Hi Reddit, I'm Charles DeBarber and I'm here today to discuss my work investigating GirlsDoPorn, my career in cyber intelligence, and what I do for victims of non-consensual pornography (NCP).

My partner and I have set up a small company helping automate the removal of NCP called Phoenix Advocates & Consultants (PAC).

Proof: https://twitter.com/CharlesDebarber/status/1405568733377183745

Ask me anything!

Comments: 150 • Responses: 60  • Date: 

DatabasePlenty804639 karma

This part isn't a question, but I really wanted to tell you this. Thank you, Charles! You're giving us our lives back.

What breed of honeybees do you keep?

CharlesD-PAC39 karma

Thank you for your kind words!

My bees are beautiful mutts. :) I've had some mostly Italian and Carnolian hives, but over time as they re-queen through swarms they become a beautiful spectrum of gold, dark, and black bees. Genetic diversity makes every species better and that is especially true with honeybees!

kozodirkyCZ30 karma

How did you uncover the shell companies of GirlsDoPorn? Did you work with CPAs and lawyers? Was there a breakthrough moment?

CharlesD-PAC44 karma

LLC registrations, domain registrations, e-mail tracking beacons, and their parent company Oh Well Media! on the main page being listed in the Panama Papers as a laundering outfit.

I did, but mostly post-analysis. My realm is Digital Network Intelligence (DNI). :)

its_a_gibibyte10 karma

How were they that hidden? Can't you simply follow the money, or company registrations?

CharlesD-PAC11 karma

LLCs are a public filing. I recall one in California and another in Nevada for BLL Media. There were others I believe for Bubblegum Casting and another fake modeling recruitment company, but my memory is a bit fuzzy.

kozodirkyCZ24 karma

Pornstar Ariana Marie was brought to a porn studio from FL to CA in a similar manner to some GDP victims. How common do you think this is in the porn industry? Have victims of schemes similar to GirlsDoPorn reached out to you?

CharlesD-PAC38 karma

I'm sad to say the GDP victims aren't only time I've heard these stories. Casting couch pornography was really popular some years ago, and to get exclusive content of so many amateurs was unsustainable without the tactics GDP and some others used.

I'll make it clear - I believe Ariana Marie.

CharlesD-PAC17 karma

I appreciate all the good questions tonight! I may re-visit tomorrow morning to answer any others. :) I've always adored Reddit AMAs and I'm so honored to do one.

Good night!

kozodirkyCZ17 karma

There is only one pic of Matthew Wolfe so far. And it was the same for Michael Pratt till the FBI released a new poster of him recently. These guys kept a very low profile. Was uncovering their pics your work?

CharlesD-PAC22 karma

The popular photos used for them came letter. There sadly aren't many, especially with Pratt being infamously camera shy. The photos I used came from them walking in front of mirrors during GDP videos.

kozodirkyCZ16 karma

That seems like CSI type stuff! Pausing, zooming and getting a good quality screenshot and then enhancing the photo. You guys had to do a lot of digging for even the most basic info on them. Respect!

CharlesD-PAC25 karma

kozodirkyCZ13 karma

Search engine related questions -

In your testimony before the Canadian parliament you talked about the difficulty of getting Google to remove indexxing of invol porn. Isn't Google guilty of profiting from invol imagery just like the tube sites?

How responsive is Google to requests to remove invol material? Or does it take a legal notice for them to do it?

Ideally Google and other search engines should simply de-index/ de-list the entire site from showing up for hosting NCP. Do you see that happening anytime soon?

Are Bing and Yahoo better at removing NCP?

CharlesD-PAC22 karma

The sad truth is I mainly use the copyright system to remove NCP. :/ It is so much easier and Big Tech cares more about intellectual property than victims. :/

Bing is a funny animal. I've worked to remove NCP of my clients hosted on their cache and they are so sporadic if they will remove it or not. I'll use their copyright portal, contact their DMCA e-mail, use the NCP process, and even call their answering machine... No clue which methods work when they do.

I try to save Bing requests until I have dozens to purge for this reason. Otherwise, I can't keep track. :/

kozodirkyCZ12 karma

So none of the big tech companies, including community/user generated content sites, have a dedicated department for handling complaints of NCP?

They obviously take CSAM much more seriously but treat NCP of adults as just a copyright issue? Is that right?

CharlesD-PAC15 karma

Some do. Google and Bing straight up assign agents. However, the process for copyright is so much faster with so fewer hurdles.

Copyright used to be the only real avenue for an NCP victim. :(

Pumas3212 karma

How does one get into this field? I'm planning on getting a degree in cyber security after I finish my current program.

CharlesD-PAC23 karma

I started my career in US Army Intelligence specializing in Cyber Intelligence and transitioned to Cybersecurity post-Army. I feel they are in most ways the same field.

Remember to get your certs. They often mean more than the degree! Your Security+ and Network+ are good starts.

Pumas325 karma

Thanks for the response. Should I renew certs when they expire or nah?

CharlesD-PAC11 karma

I would. Doesn't take much to keep them fresh and good orgs always check when they are considering you for employment. Many government contracts also require the certs! They are your golden ticket for those.

elephantdee3 karma

How about people who have been in the offensive security field for a while? Such as pentesters and red teamers

CharlesD-PAC3 karma

I would argue Network+ and Security+ are a good start. Add a CEH for good measure. If you want to do the red side of things get your OSCP. It is a tough cert, but carries a lot of weight in offensive security.

elephantdee2 karma

Oh I guess my question is how easy is it for a pentester/red teamer to get into cyber intelligence? Like to do what you do?

CharlesD-PAC2 karma

I took the military route there. Others take the NSA/CYBERCOM route.

Appropriate-Catch-6210 karma

How did you become part of the GDP team? Word of mouth?

CharlesD-PAC16 karma

Case fell on my desk with the first mission of finding out was behind it. I was employed by the elite cybersecurity and cyber intelligence firm Fortalice at the time.

After the first report was so revealing they sent me out for more a few times.

Appropriate-Catch-6210 karma

I saw you on the Canadian parliament hearing regarding Pornhub. Is your business able to/ is it difficult or more costly to remove NCP from darkweb?

CharlesD-PAC20 karma

The Dark Web is a tough nut to crack. I have only done two cases on the Dark Web involving NCP. In one of them they were videos updated from a camera in a women's restroom. The camera was found and using some of the EXIF on the SD card and snooping on the Dark Web I managed to find where they were uploading the videos.

The real incriminating data was on the card as it narrowed down to a single employee who was charged.

ImWorried20176 karma

Could the perpetrator have stripped the EXIF data? Would that have made it harder to discover who the culprit was?

CharlesD-PAC5 karma

In this case it was on the SD card in the camera. They could have formatted it between uses, but they didn't.

EXIF is good stuff. They caught BTK in 2005 based on EXIF and simple OSINT. :)

C137-Morty9 karma

Do you think you or someone will be able to find Michael Pratt?

CharlesD-PAC14 karma

It is only a matter of time. The US and NZ will never stop looking for him.

666Karmah8 karma

Besides the Security+, what certifications are actually super important? Do you have any experience with coding, and if so is it possible to be successful in this field without knowing a thing about programming?

CharlesD-PAC8 karma

Good question. I can often view source and tell what I am looking at, but I am not coder. :)

The top cybersecurity cert is still CISSP. In fairness, I've never met a dumb person with one! If you with to work in incident response a CISA is a good one to have. The folks that get into threat hunting and incident response do well and always have work.

kozodirkyCZ8 karma

Do you help only American clients or do you work for international clients as well?

CharlesD-PAC8 karma

I've done some international cases, but mostly in English speaking countries.

damnsignins8 karma

Will there be a documentary or docuseries covering the investigation and the work that went into it?

CharlesD-PAC8 karma

I hope so. It is an epic true crime story with so many moving pieces.

Buffalo-Castle7 karma

What are the risk factors for recruitment into sex exploitation/trafficking? Thanks.

CharlesD-PAC19 karma

That is outside of my expertise. :/ I can only say my clients all manipulated so intensely few had an idea something was wrong until they arrived in San Diego for shooting.

smugwash7 karma

Is glowposting a real thing?

CharlesD-PAC16 karma

glowposting

Yes and no. Honestly, talking to your target is often the last thing you want to do. You can easily trip of your surveillance and tip them off they are being investigated. Methods that contact the target are considered "active collection". That can be something as simple as a sending a friend request from a fake persona to a real persona.

It's best to only use active collection when you have exhausted other avenues. Even then some methods are more risky than others in exposing yourself.

Most of the time in cyber counterintelligence you're observing and interacting very little.

gwnedum6 karma

What was the driving force behind you getting involved the Hunted project?

CharlesD-PAC13 karma

CBS was trying to bring HUNTED to America from the UK and looking for the right professionals from law enforcement, the military, and our intelligence services. They reached out to three or four popular Open Source Intelligence (OSINT) professionals who independently recommended me.

It was a wild opportunity and all of us cast really enjoyed it. I'm humbled at being included with some of the most brilliant professionals I have ever met. Most of us still chat routinely and many of us have continued to work together on cases in both the private and public sectors!

ThePoetZiggy6 karma

What / when was the tipping point in your investigation of the cell?

CharlesD-PAC19 karma

I started out with very little. Jane Does were just starting to come out of the woodwork in 2016 and I was tasked with unmasking who was behind it. They had used false real and digital personas for obfuscation. I'd argue a handful of events did that including my "honeypotting" of Michael Pratt. I sent small 1x1 pixel images into e-mails sent to all the different fake personas (the modeling recruiters, the GirlsDoPorn admin, and the shell company BLL Media) and all metadata led back to Mr. Pratt.

This was important analysis as GDP was claiming a person in Vanuatu.

Egg-MacGuffin9 karma

Wait, what did the images do?

CharlesD-PAC25 karma

When your browser or mail app loads an image it sends a GET request to get that image. It told me what IP Address was sending that GET request. :) You'll find lots of advertising e-mails use them for stats.

qwertyzxcvbh6 karma

Why only 1x1 pixel?

nathanwoulfe11 karma

Would you notice a 1x1 pixel image in an email? When you track someone, you'd don't want them to know they're being followed.

hazpat5 karma

My email would ask if I want to load or save the image....

CharlesD-PAC5 karma

Depends on the service and settings.

CharlesD-PAC3 karma

No. Some folks turn off images in e-mail or have them not load. Tracking beacons in e-mails are very common... I'd argue they are universally in a;; spam and marketing e-mails these days.

CharlesD-PAC4 karma

Easier to not notice. I've used signature block images too. :)

Appropriate-Catch-626 karma

What are 3 things you would like the public or victims of NCP to know that hasn’t already been mentioned?

Lastly, I can see the GDP situation turning into a movie, who would you want to play you?

CharlesD-PAC11 karma

Three things? Let’s see!

  1. Victim blaming does not fix the situation, but hurts it. We make fun of revenge porn when it is done to men and women, but it destroys lives.

  2. We need a fresh look at policies at Big Tech companies - especially in regards to cleaning up mentions of victims in search engines. The most common thing employers, potential partners, and potential landlords do is vet people with a simple Google Search. If you have an uncommon name it makes things especially painful.

  3. For victims: There’s hope. There are firms that have built their practices around victims of NCP. Laws, both civil and criminal, are heading in a positive direction. However, their main focus is making the perpetrator(s) face justice. I set up Phoenix Advocates & Consultants (PAC) to purge content for victims and restore their digital footprint through purging and delisting.

Sadly, the same image or video can reappear hundreds or even thousands of times due to Search Engine Optimization (SEO) and porn aggregators. The average victim is set up for failure there as knowledge of search engines, cached vs live content, and web hosts are needed. Furthermore, for 600 pieces of content is could easily take 600 different requests. Automation is the only way to help people with significant content out there reclaim that footprint. Consider letting us help you.

Who would play me in a movie?

Tom Hiddleson. I too suffer from “resting sneaky face”. I always look like I am up to something. :)

Darlington284 karma

How many cats are too many?

CharlesD-PAC17 karma

I appreciate your feline question.

I would argue when the quantity of cats exceeds healthy conditions and the capability to provide them adequate care. Same as all domesticated animals. :)

likesAMAs4 karma

Do you think porn is inherently unethical since in practice it is often difficult for the user to discern how consensually it was produced?

CharlesD-PAC18 karma

I'd retort many products we use and wear unknowingly come from slave and sweatshop labor. Is it unethical for me to wear a shirt because I can't fully tell what kind of exploitation was used in its production?

I'm not anti-pornography and believe the adults who make it and star in it should have free agency.

likesAMAs6 karma

Thanks. So then what’s your best advice for people who want to use it but don’t want to inadvertently encourage something that isn’t ethically produced? (For instance, is something like OnlyFans a positive development or not?)

CharlesD-PAC14 karma

I would argue start by believing victims and using common sense. Multiple Jane Does spoke out about GDP before my work and it was laughed off.

I am a fan of less exploitative pornography models. I think OnlyFans is less exploitative as the studio system can be very toxic. I don't want to rope GDP and other porn studios together, but many of the tactics GDP used aren't unheard of.

BeekyGardener4 karma

How many hives do you keep, fellow beekeeper?

CharlesD-PAC9 karma

Currently 22! I adore honeybees as they are beautiful buzzy clockwork creatures. Beekeeping changed my life for the better.

Appropriate-Catch-628 karma

Cyber professional by day, bee keeper by night? If you had to choose a new profession what would it be?

CharlesD-PAC8 karma

I think in another life I would have been a nurse or physician's assistant. I did live tissue training and some advanced trauma treatment when I was in the US Army and found I really loved learning about it.

kozodirkyCZ3 karma

Wiki says Carrie Goldberg brought your firm into the GDP case. She has written a lot on abuse of Section 230 and basically wants it ended. Do you support the repeal of Section 230?

CharlesD-PAC4 karma

I don't have an opinion on that.

kozodirkyCZ3 karma

Any comment on the proposed American SISEA and Canadian SISEA? :-)

CharlesD-PAC8 karma

I don't like what US SISEA has done in general to legitimate sex workers. I feel there is truth that it has made conditions more dangerous for them. That is the only opinion I have there.

mjharmstone3 karma

Who would win in a fight between you and Doug Ipperciel?

CharlesD-PAC5 karma

Doug Ipperciel

I watched a lot of UK's Hunted. Everyone including Doug were solid professionals. I worked closely with Ben Owen from the UK version during the US version.

Ask Ben Owen to do his American accent. ;) It's pretty good.

mjharmstone3 karma

Oh I will! Hopefully meeting HQ later this year!

Big love FCC from me, Ant and Michelle!

CharlesD-PAC4 karma

I thought that was you, Michael. ;) I remember your discussions on Hunted years ago on RTV.

mjharmstone4 karma

It's always me ;)

CharlesD-PAC3 karma

Always was.

GardinerAndrew3 karma

What’s the correct deck level to cut your grass at? I notice if I do it too low, the grass dies and it’s easy to hit rocks. Too high and I have to mow again within a few days. What level do you keep the deck on your mower at?

CharlesD-PAC3 karma

Typically, a lawn mower deck should have a pitch of 1/8-inch to 1/2-inch between the height of the deck rear to the height of the deck front.

Naturally, this makes the "sweet spot" about 1/4-inch of pitch, depending on the type of mower and the terrain.

qwertyzxcvbh3 karma

Thanks for your work making a better world!

  • your educational background (according to wikipedia) doesn't seem so technical at the first glance, were you interested/good in computer science stuff and programming?

  • I heard cyber security is well paid field, how much do you earn? :)

CharlesD-PAC6 karma

Oh, I got into information systems young. In 1995, I was 12-years-old waiting for my bus and saw my local library had a sign saying "Free Internet". It was new at the time there and I heard you could talk to girls on the internet! ;)

I sat down at the library the next day and asked the clerk what was on the internet. They asked me what I wanted to see and I asked again what was on it. I didn't believe literally any niche topic I wanted to read about was on there!

Aside from a couple vacations, I was at the library every day it was open for the next two years.

In the Army I got into Signals Intelligence (SIGINT) which is very tech heavy and in the cyber niche of it. I got many of my certs post-service! A lot of the folks in cybersecurity older than me often have decades of experience, but history degrees or unrelated ones to computer science. The field was the Wild West back then and still kind of is.

LeanAlpaca2 karma

First off I want to say thank you for sharing your career experience.
I am based in the EU have obtained my Security+ cert and currently doing CISSP to give the paper to my career goals. The particular area you cover re: removal of NCP and cyber crime was a strong drive for me to study and get into information security-related position as there simply are not enough people working in Cyber security, not to mention the lack of people doing anything about the absolute slew of NCP that is out there without most people even knowing. Was it an area that you ever thought you would be working in? also will you and your partners company be expanding at all in the future for hire?

CharlesD-PAC2 karma

I used to do counter terrorism/counter insurgency as a Soldier. I would have never envisioned myself transitioning to cybersecurity or tackling NCP.

Good luck with your CISSP and congratulations on your Sec+! CISSP is a large lake as it covers so much, but the lake is shallow. So make sure you know a little bit of everything.

If you fail it to the first time don't give up. Lick your wounds, hit the books on the areas you need to bone up, and hit it again. Most successes are built on mountains of failures. :)

Add me on LinkedIn, chum. I'm a small outfit right now, but you never know.

TehOuchies2 karma

How often do you run into cases of NCP? (Apologies if it was asked already)

CharlesD-PAC3 karma

Too often. The even sadder part is most times it is never reported. :/ CCRI has some alarming stats.

https://www.cybercivilrights.org/2019-publication/

avipars2 karma

Where did you learn the cyber skills?

CharlesD-PAC3 karma

I learned intelligence analysis in US Army Intelligence - specifically Digital Network Intelligence (DNI).

SheriffBartholomew2 karma

Is the CIA involved in the actual arrest of the criminals you track, or do you hand it off to the FBI at that point?

There was a lot of criticism about the lack of intelligence sharing between government organizations after 9/11. Do different orgs routinely share information these days or have any sort of common database?

Last question is probably controversial, but I’d really like to know if the CIA bothers with warrants at all during the investigation phases, or if it’s like the movies where you have free reign to obtain information however you see fit.

CharlesD-PAC6 karma

CIA is an intelligence/national defense organization while the FBI is a law enforcement organization that also dabble in intelligence. The CIA focus is mainly on international issues versus domestic ones too.

Post-9/11 numerous changes were made to get orgs to communicate. There are predominantly 18 intelligence orgs in the US federal government and the Office of the Director of National Intelligence (ODNI) is the lynchpin of that.

No org has free reign to eavesdrop on Americans. You need FISA warrants for that.

Dazzling_Slice_24862 karma

[removed]

CharlesD-PAC2 karma

Cybersecurity and/or the intelligence community. The road I took was through the military, but I often ask myself what the blueprint on getting to where I am is and it sure had many turns!

Dazzling_Slice_24862 karma

[removed]

CharlesD-PAC1 karma

Poke me on LinkedIn, Reddit Chum. :)

No_Abbreviations57421 karma

Thank you for making a difference in this case. I can't imagine the trauma and mortification these young women experienced. Your work certainly contributed to bringing about a sense of justice to their ordeal.

What cybersecurity resources are available to the FBI to hunt down Pratt? He is sly and wealthy, so it might be easy for him to disappear permanently and live a life of leisure and anonymity. I hope so badly they catch him and lock him up for life.

CharlesD-PAC4 karma

Few get to hide forever. Eric Rudolph made it a while, but he was willing to eat out of dumpsters and cut off all contact from the world. They will find Pratt, and the resources they have to do it make mine pale in comparison. :)

CantTieMyShoess1 karma

How bad is porn for people? do you think its the new smoking? Whats the future of porn? is it good that it became more easy to access? What will porn do to kids, becouse they are watching it? Do you think I asked to much questions?

CharlesD-PAC1 karma

The only porn that concerns me is when it isn't produced with consenting adults.

Dale_DeBoner-2 karma

Will more people be charged? Pratt has been on the fun for close to two years. Is Wolfe, Moser, Teddy Gyi see the same fate as Garcia? Before the company got shut down they supposedly had hundreds of more videos that never got released. What happens to the footage and who destroys it?

CharlesD-PAC3 karma

Most of those answers I truly don't know. I suspect Pratt will one day be caught. Once the FBI begins looking for people they never truly stop. His homeland of NZ is also looking for him.

I'm watching the sentencing of each. I can only say I didn't expect Garcia to get 20 years due to him taking a plea for 12.

As for unreleased content, I really don't know.

One of the things that would intrigue me is if Wolfe continues to refuse to take a plea. It would be better for the victims if they were spared testifying against him in court, but I'm very curious about what the FBI's case against him looks like. My curiosity isn't worth their suffering, but if it does indeed go to trial I'll be reading every transcript I can get my hands on after it.

Dale_DeBoner2 karma

How many years were you expecting Garcia to get? Only time will tell if Mr. Garcia will come out a change man after 20 years. Even if he does change he will still have to live with the consequences for what he has done. Not sure he will be able to support himself financially once he gets out. It'd be tough to get a good job for a person with a serious criminal record.

CharlesD-PAC2 karma

Typically judges go with what deal was made. The prosecution asked for 12 *I believe*.

I hope he uses the time to build character. I'm told some of the Jane Does dared him to do so one day if he leaves prison.

ImWorried20173 karma

So how come the judge was able to increase the sentence if he plead guilty in exchange for 12 years that the prosecution recommended? He’s probably going to appeal that unless it’s final?

CharlesD-PAC3 karma

The judge has the final call. With a deal, that is just what prosecution recommends. They sometimes go the other direction too if they feel a deal isn't fair.

Mr. Garcia didn't get the full charges, but he did incur heavy penalties based on what he did plea too.

Jared Fogle had a similar situation where the prosecution recommended a lower sentence in a plea deal, but the judge gave him more time. It it is far from unheard of, but not typical.

ImWorried20172 karma

Why not a life sentence if the judge can do whatever they want. That seems to be the sentiment most popular on Reddit according to a recent victim’s post on r/offmychest. It had several thousand upvotes.

CharlesD-PAC2 karma

Each crime has a minimum and maximum sentence. He pled guilty to 2 counts. They could have given him life, but didn't.

He could easily have faced more of the counts had he went to trial.

Count One:

Conspiracy to Commit Sex Trafficking by Force, Fraud and Coercion, 18 U.S.C. § 1591(a) and (b)(1)

Maximum Penalty: Life in prison, $250,000 fine, and a special assessment of $5,000 under 18 U.S.C. § 3014.

Count Seven:

Conspiracy to Commit Sex Trafficking by Force, Fraud and Coercion, 18 U.S.C. § 1594

Minimum penalty: Fifteen years in prison; Maximum penalty: life in custody, $250,000 fine, and a special assessment of $5,000 under 18 U.S.C. § 3014.

https://www.justice.gov/usao-sdca/pr/twenty-year-sentence-girlsdoporn-sex-trafficking-conspiracy

I look at it this way... There are at least 20 JDs in the criminal indictment alone. Let's say he got a year per victim. They admit they did this to hundreds of young women too. I suspect volume was one of the many considerations.

ImWorried20171 karma

Since Wolfe is the only one that hasn’t plead guilty, is he facing the same charges as Garcia despite not performing with the victims on camera? Will the victims have to testify against him? I’ve heard that victims of sexual abuse are usually hesitant to testify against their abusers because it can trigger their PTSD.

CharlesD-PAC1 karma

According to the link above Wolfe is currently facing 3 counts. What evidence they have to argue that I haven't seen. If it goes to trial they will have to prove each count.

ImWorried2017-2 karma

What could Pratt have done differently that would have made it more difficult/impossible to unmask his entire operation?

CharlesD-PAC7 karma

No one thing. The fact they went on as long as they did exploiting hundreds of victims speaks volumes. It shows me how little people are willing to support victims of sex crimes. There needed to be dozens of Jane Does and people internally to tell the truth before public sentiment supported the victims of GDP.

kozodirkyCZ4 karma

It seems society takes invol porn/ non-consensual imagery of adults quite lightly. From law enforcement to courts to media. Everyone acted quite slowly. There seems to be a double standard/lower standard for adult victims of sex trafficking.

Does that make your work harder?

CharlesD-PAC5 karma

It does. I'd also argue technology is significantly ahead of the law. NCP has existed since cameras were invented, but social media (including porn sharing sites) made it so widespread it became necessary to make more criminal laws against it - especially "revenge porn". The victim blaming surrounding it is shameful.

ImWorried20171 karma

How effective is TAILS compared to a paid VPN? If you don’t want to give tips that would enable a potential psychopath to replicate their operation with impunity that makes sense.

CharlesD-PAC5 karma

Well... I will just say this... It works a lot better when you actually use it properly. Much of the time investigators are looking for people to be stupid and utilize bad information security (INFOSEC).

ImWorried20171 karma

So what if Pratt had never clicked on your honeypot/1x1 image pixel? Would it have been necessary to pose as a prospective model and fill out their application form?

CharlesD-PAC3 karma

All he had to do was open the e-mail. No need to click on a link or image. :)

I sent a beacon to some of the fake recruiting site e-mails they made. I recall Bubblegum Casting being the primary one.

ImWorried20171 karma

So he didn’t have to click any links at all? The act of opening the email triggered it? Also, the bubblegum casting domain has been purchased by an Australian entity. When did Pratt originally own the website and when did you collect the info?

CharlesD-PAC5 karma

His browser or e-mail client loaded the images when he opened the e-mail.

I don't recall the WhoIS information for Bubblegum Casting. I do recall the associated cellphone number for casting on the site tied back to Mr. Pratt.

ImWorried20173 karma

Is there anyway to counteract that? Some sort of software that would have alerted him that someone was trying to honeypot him?

CharlesD-PAC2 karma

Some mail clients like Gmail already have them. :/ They use a proxy to load images. That is where I switch to other tactics to do the same thing.