Category: Law Enforcement

Open Source Network Tools for Investigations 

What is Open Source Intelligence (OSINT)?

Open Source Intelligence (OSINT) is defined as data and information that is collected legally from open and publicly available resources. Obtaining the information doesn’t require any type of secretive method and is retrieved in a manner that is legal and meets copyright requirements.

 The Internet has all the information readily available for anyone to access. Collection of information using these tools are referred to as open source intelligence. Information can be in various forms like audio, video, image, text, file etc. A few of the data categories available on the internet include:

  1. Social media websites like Twitter, Facebook, Instagram, etc.
  2. Public facing web servers: Websites that hold information about various users and organizations.
  3. Mass media (e.g. newspapers, TV, radio, magazines and websites)
  4. Code repositories: Software and code repositories like Codechef, Github hold a lot of information but we only see what we are searching for.
  5. Public records databases
  6. Government reports, documents and websites
  7. Maps and commercial imagery
  8. Photos and videos
  9. The dark web

Who Engages in Open Source Intelligence gathering and analysis?

Anyone who knows how to use the tools and techniques to access the information is said to have used the process. However, the majority is used formally by the United States intelligence community, the military, law enforcement, IT security professionals, private businesses and private investigators.

Gathering the information manually can eat up a lot of time, but now there are tools that can help collect the data from hundreds of sites in minutes, easing this phase. Let’s say, for example, you want to identify whether a username is present and if so, on which/all social media websites. One way is to log in to all the social media websites (and there are more than you know!) and test the username. Another way is to use an open source tool that is connected to various websites and check the usernames presence on all the websites at once. This is done just in seconds using OSINT.

List of Open Source Intelligence Tools

The tools and techniques used in Open Source Intelligence searching go much further than a simple Google search. Following is a list of helpful, time-saving open source intelligence tools. Note: most are free, although some have advanced features available for a fee.

Email Breach Lookup – Have I Been Pawned

This site allows you to find out if a particular email address was affected by one of the many data breaches that have occurred over the years

Fact Checking Websites – Hoaxy, Media Bugs, PolitiFact, SciCheck, Snopes, Verification Junkie

Hacking and Threat Assessment – Norse

OSINT Image Search – Current Location, Image Identification Project, TinEye

Public Records (Property) – Melissa Data Property Viewer, Emporis Building Search

Sites like Zillow, Trulia, Realtor.com, etc. are always useful and should be a part of your investigative toolbox. But the two mentioned above provide various twists on property records searching and are definitely worth checking out.

OSINT Search EnginesGoogle Correlate, Google Search Operator Guide, Million Short, Shodan, TalkWalkerAlerts

OSINT Social Media Search ToolsFacebook Search Tools, TweetBeaver

OSINT Tool WebsitesIntelTechniques

SoftwareHunchly, Maltego, SearchCode

Surveillance CamerasEarth Cam, Insecam

Username CheckCheckUserNames, Knowem.com, Namech_k

Virus ScannerVirusTotal

Website Analysis – BuiltWith.com

The main benefit of OSINT is how the technology can help us in our day to day tasks. With all that information freely available multiple actors can accomplish various tasks. A security professional can use the information for data protection, security testing, incident handling, threat detection, etc. A threat actor, on the other hand, can gain information to perform phishing attacks, targeted information gathering, DDOS attacks and much more. The key is to select the right tools and techniques. Since this is all free, users can make their decision regarding how best to access the information they need.

Craigs List Fraud & Scams

Unless you’ve been hiding under a rock you have heard of Craigslist.

Craigslist is a great resource for selling things, finding apartments and jobs, locating services and meeting people. Most of the time transactions go smoothly and both seller and buyer are satisfied with the Craigslist experience.

But lately more and more people are being scammed on Craigslist losing money and, in worst case scenarios, putting themselves in danger.

To help keep yourself safe from scams, Craigslist advises that any business dealings be done with people in your own local area. Don’t do business with folks who live far away. Also look for listings with poor grammar and misspelled words. Beware of anyone offering more than what you asked for. Why would someone do that? Especially since Craigslist is known as the place to go for good deals.

Below are some of the most common Craigslist scams and how can you avoid them.

1) Nigerian or Foreign Country Scams

If you receive an email with very specific criteria…it’s more than likely a scam. Most will offer more than your selling price if you accept their check or money order. And if the buyer or seller tries to pay you with a money order or wire transfer — take that as a big, waving red flag. 

Scammers over the years have developed pretty sophisticated-looking fake packing slips or even money orders claiming to be from trusted institutions like Western Union. Often, these scams are part of a Nigerian 419 scam, and could entice you to send the buyer your goods before the fake check or money order clears. To avoid getting duped, don’t accept money orders on Craigslist and, if you must use a check, make sure it clears before sending what was bought.

2) Fake or Cancelled Tickets

Ticket scams are among the more common scams on Craigslist. My husband was actually a victim of this. Savvy scammers have been able to make fake tickets that look real to big events like concerts or sports games. According to WiseBread.com, some scammers have even replicated holograms and watermarks on tickets for concerts or events — and these tickets are either fake or already cancelled – setting you up for a big disappointment. To avoid the headache, only go through reputable sites like Ticketmaster or the actual venue.

3) Non-Local Ads

In general, whenever an ad is not local, it’s generally not a good idea to pursue it. If someone posts a non-local ad they usually won’t be able to meet up with you and will often require transferring money through some online platform (which is a red flag!).

While there are certainly some precautions that should be taken when actually meeting and conducting a transaction in person (such as meeting in a public place or bringing a friend with you), some people that are unable to meet in person (or refuse to) could be scammers on the site. 

4) Fake Craigslist Site

Yes, you can accidentally land on a fake Craigslist site. Scammers often use similar domain names in hopes of snagging internet searches from the real Craigslist site and convincing users to trust the fake ones. Some of these sites look very realistic and could cost you a lot of money. Rule of thumb: if any Craigslist site does not have the address http://www.craigslist.org, it’s fake. 

5) Scam Email from PayPal

Some scammers may use PayPal (or the promise of PayPal) to send or receive money on Craigslist. PayPal actually warns people to be wary of ads that want to use the site for transactions because many of them may never follow through or send you a fake PayPal email confirmation of a payment. Warning signs include emails that don’t address you by your full name or a statement that money is being held until you perform some action (like sending money through another wire service or using links to tracking orders).

6) Lured to a Mugging

This is a really nasty scam, and we could all fall for it quite easily. It’s also known as “robbery by appointment.” As a Craigslist seller, you will know that cash reigns supreme. You don’t want to deal with bounced checks. Craigslist scammers will place an ad for something like a car, high-end electronics, or another product of significant value. So you arrange to meet the seller (with a large amount of cash), and that’s when you’ll be jumped and the money taken from you. This “lure” scenario has happened many times over the years, which is why Craigslist advises you to meet in a safe, secure location, go with a friend (or two), and if in doubt, back out.

If you happen to see something on Craigslist that looks fishy, send an email to [email protected] and give them as much detail as you can about the listing. Make sure you include URL (or 8 digit post ID number) in your email. If you’re selling something and you think a con artist has expressed interest, forward it to [email protected]. Be smart, be aware and if in doubt ask your friends or someone with internet savvy what they think if something just doesn’t seem right. If it sounds too good to be true, it usuall

Think Your Data Is Private Because You’re Not on Social Media? Think Again.

Just because you’re not on Facebook or Twitter doesn’t mean your data is safe from social media or their clever algorithms. In two different studies, researchers found evidence that your privacy is no longer in your hands, even if you abstain from social media.

The studies, conducted at the University of Vermont and the University of Adelaide, found that they could predict a person’s posts on social media with 95% accuracy, even if they never had an account to begin with. The scientists got all the information they needed from a person’s friends, using posts from fewer than 10 contacts to build a mirror image of a person not even on the social network.  

The study, published Monday in the journal Nature Human Behavior, looked at more than 30 million public posts on Twitter (excluding retweets) from a total of 13,905 English-language users (attempting to eliminate bots and non-personal accounts) to populate their model. By using data provided by just 8 or 9 of a user’s contacts, the researchers were able to show that the tweets of friends allowed them to predict quite a bit about the original user. The original user’s Tweets allowed them to predict future tweets with an accuracy rate of roughly 64% and the user’s contacts gave them enough data to predict behavior with an accuracy rate of 61%. So, go ahead and delete your account, but information about you is still going to be generated (and pretty accurately) if you have a close relationship with at least 8 people who use the platform.

This analysis showed that “information within the Twitter messages from 8 or 9 of a person’s contacts make it possible to predict that person’s later tweets as accurately as if they were looking directly at that person’s own Twitter feed.”

“You alone don’t control your privacy on social media platforms,” University of Vermont professor Jim Bagrow said in a statement. “Your friends have a say too.” And even when you delete your social media accounts, if your friends are still there, tech giants are able to build profiles on you. This is already a concern that privacy advocates have about Facebook, called “shadow profiles.”

Now, there is a mathematical upper limit on how much predictive information a social network can hold. They can’t know everything about you, but they can know some things.

privacy in social media

So why is this information important? Businesses who want to sell you things or government agencies who want information about you can use this information to their benefit. Companies or agencies may not be able to find out your darkest secrets, but they can figure out things like your political or religious affiliation and products you might be interested in. The same things platforms like Facebook and Twitter know (and sell) about their users.

The researchers went on to acknowledge that their research “raises profound questions about the fundamental nature of privacy—and how, in a highly networked society, a person’s choices and identity are embedded in that network.”

“There’s no place to hide in a social network,” said 
co-author Lewis Mitchell.

Professor James Bagrow, also an author of the paper, confirmed: You alone don’t control your privacy on social media platforms. Your friends have a say too.

In April, Facebook CEO Mark Zuckerberg told lawmakers that the social network collected data on nonusers for “security purposes.” That includes people’s contact list when they use Facebook’s mobile app, which the company uses to suggest friend recommendations, it explained.

In response to the study, a Facebook spokeswoman said the company doesn’t build profiles on nonusers, even if it’s collecting data on them. “If you aren’t a Facebook user, we can’t identify you based on this information, or use it to learn who you are,” the company said in a statement.

The study shows there’s only so much you can control in terms of your own privacy and security online. As careful as you are online, the study suggests that you’re only as private as your friends have been.

Do You Speak Emoji?

Emojis are now a part of our culture and are being used as a way to communicate everything from emotions to soliciting drugs. Marketers are going as far as to mine emojis in social media the same way they mine data; to determine the emotion behind a brand. Some speculate it will morph into a language in and of itself. This is certainly true among criminals and drug dealers as we have seen first hand in our social media investigations. As we dig deeper into this subject, it is important to establish some baseline knowledge.

Let’s start with some history.

The most current statistics I have found on Emojis shows that there are now 2,623 official unicode emojis. Each day 5 BILLION emojis are used in Facebook Messenger alone and 60 million are used daily in Facebook.

Emojis were first used in Japan (the country where it originated) somewhere around 1997. In 1999 Shigetaka Kurita created the first widely-used set of emoji.

Emoji usage in marketing messages has rapidly increased at an annual growth rate of over 775 percent.

Can Emojis Be Used In Court?

We will be hearing much more on this subject, no doubt. Currently, this has been looked at by several law professors as well as attorneys and law enforcement. What if emojis have multiple meanings? How can one be sure it was meant for criminal purposes?

Between 2004 and 2019, there was an exponential rise in emoji and emoticon references in US court opinions, with over 30 percent of all cases appearing in 2018, according to Santa Clara University law professor Eric Goldman, who has been tracking all of the references to “emoji” and “emoticon” that show up in US court opinions. So far, the emoji and emoticons have rarely been important enough to sway the direction of a case, but as they become more common, the ambiguity in how emoji are displayed and what we interpret emoji to mean could become a larger issue for courts to contend with.

Still, it’s rare for cases to turn on the interpretations of emoji. “They show up as evidence, the courts have to acknowledge their existence, but often they’re immaterial,” Goldman says. “That’s why many judges decide to say ‘emoji omitted’ because they don’t think it’s relevant to the case at all.” But emoji are a critical part of communication, and in cases where transcripts of online communication are being read to the jury, they need to be characterized as well instead of being skipped over. “You could imagine if you got a winky face following the text sentence, you’re going to read that sentence very differently than without the winky face,” he says.

The Verge: Emoji are showing up in court cases exponentially, and courts aren’t prepared

For now Emojis can be used by investigators through investigative consultants and software platforms as a “tip” that there may be something illegal going on. Like anything in social media, it is a piece of a larger puzzle, but one in which needs to be understood.

Buying Drugs on Instagram: It’s easier than you think

Thought Instagram was for showing off selfies or sharing pics of your vacation in order to be the envy of your friends?

Apparently not…it’s now become the ideal place to connect with drug dealers. The word “obvious” is an understatement for how these dealers operate. With usernames like “ihavedrugs4sale” and drug-riddled posts/pictures, these users eagerly flaunt their offerings. The most popular items in their stock usually include marijuana, prescription painkillers, Xanax, molly (mdma), and lean (codeine syrup mixure).

For those struggling with drug addiction, this presents a huge problem. As the Washington Post reports, searching for the hashtags #oxy, #percocet, #painkillers, #painpills, #oxycontin, #adderall, and #painrelief will return a plethora of posts from Instagram users. Those users may be struggling with addiction, partying like it’s nobody’s business, or dealing the hashtagged drugs online. 

The problem is Instagram’s algorithms can’t distinguish the context the hashtags are used in. And if a user then follows a dealer using the hashtags, Instagram’s algorithms then suggest that user follow more drug dealers. In the course of one day over 50 Instagram dealer accounts were found simply be searching for different hashtags like #weed4sale.

So how does the process work? It will surprise you, or maybe appall, at how simple it is.

Selling Drugs in Social Media

Most dealer profiles have a bunch or “product” photos displaying their inventory and their contact information is in the bio or comments section. While some bravely post their mobile number, most use a messaging app called Kik. No phone numbers or personal info is exchanged here, only user to user messaging.


How are orders fulfilled? It’s as easy as ordering on Amazon. And sometimes faster.


You simply send a message with the product you are interested in purchasing and the dealer responds. Most dealers use wire transfer and can ship out the same day if you send money fast enough.
For what it’s worth, the ability to be connected with drug dealers via social media isn’t a problem unique to Instagram. The same types of posts are widespread on Facebook (which owns Instagram) and Twitter. In recent months Instagram has blocked search results for certain hashtags, such as #fentanyl, #cocaine, and #heroin, all illegal substances. But dealers simply switch to hashtagging their posts with legal drug names, or slightly tweaked the spelling of drug names–and then proceeding to sell both legal and illegal drugs to Instagram users when they connect with them outside of the platform.


Yet still, Instagram’s owner Facebook says it’s aware of the problem and is working to put a stop to the sale of illegal drugs through Instagram, though its initiatives are still in the “early stages.”

As Facebook’s vice president for global marketing solutions, Carolyn Everson, told the Washington Post:
“We’re not yet sophisticated enough to tease apart every post to see if it’s trying to sell someone illegal drugs or they are taking Xanax [because] they are stressed out. Obviously, there is some stuff that gets through that is totally against our policy, and we’re getting better at it.”


www.e-chatter.net
(866) 703-8238