Following up on my previous article, I decided to write a new one that will give you a basic approach to becoming a kind of ghost on the internet—at least, doing better than 99% of the people on this planet.

In this article, we will distinguish between two types of "Ghost Mode" applied to OPSEC, but I will only detail one.

You'll understand why just below.

Two types of "Ghost Mode"

The first type of "Ghost Mode" is something I associate with a concept worthy of secret agents. Maybe I'm exaggerating a bit, but have you ever heard of the "Gray Man" concept?

A brief definition:

A Gray Man is someone who dresses and acts in a way that makes them nearly undetectable to those around him.

This label also isn’t just tossed around casually amongst hardcore tactical survivalist, a “Gray Man” is used by the military. It’s a standard military term used to describe the act of “blending in”.

Essentially, it means existing amongst others without being noticed. Naturally, this would be an essential survival skill for armed forces.

The "Gray Man" Concept Applied to Digital OPSEC

The "Gray Man" concept is all about blending into the crowd. The goal is to become indistinguishable, because as the saying goes, it's like looking for a needle in a haystack. You want to avoid drawing attention.

On the opposite end, there's the full "Ghost Mode," which means being completely untraceable, both digitally and physically. However, this is an unrealistic goal in a civilian setting since we simply lack the means to implement the necessary countermeasures to make our identification and tracking truly impossible.

Moreover, trying to act this way makes you stand out—like a black sheep among white sheep. You become more noticeable rather than less.

So, let’s explore my vision of the "Gray Man" concept applied to digital OPSEC.

Differentiate Between Your Online and Personal Identity

The main reason to use a pseudonym is to avoid publicly displaying "My name is John Doe, and I live at this address." However, many people link their pseudonym to their real identity. This is not in your best interest because a single data breach can forever connect your supposed protective alias to your actual identity.

The first step is to recognize this risk and assess the extent of the problem by listing all your online accounts that are registered under your pseudonym but contain real personal details like your name and address.

Next, make decisions. Determine whether having your real personal information is necessary for your account to function. Use this as an opportunity to delete unused accounts. If you're unsure how to delete them, you have two options:

• JustDeleteMe
• Contact customer support

The best way to track your accounts is to use a trusted password manager (I personally use Proton’s, which works well for me). This allows you to maintain an inventory, generate complex passwords, and store them securely—saving time and mental effort.

Compartmentalization: The Key to Keeping Identities Separate

It’s simple: treat your pseudonym as if it were an entirely different person. Give it a fictional administrative identity—name, address, birth date, etc.

An alternative, though slightly riskier, is to use your real name if it is extremely common. In this case, change the birth date, location, and current address to avoid being easily identified among your namesakes.

For compartmentalizing your browsing, I recommend Firefox and its Multi-Account Containers feature, which allows you to isolate tabs. Use one container for your real identity (banking, Amazon, etc.) and another for your pseudonymous identity (social media, YouTube, Discord, etc.).

For emails, Proton offers a Mail Plus plan at €3.99/month, allowing up to 10 additional addresses linked to the same inbox. This enables you to compartmentalize your usage: one email for personal life, one for pseudonymous accounts, one for OSINT sessions, and so on.

When a phone number is required for registration, the simplest solution is a prepaid SIM card dedicated to pseudonymous accounts.

Avoid using the same VPN for both your bank and for tweeting about sensitive topics. As we’ll see, your digital footprint is what identifies you and links your different identities and online accounts.

Minimizing Your Digital Footprint Without Overcomplicating Things

The goal is to make data collection more difficult while remaining a regular user. This is tricky because the more protections we implement, the more unique we become. Compartmentalization helps separate identities, and it’s best to maintain different habits for each.

A good exercise is to visit amiunique.org to analyze your browser’s fingerprint. You’ll see what information is collected about you while browsing and how it can link back to your real identity.

To minimize traceability, here are some recommended extensions:

• Privacy Badger
• uBlock Origin
• Decentraleyes
• ClearURLs
• Chameleon

Be aware that these can make your fingerprint more unique. It’s about finding a balance to blend into the majority of users.

For extreme cases, you can use two separate computers:

• A personal PC without a VPN and minimal protections for daily use (banking, administration, personal emails, etc.)
• A dedicated PC for your pseudonymous identity, with a VPN and enhanced security (OSINT sessions, gaming, Discord, etc.)

By keeping identities separate, you’ll already be ahead of 90% of people.

Erasing Existing Digital Footprints

You’ve likely left traces online in the past. If you want a higher level of discretion, you need to assess your digital footprint and decide what to do about it.

OSINT skills are particularly useful here. Conducting an OSINT investigation on yourself with all possible starting points will give you a clear picture of what is publicly visible. This is also excellent training for improving your digital investigation skills.

A good starting point:

• Delete unused accounts, or if deletion is not possible, replace real information with false details.
• Review and clean up your social media posts.
• Learn to avoid sharing overly personal information.

Conclusion

Completely disappearing from the internet is nearly impossible, and blending in seamlessly without raising any red flags is even harder. But remember, if you’re not doing anything illegal and you’re just a regular person looking for more anonymity, there’s no need to fall into paranoia.

Being more discreet than others doesn’t mean living in fear. It’s about being aware of what information about you is circulating online and taking steps to control it.

Total anonymity is unattainable unless you give up the internet entirely. Even then, that would only apply to your online presence. In real life, being totally anonymous would mean not existing in the eyes of any institution—which, realistically, is not your goal.

I know this article is general and doesn’t offer a magic solution. I’ve probably missed some points, but that’s intentional—to spark your curiosity and encourage you to explore the topic further.