]
03-03-2023, 03:15 PM
Hello and welcome to my thread!
Today, I am going to teach you how to improve your operational security (OPSEC). This guide is written by me, and all of the information you can find here has also been used by me.
Using a VPN router
This may sound a bit paranoid, but it has rescued me many times. With a VPN router, everything that goes through your internet will be tunneled through the VPN with a built-in kill switch. So, should you have an IP leak, the IP that will get leaked is your VPN IP, which is set up on your router. This is the router that I personally use:
Disabling telemetry
Windows collects a lot of telemetry data. To prevent this, I use Win10Privacy, which you can find here:
Encrypt your whole system
The feds are not dumb anymore. Especially when you do refunds, for example, on your own name, you have to be careful. If the cops show up and seize your system, it's a big advantage if your whole system is encrypted. My favorite encryption tool is VeraCrypt:
Using a secure VPN with a kill switch
Always use a VPN that does not collect data and has been proven to be good in the last few years. My two favorite VPN providers are Mullvad VPN and Perfect Privacy, which you can find here:
Using a VM or RDP
The advantage of a VM or RDP is that you can separate your normal "life" from your black hat activities. I used RDP for many years but now switched over to VM. If you use a VM, also use a VPN with a kill switch.
Using different social media services and forums
If you are going to use Discord, Telegram, or forums, never register there with your real data. It does not matter how good your setup is if you use your personal Discord for chatting and dealing with black hat people. Your OPSEC is very weak. Always create a second identity for your black hat activities. Discord and Telegram are proven for cooperating with cops. For this, use a case's throwaway mail and numbers. I prefer
Try to hide your identity
I see a lot of people who use their nicknames from Steam on black hat forums, for example. With a little research, the attacker can gather a lot of information about you since you used this username on many platforms. So, please never use any usernames that you used to connect with your real life, such as any gaming platforms or something similar. Also, be careful about what you post online. Everything you post can and will be used against you.
Use strong and unique passwords
This may seem obvious, but using strong and unique passwords is crucial for protecting your accounts. Don't use the same password for different accounts, and avoid using easily guessable passwords, such as your birthdate or pet's name. Instead, use a password manager to generate and store strong and unique passwords for each of your accounts.
Using different e-mail addresses
When you use different email IDs for different purposes, you can compartmentalize your communication and keep sensitive information separate from less sensitive information. For example, you can use one email ID for everz forum, one for social media like Discord, and another for refunds. This helps reduce the risk of sensitive information being found by unauthorized parties. A good and bulletproof e-mail provider is
Be mindful of phishing scams
Phishing scams are a common tactic used by attackers to steal your personal information, such as login credentials or credit card numbers. Be cautious of unsolicited emails or messages that ask you to click on a link or provide personal information. Always verify the sender's identity and never click on suspicious links or download attachments from unknown sources.
In conclusion, by following these tips, you can improve your OPSEC and better protect yourself and your sensitive information online. Remember, OPSEC is an ongoing process, so stay vigilant and make sure to regularly review and update your security measures. Stay safe!
Today, I am going to teach you how to improve your operational security (OPSEC). This guide is written by me, and all of the information you can find here has also been used by me.
Using a VPN router
This may sound a bit paranoid, but it has rescued me many times. With a VPN router, everything that goes through your internet will be tunneled through the VPN with a built-in kill switch. So, should you have an IP leak, the IP that will get leaked is your VPN IP, which is set up on your router. This is the router that I personally use:
[To see links please register here]
. It's very easy to configure and is set up within minutes.Disabling telemetry
Windows collects a lot of telemetry data. To prevent this, I use Win10Privacy, which you can find here:
[To see links please register here]
. With this tool, I managed to prevent Windows from collecting a lot of data. But be careful, do not download the tool and turn on everything. Take some time and go through every point and think if it should be disabled or not. If you turn off the wrong setting, it could damage your whole system. The settings that can be disabled are highlighted in green :smile:Encrypt your whole system
The feds are not dumb anymore. Especially when you do refunds, for example, on your own name, you have to be careful. If the cops show up and seize your system, it's a big advantage if your whole system is encrypted. My favorite encryption tool is VeraCrypt:
[To see links please register here]
. I suggest you encrypt your whole system and not only a partition just to be safe.Using a secure VPN with a kill switch
Always use a VPN that does not collect data and has been proven to be good in the last few years. My two favorite VPN providers are Mullvad VPN and Perfect Privacy, which you can find here:
[To see links please register here]
and[To see links please register here]
. Also, don't forget to turn on the kill switch so that if the VPN crashes, you don't leak any data.Using a VM or RDP
The advantage of a VM or RDP is that you can separate your normal "life" from your black hat activities. I used RDP for many years but now switched over to VM. If you use a VM, also use a VPN with a kill switch.
Using different social media services and forums
If you are going to use Discord, Telegram, or forums, never register there with your real data. It does not matter how good your setup is if you use your personal Discord for chatting and dealing with black hat people. Your OPSEC is very weak. Always create a second identity for your black hat activities. Discord and Telegram are proven for cooperating with cops. For this, use a case's throwaway mail and numbers. I prefer
[To see links please register here]
.Try to hide your identity
I see a lot of people who use their nicknames from Steam on black hat forums, for example. With a little research, the attacker can gather a lot of information about you since you used this username on many platforms. So, please never use any usernames that you used to connect with your real life, such as any gaming platforms or something similar. Also, be careful about what you post online. Everything you post can and will be used against you.
Use strong and unique passwords
This may seem obvious, but using strong and unique passwords is crucial for protecting your accounts. Don't use the same password for different accounts, and avoid using easily guessable passwords, such as your birthdate or pet's name. Instead, use a password manager to generate and store strong and unique passwords for each of your accounts.
Using different e-mail addresses
When you use different email IDs for different purposes, you can compartmentalize your communication and keep sensitive information separate from less sensitive information. For example, you can use one email ID for everz forum, one for social media like Discord, and another for refunds. This helps reduce the risk of sensitive information being found by unauthorized parties. A good and bulletproof e-mail provider is
[To see links please register here]
Be mindful of phishing scams
Phishing scams are a common tactic used by attackers to steal your personal information, such as login credentials or credit card numbers. Be cautious of unsolicited emails or messages that ask you to click on a link or provide personal information. Always verify the sender's identity and never click on suspicious links or download attachments from unknown sources.
In conclusion, by following these tips, you can improve your OPSEC and better protect yourself and your sensitive information online. Remember, OPSEC is an ongoing process, so stay vigilant and make sure to regularly review and update your security measures. Stay safe!
