Bad OPSEC?: Vendors using electronic shipping and tracking

All the tracked packs I have received up to this point all had priority stamps with a 400 shipping label. Leaves no trace, right? I recently received a package that was shipped using an electronic account. It wasn't just the shipping label that was used electronically, my name was entered into a website and was a part of the label. Everything landed fine but my very big concern is that if that vendor gets profiled by LE (he's getting to be a big vendor, so, he will eventually) and the account used to do the electronic shipping is compromised, my drop information can then be associated with a known drug shipping operation. This concerns me greatly. Is there a way to use tracking electronically where this is not the case? Am I pissed off/worried for no reason? I just can't see a scenario where using electronic shipping is good OPSEC. I would really like to hear from some knowledgable sources on this topic.


Comments


[6 Points] honestlyimeanreally:

It's good OpSec for the vendor and bad OpSec for the buyer.


[4 Points] SamuraiiJack:

Plenty of ways to use electronic shipping and maintain good opsec. If its done right, I would say it's better than the alternative, as they fall under less scrutiny.


[2 Points] roionsteroids:

In Germany there are prepaid tracking labels ("Einschreibemarke", cost 2.50€) that you can put on a letter in addition to an address. Can buy these online and offline, no idea if you can get them for bitcoin anywhere, however they're anonymous.

No idea if that exists in other countries, but I assume it does?


[2 Points] JustForResearch_:

There are sites that don't require an account to buy shipping labels, like shipnik.

"my drop information can then be associated with a known drug shipping operation" TRUE, but it's far from evidence of wrong doing. I suppose it could be considered probable cause and result in further investigation if the name or address used for the drop are on LE's radar already. But otherwise, it's hard to imagine LE persuing that lead.

I ONLY use regular stamps. I found shipnik buggy and unreliable.


[2 Points] FrozenMCVegetableCok:

I'm on the fence about it myself for the following reasons:

1) it does create a digital trail of sorts unless extra precautions are taken such as having a fully verifiable fake persona with a valid real credit card that's not stolen and an ID to go with it.

2) Valid businesses send tons of stuff daily via these online postage systems. Anything sent through them gets hidden in the sheer volume of normal business mail and looks less questionable than prepaid stamps on every package.


[1 Points] None:

Ever heard of mail covers? Your name/address being on a package is no more of a problem than normal. Its always stored on a computer.


[1 Points] HypothermicPenis:

If they have the dealer, why would they waste time on who they were selling to? Leo wants to go UP the ladder to find bigger fish, not down to find smaller fish. Leo will be looking where your dealer's dealer is at, not you.


[1 Points] madrigalelectra:

I read recently a thread where a postal worker for USPS was saying that a bunch of stamps on a package is one of the red flags that they look for when profiling DNM packages, so maybe this is actually not terrible to have a real account label on the package. For all anyone knows, there could be legal shipping mixed in with illegal activities. If I was a vendor, I'd probably setup a fake business name USPS account and sell some ridiculous shit on ebay that I had to ship regularly out then mix that in with the illicit packages on the same account. That way if for some reason I did get caught at a drop by LE and they had my shipping number, then there would be legitimate business transactions mixed in with it and plausible deniability for anyone I sent to. But I am not a vendor and have no clue, so what I am saying could potentially be a terrible opsec.


[1 Points] GroovieonLSD:

Sounds like the vendor is on point, probably clean the money through some false ebay transaction. The only person that can say a transaction DIDNT happen on Ebay is the Buyer and Seller. If the vendor is both the buyer and seller to that Ebay transction to print you a label.

You think at such a low level sometime. I prefer to think of it a carefully planned ~risk~ ~reward~ assessment. Mail with an E-label look way more legit.


[0 Points] jeffislearning:

I remember back in the days of SR I wouldn't do business with any vendors who didn't disclose exactly how they went about their packaging and shipping and information handling. The only information they should have on the buyer after a completed transaction is the buyer's PGP and email.