How AI slop, synthetic personas, fake context and algorithmic amplification are contaminating Open-Source Intelligence

There is a problem growing inside OSINT. It is not just deepfakes, fake accounts, bot networks, recycled footage, misleading screenshots, AI-generated articles, fake documents, manipulated images, synthetic voices or coordinated narratives. It is all of them together.

The real problem is that this material is becoming part of the open web. It is being indexed, reposted, screenshotted, summarised, translated, quoted, archived and fed into AI systems. It is being picked up by search engines, social platforms, recommendation systems, large language models, journalists, researchers, investigators, analysts and sometimes even law enforcement.

In other words: polluted information is becoming searchable evidence. That should worry every OSINT practitioner.

Because OSINT used to ask one main question:

Can I find the source? That question is no longer enough.

The better question in 2026 is:

Was this source manufactured to be found?

It changes how we investigate people, verify events, assess threats, use AI, write reports and teach OSINT. And most importantly, it changes how much confidence we should place in information that appears to be public, repeated, popular or easy to find.

Welcome to the age of evidence poisoning.

What is evidence poisoning?

Evidence poisoning is the contamination of the open information environment with synthetic, manipulated, misleading, recycled or artificially amplified material that later appears useful as investigative evidence.

It can be deliberate, accidental, generated by state actors, criminals, activists, scammers, trolls, marketing agencies, extremist networks, content farms, AI tools or ordinary people chasing attention. The result is the same.

Investigators start encountering material that looks like evidence, behaves like evidence and gets discovered like evidence, but may have been planted, distorted, laundered or amplified in ways that make it dangerous to trust.

This is not just misinformation.

Misinformation is usually about misleading a public audience.

Evidence poisoning is about contaminating the material that investigators, analysts and decision-makers may later rely on.

That is a different kind of threat.

A fake claim on social media is bad. A fake claim that later becomes part of an intelligence report, a threat assessment, a media article, a legal case, a corporate security decision or an AI-generated briefing is worse.

That is when polluted information becomes an operational risk.

Why this matters now

For years, OSINT practitioners have warned people not to believe everything they see online.

That advice is still true, but it is too basic now.

The modern problem is not only that individual pieces of content can be false. The modern problem is that entire information environments can be shaped.

A single false post is easy to question.

A network of posts, screenshots, comments, AI-generated articles, recycled videos, fake profiles and search results all pointing in the same direction is much harder to resist.

It creates a feeling of confirmation, illusion of independence and often confidence. And confidence is where many investigations start to go wrong. The more something appears in multiple places, the more tempting it is to treat it as corroborated. But in a polluted web, repetition is not always verification.

Sometimes repetition is the attack.

Sometimes the goal is not to hide the lie.

Sometimes the goal is to make the lie easy to find.

That is the part OSINT needs to take seriously.

The old OSINT assumption is breaking

A lot of traditional OSINT tradecraft was built on a reasonable assumption:

If information appears across multiple independent open sources, and if those sources seem unrelated, then confidence increases. That still makes sense.

But the key word is independent. The problem is that independence is becoming harder to prove.

• Three different accounts may be controlled by the same person.

• Five different posts may be based on the same original screenshot.

• Ten articles may be rewritten from one unverified claim.

• A local-looking website may be AI-generated.

• A realistic profile photo may not belong to a real person.

• A Telegram channel may repost an old video with a new caption.

• An AI search result may summarize a claim without making the source hierarchy clear.

• A viral narrative may look organic while being pushed by coordinated actors.

• A “source” may actually be bait.

This creates a serious problem for analysts. The open web is no longer just a collection of sources. It is also a battlefield of manufactured visibility. And in that battlefield, visibility itself can be manipulated.

Evidence poisoning is not one thing

One reason this problem is difficult to explain is that it does not come from one technique. It is a stack. I think about it in five layers. Each layer can poison an investigation in a different way.

Layer 1: Synthetic content

Synthetic content includes AI-generated or manipulated text, images, video, audio, screenshots, documents and websites.

Examples:

• an AI-generated photo of a person who does not exist

• a fake screenshot of a conversation

• a realistic-looking PDF that appears to be an internal memo

• a deepfake audio message attributed to an executive

• an AI-generated news article on a low-quality website

• a synthetic image of a protest, explosion, arrest or military movement

• a fake social media post made to look like it came from a real account

• an AI-generated biography for a fake expert

• an altered image where a sign, weapon, logo or person has been added

• a fake leaked document circulated in Telegram groups

For OSINT, the danger is not only whether the content is fake. The danger is whether the content becomes part of an evidence chain.

A fake screenshot may be shared by one person.

Then reposted by a second account.

Then discussed on Reddit.

Then scraped by a content farm.

Then summarised by an AI tool.

Then cited by someone in a report.

By the time it reaches the analyst, it no longer feels like one fake screenshot. It feels like a cluster of evidence. That is how synthetic content becomes evidence poison.

Practical example: the fake protest image

Imagine a picture appears online showing a large group of people outside a government building. The caption says it was taken today in The Hague. The crowd is angry. There are flags, banners and police vehicles in the background.

The image gets shared quickly.

Multiple accounts say the protest is growing.

A few anonymous profiles claim they are there.

A small website publishes a short article about “escalating unrest.”

An analyst monitoring civil unrest sees the image, the reposts and the article.

At first glance, it looks like an emerging incident.

But deeper checks show problems:

• the shadows do not match the claimed time of day

• the police vehicle design is from another country

• one banner contains malformed Dutch

• the building entrance is close to the real location but architecturally wrong

• the earliest version of the image came from an account created two days ago

• the article was published by a site full of AI-generated local news

• no live traffic cameras, local journalists or official updates show the event

The image was not just fake. It was designed to create a quick operational impression. If the analyst only looked at the volume of posts, they might have escalated the wrong threat. That is evidence poisoning.

Layer 2: Synthetic identity

The second layer is synthetic identity. This is where OSINT becomes more complicated.

A fake post can mislead an event investigation.

A fake person can mislead an entire network investigation.

Synthetic identity can include:

• AI-generated profile photos

• stolen profile photos

• realistic but fake biographies

• fake employment histories

• fake education histories

• fake location claims

• manufactured posting histories

• fake friends and followers

• cross-platform sock puppets

• persona farms

• AI-assisted conversation histories

• synthetic experts

• fake victims

• fake witnesses

• fake activists

• fake insiders

For years, investigators have dealt with sock puppets. That is not new.

What is new is scale, realism and automation. A fake persona no longer needs to be an empty account with a random profile picture and a few bad posts.

It can have years of generated content.

It can have a consistent writing style.

It can reply emotionally.

It can be posted in multiple languages.

It can have AI-generated images of daily life.

It can appear on LinkedIn, X, Instagram, Reddit, Telegram, Discord, GitHub, Medium and niche forums.

It can create the feeling of a real person.

And once investigators believe the person is real, everything that persona touches may become part of the analytical picture.

Practical example: the fake insider

Imagine an account appears on X claiming to be a former employee of a defense contractor.

The account posts technical comments.

It has a profile photo of a middle-aged professional.

It links to a LinkedIn profile.

It comments on industry news.

It occasionally shares vague claims about internal problems at a company.

Then one day it posts that a specific executive is under investigation.

Several anonymous accounts amplify the post.

A blog writes about it.

A Reddit thread discusses it.

An AI search tool summarises the discussion and says “online sources allege…”

A corporate intelligence analyst is asked to assess whether there is reputational risk around that executive.

The analyst finds the X account, the LinkedIn profile, the blog post, the Reddit thread and the AI summary.

A better investigation asks:

• Does the person exist outside self-created profiles?

• Is the profile photo synthetic or stolen?

• Does the employment history align with real company timelines?

• Are the technical posts original or copied from public sources?

• Who first amplified the claim?

• Are the amplifying accounts connected?

• Did the blog independently verify anything, or did it just rewrite the original post?

• Does the LinkedIn network look organic?

• Are there archived versions of the profile?

• Is the language consistent with the claimed nationality, profession and career history?

  
  

The key lesson: do not only verify the claim. Verify the claimant.

Synthetic identity poisons OSINT because it gives false claims a human face.

Layer 3: Synthetic consensus

This may be the most dangerous layer.

Humans are social creatures. Analysts are trained to be skeptical, but they are still human. When many people appear to say the same thing, it affects us. Even when we do not want it to. Synthetic consensus is the artificial creation of agreement, popularity or social proof.

It can include:

• bot comments

• coordinated reposting

• fake reviews

• manipulated likes

• scripted replies

• Telegram amplification loops

• Reddit brigading

• hashtag flooding

• fake “local witness” accounts

• AI-generated comments under news articles

• fake experts agreeing with each other

• multiple blogs rewriting the same claim

This is where OSINT can go wrong very quickly.

An analyst may think:

“Lots of people are saying this.”

But the better question is:

“Are lots of independent people saying this, or am I seeing one claim echo through a network?”

Those are not the same thing.

Practical example: the false threat narrative

Imagine a rumor starts that a specific activist group is planning violence at an upcoming event.

One anonymous account posts a warning.

Five accounts quote it.

A Telegram channel reposts it.

Several new accounts claim to have “heard the same.”

A low-quality news site writes an article titled: “Concerns Grow Over Possible Violence.”

A few comments under the article say: “Everyone knows this is coming.”

Suddenly, a vague rumor looks like public concern.

But mapping the spread shows something else:

• the first account has no history before the claim

• the reposting accounts mostly follow each other

• the Telegram channel often amplifies similar narratives

• the news article cites no primary source

• the comments appeared within minutes of publication

• several comments use similar phrasing

• no credible local sources mention the threat

• the activist group’s own channels show no matching indicators

The narrative did not emerge from the public. It was pushed into the public.

For threat assessment, a false narrative can cause wasted resources, reputational damage, unnecessary escalation or even real-world confrontation. Synthetic consensus can turn weak claims into perceived risk.

Layer 4: Synthetic context

Not all evidence poisoning involves fake material. Sometimes the content is real, but the context is fake. This is extremely common.

• A real video from 2019 is presented as footage from today.

• A real protest in France is described as a protest in the Netherlands.

• A real photo of a military convoy is attached to the wrong country.

• A real screenshot is cropped to remove important context.

• A real quote is translated badly or deliberately distorted.

• A real username is linked to the wrong person.

• A real crime report is connected to an unrelated group.

• A real image is used to suggest a false timeline.

This is dangerous because real material passes many basic verification checks.

Reverse image search may show the image exists.

The video may not be AI-generated. The account may be real. The location may be real. But the conclusion can still be wrong.

Practical example: the recycled riot video

A video appears online showing people throwing objects at police vehicles.

The caption says it happened last night in Amsterdam.

The video looks real.

There are police vehicles, streetlights, shouting and chaos.

People repost it with comments about rising unrest.

An analyst checks whether the video is AI-generated.

It does not appear to be.

They check whether the street scene looks European.

It does.

They check whether the event is plausible. It is. But plausibility is not verification.

Further checks reveal:

• the same video appeared three years earlier

• the original upload was from another country

• the police vehicle markings do not match Dutch police

• the street furniture is inconsistent with Amsterdam

• the weather does not match the claimed date

• no local emergency services or news outlets reported the incident

The video was real.

The event was real.

The context was false.

That is a synthetic context.

And it is often more effective than fully fake content because it contains enough truth to feel convincing.

Layer 5: Synthetic discovery

This is the layer I believe OSINT needs to pay much more attention to.

Synthetic discovery is when polluted information becomes easier to find because search engines, platform algorithms or AI systems surface it.

This can happen because material is:

• recent

• highly shared

• keyword optimised

• repeatedly cited

• structured like an article

• posted across platforms

• embedded in automated content

• amplified by engagement

• summarised by AI tools

• translated into multiple languages

• presented as “what people are saying”

This is where SEO and OSINT collide.

And now GEO (Generative Engine Optimisation) adds another layer. We are moving into a world where people do not only search Google.

They ask ChatGPT.

They ask Perplexity.

They read AI Overviews.

They use summarisation tools.

They query dashboards.

They ask automated intelligence systems to brief them.

That means investigators may encounter information not as raw sources, but as AI-shaped answers. The danger is that AI systems can make polluted information look cleaner than it is. They remove the mess, compress uncertainty and summarise conflict. They may place a weak claim next to a strong source in a way that makes both look equally useful. They can turn a polluted cluster into a neat paragraph. And neat paragraphs are dangerous when the underlying source chain is dirty.

Practical example: the AI summary trap

Imagine an analyst asks an AI search tool:

“What is known about Group X and threats against Event Y?”

The AI returns a confident summary:

“Several online sources have linked Group X to planned disruptions around Event Y, including social media posts, forum discussions and local reporting.”

That sounds useful.

But what are “several online sources”?

Are they independent, credible, primary, just reposts or based on the same screenshot? Can you click and visit the sources?

Did the “local reporting” verify the claim or just repeat it?

Was the forum discussion organic or coordinated?

Did the AI understand the difference?

The analyst must not treat the AI answer as evidence. The AI answer is a lead. Nothing more. The source chain still needs to be reconstructed manually. In modern OSINT, the question is not only “what did the AI say?”

The question is:

What source path produced this answer?

Why multiple sources can still be wrong

One of the most common mistakes in OSINT is confusing multiple appearances with independent corroboration.

Traditional analysis often rewards source diversity. If one source says something, we are cautious. If five sources say it, we become more confident.

But in online investigations, five sources may not be five sources. They may be one source wearing five masks.

Here are common false-corroboration patterns:

1. The repost chain

One account posts a claim. Others repost it. Later, an analyst sees many posts and thinks the claim is spreading independently. But there is still only one origin.

2. The screenshot chain

A screenshot is shared without a link. Other users repost the screenshot. The screenshot becomes the evidence, even though nobody can verify the original post.

3. The article laundering chain

A weak claim appears on social media. A low-quality website writes an article about it. Other websites rewrite that article. The claim now appears in “media sources.”

4. The translation chain

A claim is translated across languages. Each translation removes uncertainty and adds interpretation. Eventually, the strongest version is not the original version.

5. The AI summary chain

An AI tool summarises multiple weak sources into a clean answer. Another person quotes the AI answer. The summary becomes a new source.

6. The influencer chain

A large account repeats a weak claim. Smaller accounts treat the influencer as validation. The influencer’s reach becomes mistaken for evidence quality.

7. The archive chain

A false page is archived. Later, the archive link gives the false claim a sense of permanence and legitimacy.

This is why analysts must map source relationships, not just collect source counts.

A good OSINT report should not say:

“Multiple sources confirm…”

unless those sources are genuinely independent.

A better phrase is often:

“Multiple online references repeat the same unverified claim, but they appear to trace back to a single origin.”

That one sentence can save an investigation from overstating confidence.

The analyst’s biggest enemy: fluency

AI-generated content is often fluent. That is part of the problem. Bad information used to have more obvious signals.

Poor grammar.

Broken formatting.

Strange phrasing.

Low-quality images.

Obvious spam behavior.

Those signals still exist, but they are less reliable.

AI can write cleanly, translate well, imitate a professional tone, generate realistic biographies, produce decent-looking reports, create summaries that sound analytical and remove the rough edges that used to make weak information easier to detect.

This means analysts need to stop using polish as a proxy for credibility.

The future of OSINT will punish analysts who confuse fluency with reliability.

Practical examples of evidence poisoning in different OSINT fields

Evidence poisoning does not only affect disinformation researchers. It affects almost every OSINT discipline.

Corporate security

A company monitors threats against executives.

An anonymous account claims that an executive is involved in corruption.

A few accounts repost the claim.

A fake whistleblower profile appears.

A low-quality article is published.

A YouTube video summarises the allegation.

An AI tool now says there are “online allegations” involving the executive.

The risk team must assess whether the allegation is credible.

The danger is that reputational risk and evidence quality get mixed.

Yes, the allegation may create reputational risk because people are discussing it.

But that does not mean the allegation is true.

The report should separate:

• existence of the narrative

• spread of the narrative

• credibility of the claim

• credibility of the origin

• potential impact on the company

• unknowns and confidence level

Do not let narrative visibility become factual confidence.

Law enforcement

Investigators monitor online threats around a public event.

Several accounts claim that a group is planning violence.

Some posts include screenshots of private chats.

Other accounts claim to know the suspects.

A few profiles share images of weapons.

The situation looks urgent.

But practical verification questions matter:

• Are the screenshots authentic?

• Are the weapon images original?

• Are the accounts linked to real people?

• Are the threat claims specific and actionable?

• Are the same accounts involved in prior hoaxes?

• Are the accounts amplifying each other?

• Is there offline corroboration?

• Is there a plausible capability and intent?

Online threats should never be ignored.

But neither should they be accepted at face value.

Evidence poisoning can create false positives.

False positives waste resources and can damage innocent people.

False negatives are dangerous too.

This is why structured confidence matters.

Journalism

A journalist sees a viral video claiming to show a massacre, police abuse, military movement or public disorder.

The video is emotionally powerful.

Many accounts share it.

The pressure to publish is high.

But emotional urgency is exactly when verification discipline matters most.

The journalist should ask:

• What is the earliest upload?

• Who filmed it?

• Where exactly was it filmed?

• When was it filmed?

• What is outside the frame?

• Is there matching local reporting?

• Are there satellite, weather, traffic, acoustic or visual clues?

• Are there signs of reuse?

• Who benefits from this framing?

• 
  

In breaking news, being first can make you visible.

Being wrong can make you part of the poisoning.

Cyber threat intelligence

A threat actor claims to have breached a company.

They post a sample file.

Other channels repost it.

A few security blogs mention the alleged breach.

The company name starts trending in threat-intel circles.

But the sample file may be old.

It may come from a previous leak.

It may be scraped data.

It may be fabricated.

It may be mixed with real data to appear credible.

It may be used for extortion.

CTI analysts should separate:

• actor claim

• actor reputation

• data authenticity

• data freshness

• source of the sample

• uniqueness of the records

• evidence of access

• victim confirmation

• operational impact

  
  

A threat actor’s claim is not evidence by itself. It is a lead. Sometimes criminals poison the information environment to increase pressure on victims.

Geolocation

A photo is claimed to show a suspect near a sensitive location.

The image includes recognisable buildings.

The geolocation appears correct.

But there are still questions:

• Was the person actually there?

• Was the image manipulated?

• Is the person in the image the claimed person?

• Is the image recent?

• Was the background inserted?

• Was the photo taken from a real estate listing, travel blog or stock image?

• Does the lighting match the claimed time?

• Does clothing match the season?

• Is there EXIF data, and can it be trusted?

• Does the image appear elsewhere?

  
  

Geolocation proves where an image appears to have been taken.

It does not automatically prove who took it, when it was taken, why it was taken or whether the claimed person was present.

Extremism and radicalisation monitoring

A network of accounts posts increasingly violent rhetoric.

Some accounts appear to encourage others.

A few profiles claim they are ready to act.

Screenshots circulate in monitoring communities.

This area is sensitive because online rhetoric can become real-world harm. But evidence poisoning can happen here too.

False extremist personas can be used to:

• provoke real users

• discredit a movement

• create panic

• lure individuals into conversations

• make a group appear larger than it is

• frame opponents

• generate media attention

• manipulate law enforcement attention

Analysts need to be careful with attribution.

They should distinguish:

• genuine ideological commitment

• trolling

• roleplay

• provocation

• infiltration

• satire

• mental health crisis indicators

• coordinated influence behavior

• actual capability and intent

  
  

Not every violent post is an operational threat. Not every anonymous account is who it claims to be.

But every credible threat deserves structured assessment. Evidence poisoning makes that assessment harder.

The SOURCE framework for detecting evidence poisoning

We need practical methods, not just warnings. Here is a simple framework analysts can use. I call it SOURCE.

S - Source origin

Find the earliest trace.

Do not start with the version that went viral.

Start with the first known appearance.

Ask:

• Where did this claim first appear?

• Who posted it first?

• Was it text, image, video, screenshot, document or audio?

• Is the original still available?

• Has it been edited?

• Are there archived versions?

• Did it appear first in one language and later in another?

• Was the first source credible, anonymous, new or suspicious?

The earliest source is not always the true source. But it is the best starting point.

O - Ownership and operator signals

Investigate who controls the source.

For accounts:

• creation date

• username history

• profile photo history

• posting rhythm

• language use

• network connections

• follower quality

• previous topics

• behavioral consistency

• signs of automation

For websites:

• domain registration clues

• hosting patterns

• archive history

• author identity

• contact details

• content quality

• reused templates

• outbound links

• ad networks

• related domains

For channels and groups:

• admin signals

• posting schedule

• amplification patterns

• cross-posting behavior

• linked communities

• recurring narratives

  
  

You are not only verifying content. You are verifying the container that delivered the content.

U - Upload and reuse history

Check whether the material has appeared before.

For images and videos:

• reverse image search

• video keyframes

• thumbnails

• filenames

• watermarks

• captions

• compression artifacts

• platform reposts

• earlier language versions

For text:

• exact phrase search

• unique sentence search

• quote search

• translation search

• AI-like repetition patterns

• copied paragraphs

For documents:

• metadata

• formatting consistency

• fonts

• author fields

• template reuse

• file creation clues

• previous public versions

A lot of fake context is exposed by reuse. Old material with a new caption is one of the oldest tricks online.

R - Relationship mapping

Map how the sources relate to each other. Do not just collect them. Draw the chain.

Ask:

• Which account posted first?

• Who amplified it?

• Which accounts cite each other?

• Which websites repeat the same wording?

• Are the same images used across profiles?

• Do the accounts share followers?

• Do they post in synchronized bursts?

• Are there common links, domains or hashtags?

• Are the comments organic or coordinated?

The goal is to determine whether you have independent sources or one source echoing through a network.

Corroboration requires independence. Without independence, you have repetition.

C - Context integrity

Check whether the context holds.

For event claims:

• date

• time

• weather

• shadows

• clothing

• language

• signs

• architecture

• vehicles

• road markings

• local holidays

• public transport disruptions

• local media

• official statements

• live cameras where available

For identity claims:

• age consistency

• career timeline

• location history

• language ability

• social graph

• platform behavior

• profile evolution

• cross-platform consistency

For documents:

• terminology

• formatting

• dates

• signatures

• logos

• version history

• internal consistency

• whether the organization would produce such a document in that form

Context is where many false claims collapse.

The content may look real. The context may not.

E - Evidence confidence

Finally, assign confidence. Do not just say “verified” or “unverified.” Use levels.

For example:

• High confidence

• Moderate confidence

• Low confidence

• Unverified

• Disputed

• Likely false

• Insufficient information

Explain why.

A good confidence statement might look like this:

“Moderate confidence that the video was filmed at the claimed location, based on matching architecture, road layout and signage. Low confidence that it was filmed on the claimed date, because no earliest upload has been established and the weather does not match local records.”

That is much better than:

“Video verified.” 

Verification is rarely binary. Confidence is the language of honest analysis.

The evidence poisoning checklist

Use this before placing online material into a report.

Origin

• Did I find the earliest known appearance?

• Did I preserve the original URL?

• Did I archive the source where appropriate?

• Did I separate original material from reposts?

• Did I check whether the source has changed over time?

Independence

• Are my sources genuinely independent?

• Are they citing each other?

• Do they trace back to the same origin?

• Are they part of the same network?

• Am I counting repetition as corroboration?

Identity

• Is the account/person real?

• Is the profile photo authentic?

• Does the biography make sense?

• Is the posting history consistent?

• Does the claimed location match behavior?

• Are there signs of persona farming?

Media

• Has the image or video appeared before?

• Is the media cropped or edited?

• Do visual details match the claim?

• Do weather, shadows and environment match?

• Is the audio consistent with the scene?

• Could the media be AI-generated or manipulated?

Context

• Is the date verified?

• Is the location verified?

• Is the translation accurate?

• Is there missing surrounding conversation?

• Has the material been reframed?

• Does the claim depend on an emotional caption?

AI and search

• Did an AI tool summarise this claim?

• Did I inspect the sources behind the AI answer?

• Are AI systems citing derivative sources?

• Is the claim appearing because it is true or because it is and amplified?

• Did I treat the AI answer as a lead instead of evidence?

Reporting

• Did I state confidence clearly?

• Did I document uncertainty?

• Did I separate facts from assessment?

• Did I explain source limitations?

• Did I avoid overstating what the evidence proves?

• Did I include what would change my assessment?

The language problem: how words inflate weak evidence

Evidence poisoning is not only a source problem. It is also a writing problem. Analysts sometimes poison their own reports by using language that is too strong.

Words matter.

Compare these phrases:

“Multiple sources confirm…”

versus

“Multiple accounts repeat…”

Those are not the same.

“Online evidence shows…”

versus

“Online material suggests…”

Not the same.

“Linked to…”

versus

“Mentioned alongside…”

Not the same.

“Verified video…”

versus

“Video geolocated to…”

Not the same.

“Known associate…”

versus

“Account frequently interacts with…”

Not the same.

“Threat actor breached…”

versus

“Threat actor claims to have breached…”

Not the same.

Bad wording turns uncertainty into fact.

This is especially dangerous when reports are read by executives, investigators, journalists or decision-makers who do not see the underlying source mess.

A polished report can hide weak evidence. So can an AI-generated summary.

Good OSINT writing should preserve uncertainty, not erase it.

The screenshot problem

Screenshots are useful. But screenshots are also dangerous. A screenshot without context is not enough.

Screenshots can be:

• fabricated

• edited

• cropped

• translated incorrectly

• taken from another date

• taken from a fake account

• missing the URL

• missing the surrounding thread

• missing the platform context

• missing replies that change the meaning

• impossible to verify later

This does not mean screenshots are worthless.

It means screenshots should be treated as captures, not conclusions.

A proper source trail should include:

• original URL

• capture date and time

• platform

• account identifier

• surrounding context

• archive link where possible

• notes on access limitations

• whether the content was deleted or edited

• whether the screenshot was made by you or obtained from someone else

If all you have is a screenshot, say so.

Do not pretend it is stronger than it is.

A screenshot can:

• be a lead.

• support documentation.

• preserve volatile content.

But a screenshot alone should rarely be the end of verification.

The AI problem: useful assistant, dangerous witness

AI is useful in OSINT. I use it. Many analysts use it.

It can help with translation, summarisation, entity extraction, brainstorming, coding, clustering, report drafting and identifying investigative angles.

But AI should not be treated as a witness.

AI did not see the event.

AI did not collect the source.

AI did not verify the identity.

AI did not understand the operational consequences unless you force it to reason with evidence.

AI can help you think.

It can also help you become lazy. That is the danger.

In evidence-poisoned environments, AI can make things worse because it is very good at turning messy, uncertain information into clean language. Clean language feels safe. But the source chain may still be dirty.

Safe ways to use AI in polluted investigations

Use AI to:

• generate alternative hypotheses

• list verification steps

• extract entities from long texts

• compare conflicting narratives

• identify missing information

• translate content carefully

• summarise only after source quality is assessed

• draft confidence language

• create structured timelines from verified inputs

Do not use AI to:

• decide whether a person is guilty

• confirm identity without evidence

• summarise unknown sources as fact

• replace source verification

• rank threats without context

• infer intent from weak signals

• treat popularity as credibility

• generate final conclusions from unverified material

A simple rule:

AI can help process evidence. It should not become the evidence.

The GEO problem: when AI engines choose what becomes visible

There is another angle that OSINT people need to understand. The internet is not only searched by humans anymore. It is increasingly interpreted by machines.

Traditional SEO (Search Engine Optimisation)  was about being found by search engines.

GEO (Generative Engine Optimisation) is about being found, cited or summarized by AI answer engines.

This matters for OSINT because polluted information can be designed not only for humans, but also for machines.

A bad actor may not need to convince every analyst directly.

They may only need to place enough structured, repeated, keyword-rich material online so that search engines and AI systems start surfacing it.

This could affect:

• reputation attacks

• smear campaigns

• fake allegations

• synthetic expert commentary

• false company histories

• fake local news

• manipulated crisis narratives

• political influence operations

• scam legitimacy

• threat actor branding

If AI systems start summarising polluted material, the pollution gets a second life. It becomes discoverable through questions. This is why analysts must inspect not only the answer, but the retrieval path.

Ask:

• Why did this source surface?

• Is it primary or derivative?

• Is it recent because it is new, or because it was republished?

• Is it cited because it is credible, or because it is structured well?

• Are multiple AI tools repeating the same weak source?

• Are search results dominated by content farms?

• Are exact phrases appearing across many low-quality domains?

In the future, adversaries will not only manipulate people. They will manipulate the information systems people rely on. That includes AI.

How to report evidence poisoning properly

When you suspect evidence poisoning, say so carefully.

Do not overstate. Do not accuse without evidence. Use structured language.

Example wording:

“Several online sources repeat the claim, but the available material appears to trace back to a single anonymous account. No independent primary source was identified during this review.”

“Confidence in the claimed date is low. The video appears authentic as media, but current evidence does not support the caption’s timeline.”

“The account presents as a local witness, but its creation date, posting pattern and amplification behavior suggest it may not be an organic observer.”

“The article should be treated as derivative reporting. It appears to summarize social media claims without independent verification.”

“AI-generated summaries identified during the review repeated the claim but did not provide additional primary evidence.”

“This assessment distinguishes between the spread of the allegation and the credibility of the allegation.”

That last sentence is especially important. Good OSINT keeps those lines clear.

Practical mini-cases

Below are short hypothetical cases that show how evidence poisoning can work. These are not about one platform or one country. They are patterns.

Case 1: The fake witness swarm

A breaking incident occurs near a train station.

Within minutes, several accounts claim they are nearby.

They describe the same suspect.

They mention the same detail: a red backpack.

A few accounts post blurry images.

One image is widely shared.

The phrase “red backpack” starts appearing in posts.

A local rumor account posts: “Multiple witnesses report suspect with red backpack.”

But analysis shows:

• the earliest “witness” account was created that day

• several accounts used similar wording

• the blurry image came from an unrelated event

• no verified local witnesses mention a red backpack

• official updates describe no suspect matching that detail

The red backpack became a false anchor.

Once people repeated it, others began looking for it.

This can distort public reporting and investigative attention.

Case 2: The synthetic expert

A polished LinkedIn profile appears for a “geopolitical risk consultant.”

The person posts daily analysis about a conflict.

Their posts are well written.

They cite public sources.

They slowly build an audience.

After months, they start promoting a specific narrative about who caused an attack.

Journalists quote them.

AI search tools summarise them.

But checks reveal:

• no employment records outside self-published profiles

• profile image shows signs of AI generation

• posts are mostly rewritten from public analysis

• the account’s early followers are suspicious

• the same writing pattern appears on other personas

• the domain linked in the bio was recently created

The issue is not only that the expert is fake. The issue is that the fake expert became part of the public evidence environment.

Case 3: The old video, new outrage

A video of police violence circulates with a current caption.

It triggers anger.

Activist accounts share it.

Opposing accounts use it to attack the activists.

Media accounts ask questions.

Politicians comment.

Then it turns out the video is real but old, from another country.

The damage is already done.

The poisoned context created real emotions, real arguments and real reputational consequences. This is why verification must happen before amplification. Especially when content is emotionally explosive.

Case 4: The breach that may not be a breach

A threat actor claims to have breached a major company.

They post a sample dataset.

Cybersecurity accounts amplify it.

Newsletters mention it.

The company’s customers start asking questions.

But the sample data appears to come from an older third-party leak.

The actor may not have breached the company at all.

Still, the claim creates pressure.

This is information manipulation through claimed access.

The correct assessment should separate:

• the actor made a claim

• the data sample contains real-looking records

• the data may be old

• no evidence currently proves fresh access

• reputational impact exists regardless of breach confirmation

Case 5: The fake local news loop

A website appears with a local-sounding name.

It publishes short articles about crime, protests and political tensions.

The articles are AI-written.

They cite social media posts.

Social media accounts then cite the articles.

The website and the accounts reinforce each other.

Soon, search results show “local reporting” about issues that may have originated from anonymous posts.

This is narrative laundering.

The article gives the post legitimacy.

The post gives the article engagement.

The search engine gives both visibility.

An analyst who does not inspect the loop may mistake it for local evidence.

What OSINT teams should change

This problem is not solved by one tool. It requires better habits.

1. Teach source-chain reconstruction

Every OSINT course should teach people how to map where a claim came from and how it moved.

Not just how to find things.

How to understand the life of a claim.

2. Separate discovery from verification

Finding something is not verifying it.

AI is useful for discovery.

Search engines are useful for discovery.

Social platforms are useful for discovery.

But discovery is step one.

Verification is a different discipline.

3. Use confidence language

Stop writing binary conclusions when the evidence is not binary.

Use confidence levels.

Explain uncertainty.

State what is known, unknown and assessed.

4. Track source independence

Do not count sources until you understand their relationships.

Five reposts are not five confirmations.

5. Preserve source trails

Keep URLs, timestamps, screenshots, archives, notes and context.

Do not rely on memory.

Do not rely on AI summaries.

Do not rely on screenshots alone.

6. Train against emotional manipulation

The more emotionally powerful the content, the more verification discipline matters.

Outrage is not evidence.

Fear is not evidence.

Urgency is not evidence.

7. Audit AI outputs

If AI gives you a summary, inspect the sources.

If AI gives you citations, check them.

If AI gives you confidence, challenge it.

If AI gives you a neat answer, look for the mess underneath.

A simple evidence grading model

For practical reporting, teams can use a basic grading model.

Source reliability

A — Known reliable primary source

B — Usually reliable source with some limitations

C — Unknown or mixed reliability

D — Low reliability or anonymous source

E — Known unreliable or deceptive source

Information credibility

1 — Confirmed by independent primary evidence

2 — Probably true, supported by several indicators

3 — Possibly true, limited support

4 — Doubtful, major gaps or contradictions

5 — Likely false or misleading

Example

A video from a known journalist at the scene might be B2 or A2 depending on context.

A screenshot from an anonymous Telegram account might be D3 or D4.

A claim repeated by multiple anonymous accounts tracing back to one origin might still be D3 or D4, even if it appears widely.

This kind of grading forces analysts to separate source quality from claim visibility.

The truth

OSINT became popular because the internet made information accessible.

But access is not the same as truth. The next phase of OSINT will not be defined by who can collect the most data. Everyone can collect data.

Tools can collect data.

AI can summarize data.

Dashboards can visualize data.

The scarce skill will be judgment.

Can you tell the difference between a source and an echo?

Between a witness and a persona?

Between an event and a reframing?