So I looked around TD and found some vendors have a fucking GMAIL as en email listed when importing their PGP key. LOL what the fuck are they thinking?
Edit: Third one had @gamil.com
Edit 2: Vendors Waxthtazz and cheetahgofast have same PGP key. WTF. Although they were @ip2tor
People seem to side on believe that the address may be fake or not used.
WHY put them there in the first place then? You can make PGP key pair without an email address.
Why not use a super fake sounding email if you actually wanted to include one?
This is simply horrible OPSEC.
How do you know those are real Gmail addresses? You can put any old crap you want in there, it's not verified.