Olivia
Online
Perspective Intelligence
@PIntelligenceUK
Home of #ThreatLens - Our OSINT powered attack surface intelligence platform. Protect your companies reputation today at
London, England
Joined November 2020
373 Following
1K Followers
112 Posts
ย Pinned Tweet
https://t.co/VjDmJrfrAc
The strongest impersonation attempts often borrow real company details.
Hiring, events, supplier changes, leadership updates, and product launches can all become pretext fuel.
The issue is not visibility. It is believable misuse.
Exposure reporting should not just answer: "What was found?"
It should answer: "What decision does this support?"
Block, monitor, brief, accept, escalate, or investigate.
That is the layer that turns collection into intelligence.
Stale breach data can become fresh phishing context.
The password may be dead. The account trail, role, supplier clue, or naming pattern may still help someone build a better pretext.
That is why credential exposure needs context.
Who to follow
Aaron Roberts 
@AaronCTI
Founder @PIntelligenceUK, Training @kasescenarios, Owner of #MontyTheCyberCorgi. Webinars/Exec @OSINT_Community ๐ฆ https://t.co/ndZLVUhk6V
Ginger T
@cqcore
OSINT | OPSEC | Obfuscation | Privacy | Digital Exposure Risks, Enthusiast & Blogger.
Creator of https://t.co/0ZCsIFgs4j (Opinions & tweets are my own)
Expose Team
@exp0se_team
Unlocking hidden insights
Old leaked credentials can still matter even when the password no longer works.
They can reveal naming patterns, forgotten accounts, shadow SaaS, personal email use, and context that makes phishing more believable.
Exposure is not always binary.
Executive exposure is not just a visibility issue.
It can become a leverage issue.
The important question is not:
"What is public?"
It is:
"What could someone do with it?"
That is the difference between passive exposure and real targeting risk.
A lookalike domain is not dangerous because it exists.
It is dangerous because of what it makes believable.
- A Supplier Payment Request
- A Fake Portal
- A Credential Prompt
- An Executive Impersonation
That is where the real risk sits.
The updates to ThreatLens keep coming, and we are regularly identifying and helping businesses to reduce their risk exposure. This thread highlights some of the recent feature updates!
Been incredibly busy with ThreatLens development recently, but a couple of the newest things we've added. Firstly, intel findings based on broad recon scans across a domain.
A fake login page is not just a phishing page.
If captured and reviewed properly, it can reveal:
- Who Is Being Impersonated
- Who Is Being Targeted
- What Credentials Are Being Sought
- Whether It Links To A Wider Campaign
Takedown removes the page but doesn't explain the risk.
More findings are not the goal.
Better decisions are.
That is the difference between a noisy external scan and useful external exposure intelligence.
A finding is not intelligence until someone can act on it.
External exposure creates lots of raw signals. The hard part is turning them into decisions.
Automation can collect and triage at scale.
Human analysis adds context, confidence, evidence, and prioritisation.
That is what turns collection into intelligence.
3 potential cyber incidents identified in just a few weeks.
ThreatLens helped companies across 3 different industries detect risks early and take action before they escalated.
The best defence is spotting threats before they become incidents.
Start your ThreatLens trial today
A phishing page is rarely just a page.
It can signal brand abuse, credential targeting, infrastructure reuse, campaign timing, and who an attacker thinks is worth impersonating.
The real question is not only โdoes this exist?โ but โwhat does this tell us?โ
Attackers do not just exploit exposed systems.
They exploit exposed trust: impersonation, leaked credentials, lookalike domains, executive details, public company context, and reused brand assets.
If a view only sees infrastructure, it misses what makes attacks believable.
How do hackers view YOUR business from the outside? Here's my approach to mapping your external attack surface using OSINT - from exposed creds to vulnerable infra.
Most orgs have no idea what's actually visible to attackers. So let's see what we find in a typical job. ๐งต
OSINT professionals - What's the one tool you wish existed but doesn't yet?
I'm collecting ideas for ThreatLens development and want to know what would actually make your investigations easier. Not the flashy stuff, the real gaps in your workflow.
Drop your answer below and I'll share the results next week.
Happy Easter weekend, but more importantly #OSINTToolsThursday is here! Let's dive into the OSINT, CTI and CBRN(?!) tools we've looked at this week!
Is this your favourite time of the week if you're an OSINT analyst? It should be! It's time for #OSINTToolsThursday ๐ฅณ
Same Bat Time. Same Bat Channel. It's time for #OSINTToolsThursday! Let's see what's been cooking for new OSINT tools this week shall we?
Last Seen Users on Sotwe
Aditii
Seen from India
abomna
Seen from United States
I love Pegging and Strapon ๐น๐ท
Mamih Entin
Seen from Indonesia
Tahan Lama
Seen from Indonesia
ืืื
Seen from Israel
Mr.Nolimit
Seen from France
Modd_~_2005๐๐
Trans, Traps, & Fun
Seen from Netherlands
รผnlรผ celebrity
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers