Take a look at any police log and the dating app Tinder is sure to make an appearance. Most likely in regard to luring suspects to meet at a specific location and then rob them. Earlier this year, it was reported that 6 people lured through Tinder were robbed at gunpoint in Fresno, California. They asked people they met on Tinder to come to specific locations where the group would lie in wait and rob the victims at gunpoint.
With over 6.5 million monthly downloads in May 2021, Tinder is the most downloaded dating application in the world.
How Detectives Use Location Spoofing in Tinder
The first thing a Detective must do is to create a fake Tinder account. It is important to target the location where the criminal activity is taking place. They then throw out the bait and wait for someone to respond.They then put undercover police out to see if someone tries to rob them. Dangerous work, but very effective when a certain area seems to be targeted over and over again.
Creating a Fake Profile
One question we get a lot is how can you search dating apps to find a cheating spouse. Short answer, there is no way to do this effectively. You must have an account. Let’s take Tinder as an example.
To begin you need to sign up using Google, Facebook or a telephone number. Tinder is one site that doesn’t seem to mind using Google Voice Numbers. If you have one already set up, this is an easy way to get signed up. Next, you will receive your verification code. Once you log in it will want to know your location. Next, you will need to modify your profile. This gives you the opportunity to match the profile of someone your client’s spouse may be interested in. Use a profile pic generator to create a fictitious person (https://www.thispersondoesnotexist.com).This is something that is AI generated and can not be found in a reverse image search.
Tinder should give you a different set of results based on your location. It isn’t easy to search even with an account set up. It may help you to identify a person who has a profile on the app. Most times, this is what your client may be looking for.
Sounds like a lot of work, right? It is a lot of work and you may or may not find what you are looking for. If you do find your suspect, then not only do you know he/she is on the site, but you can use the image to conduct a reverse image search to determine if it is being used anywhere else online.
Facial recognition is something that you may want to zero in on before you begin any type of reverse image searching. If you just want to see if the photo itself is being used anywhere else online, then leaving the photo as is works well. However, what if you have a photo of a person but can’t identify the person? In that case, you may want to search a bit differently.
Google Reverse Image Search
Google doesn’t really focus all that much on the facial recognition aspect of a photo. Instead, it is geared more to searching content. That means it takes into consideration what the photo is about. Is it a photo of a person eating at a restaurant? You may get a large number of results showing you a photo of a person who looks similar, eating at a restaurant.
It doesn’t focus as much on the facial recognition aspect.
One work around to this is to crop your photo before searching through Google Image. Take out all the background and just focus on the face of the person if possible.
Yandex
Yandex’s image search is far superior for facial recognition. I highly recommend using it. Take a look at the difference between searches. I use a standard head shot in all my marketing online. It should come up in a Google reverse image search without any problem. However, it doesn’t.
Look at how much more you information you get from Yandex than from a basic Google Image Search. While there are photo selections offered to the right, Yandex allows you to further crop an area of the photo. This allows you to try the search in more than one way.
Notice also how it offers you sites containing information about where the image is online. It highlights several sites where this exact photo is being used.
Tin Eye
Tin Eye is used all the time in investigations. For this particular exercise, it did not fair as well as the others, however. The result I received from a basic search was a website that is not even up and running anymore.
Social media in many ways is still the wild, wild west. It is a lawless environment in which many people have been harmed by reckless comments. Over the last year, we have seen several cases in which one person was harassing another person in social media.
How common is online harassment? During a January 2020 survey it was found that 44 percent of internet users had personally experienced any kind of online harassment with 28 percent of respondents reporting to having experienced severe forms of online harassment such as physical threats, sexual harassment, stalking and sustained harassment.
What is Considered Defamation?
According to the Electronic Frontier Foundation (which has a great web page on online defamation law), there are three elements that must be shown during a defamation claim:
The statement has to be false
It has to be communicated (published) to someone other than the person being defamed
It has to be about the plaintiff and have the potential to harm their reputation
Written defamation is considered to be libel. Verbal defamation is considered to be slander.
For a statement to meet the legal definition of defamation, it has to be a false statement by a third party. Additionally, it needs to be intended to do serious harm to a person’s reputation. It has to be done “without fault”. You must be able to show someone was acting irresponsibly when making the statement.
Examples of Social Media Defamation
HG.org legal resources outlines social media defamation examples as follows. “Not every untrue or unkind statement is actionable. However, many statements are. For example, if you accused a person on social media of abusing his or her spouse or children, such a statement would likely be considered defamatory if it were not true. Even if an individual posts information that is partially true and partially false, he or she can be found liable for defamation. For example, a person may claim that an individual was fired for harassment. The individual may have been fired but not for harassment. The court may find defamation still existed despite some truth to the statement.“
Steps to Dealing with Social Media Defamation
Most businesses are monitoring online content through social media and the web. Most individuals are not. You may not even be aware of someone posting negative information unless an associate tells you about it. On the other hand, you may be very aware because the person has set out to harrass you online.
Do not respond. This is hard to do. Responding hastily can just make the situation worse.
Capture the evidence. Take screenshots as soon as you can in order to collect the posts. This will at least provide you with a good point of reference if things get worse.
The next step is to either hire a Private Investigator or an Attorney. Getting legal help is very important if it doesn’t look like this is going away. Either will be able to conduct some research on the perpetrator. You may not be the only one this is happening to. Legal help will also be able to authenticate the online evidence should it go to court at any point in time. An Attorney may be able to provide you with a Cease and Desist Letter.
Notify the social media company. Check out the resource pages. You may be able to report this.
Always be careful. This is especially true if the person lives near you. Exercise caution until you get it resolved.
You just enjoyed a nice dinner out with a few friends and are ready to pay. You reach in and notice you forgot your credit card. Your friend pays for dinner, but instead of waiting to pay him back you easily whip out your phone, head to your Venmo app, and send your friend money with ease.
What is Venmo?
Venmo is an app that is owned by PayPal with over 52 million users, as of 2020. This person-to-person app allows you to easily send or receive money from friends, family, or co-workers. Simply click on the “Pay or Request” button, type in your friend’s email, phone number, or username. You can also scan a QR code from the app if your friend is nearby. Venmo is also free when you link your bank account to the app. What is not to love? This app has some incredible advantages and unfortunately a few disadvantages…
Privacy Entanglements
Venmo requires you to write out or choose an emoji to describe your payment before you can submit it. While this is a clever way to keep track of your payments, there are significant privacy concerns involved.
Transactions you make are viewable on a public feed unless you change the settings to make them visible to just the party involved or only to your friends.
The amount of money sent or received is never public, but there is a text, emoji, and time stamp visible on all transactions.
Publicly viewed transactions are shared with third parties. Venmo’s privacy policy states that is shares user data “for everyday business purposes, for marketing purposes, for joint marketing with other companies.”
Not only is privacy an issue when it comes to third party sharing but what about all the “other” individuals out there, including your friends, that can see who you are paying and what you are doing?
The Dark Side of Venmo
From stalking, identifying cheaters, even buying or selling of drugs, it has all been seen and reported on over the years. One of the most alarming stories that has hit mainstream media recently is one of a national security risk. Buzzfeed News identified Joe Biden’s Venmo account, and sadly enough it was public. Once they identified that the account was truly our President’s, they quickly notified The White House.
“On Friday, following a passing mention in the New York Times that the President had sent his grandchildren money on Venmo, BuzzFeed News searched for the president’s account using only a combination of the app’s built-in search tool and publicfriends feature.
In the process, BuzzFeed News found nearly a dozen Biden family members and mapped out a social web that encompasses not only the first family, but a wide network of people around them, including the president’s children, grandchildren, senior White House officials, and all of their contacts on Venmo.” -Buzzfeed News
After this story was published, a Venmo spokesperson told BuzzFeed News: “The safety and privacy of all Venmo users and their information is always a top priority, and we take this responsibility very seriously. Customers always have the ability to make their transactions private and determine their own privacy settings in the app. We’re consistently evolving and strengthening the privacy measures for all Venmo users to continue to provide a safe, secure place to send and spend money.”
From celebrities being stalked through Venmo, and now our President’s private information being so very public by default, will the lines of privacy forever be tangled with Venmo? Time will tell.
Digital evidence has become more and more relevant for most civil and criminal investigations. Developing your OSINT skills is ongoing and understanding where it is all headed is just as important. It is an ever changing area, with new social media platforms sprouting up all the time.
When conducting online research on a person of interest for your investigation, it is important to develop a solid strategy. Once you begin gathering information, a clear chain of custody must be obtained with anything you find online. Additionally, authentication of social media posts or profiles are becoming more and more important to a case.
“We need all videos extracted and the subject’s social media profile captured and preserved.”
Recent client request
We are getting more and more requests like this every week. When a suspect or person of interest gets legal council, they may be advised to delete all their social media. That is why time is so important and it is becoming more important to start with online investigations before you do anything else. Many attorneys and PI’s have learned the hard way that what is here today, may be gone tomorrow. Understanding the differences in digital evidence can set your Private Investigation firm apart from the others.
The purpose of this blog post it to explain some of the differences in the capture of online evidence.
Screenshot Digital Evidence
Most of the time your OSINT discovery process is centered around a specific strategy and focus. The gathering of online information, its chain of custody, and your final report can and should contain screenshots and corresponding URLS. However, what if the Instagram post or video is just the digital evidence you were looking for? What if you know your attorney client is going to need this in the deposition, civil or even criminal case? It is times like this where a screenshot is not enough. Taking that extra step can be very valuable.
Social Media posts may not only be deleted or turned off, but they can also be edited. The post you see today may not be the same post you saw during your online investigation. Unless you have preserved the original post, you may not be ale to prove what was originally said.
For social media and web page evidence to be valid and accepted according to the Federal Rules of Evidence:
Original source code of the social media message, blog or webpage must be collected
Metadata must be collected
Digital signatures and timestamps must be placed on the data to provide evidence of data integrity & authenticity
Data should be prepared in EDRM-XML for easy processing & analysis in eDiscovery systems
Preserving the Digital Evidence
*Establishing a valid chain of custody means being able to show where the evidence has been, who has handled, and its condition at all times, in order to establish that there has been no alteration or tampering of the evidence prior to the time it is presented to the court. With respect to web pages and social media accounts, then, this means that the party propounding the evidence must establish:
When the record was originally produced;
That the record is an accurate recording of the webpage in question;
That the record was not subject to alteration from the time it was collected until the time it is presented in court.
Using the correct tool instantly generates a forensic report using a forensic SHA256 hash, and HTML source code. It means that your online preservations contain key identifying Metadata such as the timestamp, the URL, the IP address, the date, and the time of capture, using a certified Stratum-1 atomic clock in compliance with the eSign Act.
As a result, you can capture the evidence you need at the moment you need it, with the assurance that when you do, you are collecting evidence which contains the necessary hallmarks of authenticity that courts are increasingly seeking.
(*Web Preserver), This is the software we use at eChatter when we need to preserve digital evidence for our clients.
Web Scrapping
Can a website be scrapped or archived? Yes and It may surprise you to know just how often it is used. Web archiving tends to concentrate more on the look and feel of a website or profile. The Wayback Machine (a.k.a. archive.org), is designed for web archiving. They explain their company this way, “The Internet Archive, a 501(c)(3) non-profit, is building a digital library of Internet sites and other cultural artifacts in digital form.” It is like an online library of websites. ( As an aside, it is also a great way to check if a person of interest worked for a certain business years ago, as they may have been featured on the website).
Web scrapping is more focused on textual data. The most crucial step for initiating a web scraping project is to select a tool to fit your research needs. There a tons of them out there to choose from. It is important to remember that the collection of data, while publicly available, is still a collection produced by others. Depending on the case, be aware of the potential privacy and security implications and proceed with caution.
Web scrapping can be used for price monitoring, lead generation, marketing and research. The complexity of many websites makes it difficult to scrape data unless you know code. Software applications make this task easy for anyone and is not dependent on skills.
photo by: Octoparse.com
Example of a Preserved Post
The post below is a great example of what is captured during the preservation of a post. The key components are the URL, Timestamp (when the post was discovered), Hash, and Signature.
An entire profile of a person of interest can be over 100 pages and is captured in PDF report format.
By: Kathy Doering.
Kathy is President of eChatter, and is McAfee certified in OSINT and is a certified Social Media Intelligence Analyst (SMIA). Kathy also serves as president of The Global Social Media Research Association.
