accelerate analysis but also produce hallucinations that investigators must rigorously verify, especially when the stakes are legal or security-related. She walks through common vulnerabilities people overlook, the low-hanging fruit you can remove online, and why your online exposure often comes from the people living in your home. Cynthia closes by offering practical advice to protect your digital footprint and resources for anyone curious about learning OSINT themselves. This is a fascinating look at how much of your life is already visible, and what you can do to safeguard the parts you’d rather keep private.

Show Notes:

• [01:17] Cynthia Hetherington, Founder & CEO of The Hetherington Group is here to discuss OSINT or Open-Source Intelligence.
• [02:40] Early cyber investigators began turning to her for help long before online research tools became mainstream.
• [03:39] Founding The Hetherington Group marks her transition from librarian to private investigator.
• [04:22] Digital vulnerability takes center stage as online data becomes widely accessible and increasingly revealing.
• [05:22] We get a clear breakdown of what OSINT actually is and what counts as “publicly available information.”
• [06:40] A simple trash bin in a photo becomes a lesson in how quickly locations can be narrowed down.
• [08:03] Cynthia shares the sweatshirt example to show how a tiny image detail can identify a school and possibly a city.
• [09:32] Background clues seen during COVID video calls demonstrate how unintentional information leaks became routine.
• [11:12] A news segment with visible passwords highlights how everyday desk clutter can expose sensitive data.
• [12:14] She describes old threat-assessment techniques that relied on family photos and subtle personal cues.
• [13:32] Cynthia analyzes the balance and lighting of a Zoom backdrop, pointing out what investigators look for.
• [15:12] Virtual and real backgrounds each reveal different signals about a person’s environment.
• [16:02] Reflections on screens become unexpected sources of intelligence as she notices objects outside the camera frame.
• [16:37] Concerns grow around how easily someone can be profiled using only public information.
• [17:13] Google emerges as the fastest tool for building a quick, surface-level profile of almost anyone.
• [18:32] Social media takes priority in search results and becomes a major driver of self-exposed data.
• [19:40] Cynthia compares AI tools to the early internet, describing how transformative they feel for investigators.
• [20:58] A poisoning case from the early ’90s demonstrates how online expert communities solved problems before search engines existed.
• [22:40] She recalls using early listservs to reach forensic experts long before modern digital research tools were available.
• [23:44] Smarter prompts become essential as AI changes how OSINT professionals gather reliable information.
• [24:55] Cynthia introduces her C.R.A.W.L. method and explains how it mirrors the traditional intelligence lifecycle.
• [26:12] Hallucinations from AI responses reinforce the need for human review and verification.
• [27:48] We learn why repeatable processes are crucial for building trustworthy intelligence outputs.
• [29:05] Elegant-sounding AI answers illustrate the danger of unverified assumptions.
• [30:40] An outdated email-header technique becomes a reminder of how quickly OSINT methods evolve.
• [32:12] Managed attribution—hiding your digital identity—is explained along with when it’s appropriate to use.
• [33:58] Cynthia unpacks the reality that the U.S. has no constitutional right to privacy.
• [35:36] The 1996 case that sparked her digital-vulnerability work becomes a turning point in her career.
• [37:32] Practical opt-out steps give everyday people a way to remove basic personal data from public sites.
• [38:31] She discusses how indirect prompting of AI tools can still narrow down someone’s likely neighborhood or lifestyle.
• [39:58] Property and asset records emerge as unavoidable exposure points tied to government databases.
• [40:52] A high-risk client’s situation shows how family members often create digital vulnerabilities without realizing it.
• [42:44] Threats that surface too late demonstrate why proactive intelligence work is essential.
• [44:01] Concerns about government surveillance are contrasted with the broader access private investigators actually have.
• [45:12] Train tracks become an example of how physical infrastructure now doubles as a modern data network.
• [46:03] She explains how audio signatures and forensic clues could theoretically identify a train’s path.
• [47:58] Asset tracking becomes a global operation as valuable cargo moves between ships, trucks, and rail systems.
• [49:48] Satellite imagery makes monitoring even remote or underwater locations almost effortless.
• [51:12] Everyday applications of geospatial analysis include environmental changes and shifts within local communities.
• [52:19] Surveillance is compared to gravity; it's constant, invisible, and always exerting pressure.
• [52:44] Cynthia shares practical strategies for controlling your environment and keeping conversations private.
• [54:01] Resources like OSINT Academy, Information Exposed, and the Osmosis Association offer pathways for learning and strengthening personal privacy.
• [55:32] The episode closes with encouragement to stay aware of what you share and how easily digital clues can be connected.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. 

Links and Resources:

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Hetherington Group
• OSMOSIS
• OSINT Academy
• Cynthia Hetherington - LinkedIn
• OSINT: The Authoritative Guide to Due Diligence
• Business Background Investigations: Tools and Techniques for Solution Driven Due Diligence