eChatter

LinkedIn is the New Facebook: Search Tips

LinkedIn is slowly (over the last few years) turning from a business only platform to more of a sharing platform. While some things are still tabu, more and more users are sharing posts around personal matters than ever before. In fact, LinkedIn just launched its own version of Facebook stories. This will change how you search in LinkedIn.

LinkedIn Stories

LinkedIn, has recently announced the launch of its Stories feature to allow users to share their photos and videos of up to 20 seconds on their accounts. The UAE was actually the first country in the Middle East to try the new feature out. LinkedIn explained that since the Pandemic, more users were using the platform and they noted an increase of 20% of private messaging on the platform. The engagement on posts has tripled. Currently LinkedIn has 4 million active users.

LinkedIn Loopholes for OSINT

Last month, I wrote a blog post, “LinkedIn Loopholes. How to Use Them in Your Search.” As I outlined in that post, LinkedIn got rid of their advanced search option making searching the platform much more difficult to do. It is worth another look however. Especially, due to the recent addition of LinkedIn stories. It remains to be seen just how this will work and what, if any, search options there will be here.

How Does This Help the Private Investigator?

One way is to take a look at the user’s URL. For example purposes, we will use my URL for my Linkedin profile. Anyone can find me by searching for Kathy Doering, however take a look at my URL. If you were investigating me, you may consider using this unique URL to search Google.

A solid LinkedIn profile can uncover all kinds of clues in terms of previous work experience. Some users allow their connections to be public vs. private. This is another plus for the investigator.

Don’t forget to take a look at their interests and who they follow. Groups they are involved with may be of interest as well. If more personalization is where LinkedIn is headed, it will be well worth it to devote some research time here.

How to Catch a Cheater: The Web & Infidelity

We see our fair share of infidelity cases in which a Private Investigator wants to conduct a deep web scan on the person accused of cheating. This is always a mixed bag for us because there isn’t any software out there than can pull any or all data from dating sites. Most dating sites are password protected sites and require the user to have an account in order to search. And sometimes it is even hard to search when you have set up a fake account.

If you are willing to take the time to set up fake accounts, it may be worth it in the long run. This is especially true if you take on cases like this. You may even find it helpful in other online investigations too. Here is how.

Dating Sites

Match.com

Must have an account to search.
Create a fake account to get started.
Change your settings so you can be invisible and therefore not be able to be “searched”.

From there you can search. This is a great place to start any OSINT investigation because if a person is on a dating site, chances are they will be much more open there. You may be able to gather quite a bit of information that will help you locate your target on other sites, such as social media.

There are a lot more photos. Most people on a dating site want people to see them and therefore you will have more to go on.

Ashely Madison

Ashely Madison was hacked in 2015. Back then, hackers calling themselves the “Impact Team” stole 32 million records from users of the world’s leading extramarital affair site. As datasets go, this is one that’s tailor-made for extortion. Many people claimed to have the data dump, most proved to be untrue. I would bet that it made its way to the Dark Web however where information could be obtained for a fee and used in extortion cases. This one may be worth creating a fake account in. If you are not aware, it is designed for people who are married, but are looking to have an affair.

Meetup.com

This site is not exclusively used for dating. There are many different types of groups based on a particular interest. It may be a good one to dive into if you know some personal information on your target. For example, is your target a musician? There may be a group for that locally. It may seem like a long shot, but if you have the time, it could be worth the effort.

What About the Deep Web?

Diving into the deep web may help us to find a breadcrumb that could lead us to information that can help in surveillance. It may be a trend that is picked up relative to being part of the same forum, group or professional network. In cases like an infidelity case, the more data we have the better. One common thread, in discovering a cheating spouse, is the use of multiple email addresses. Try searching using all the email addresses because one of them just may be tied to a profile identifying the target. Almost any group or site online requires you to give an email address.

As you can see it is not always easy. While it may seem impossible, if you are willing to devote time to it, you may find what you are looking for.

4 Key Considerations For Social Media Intelligence

I recently had an insightful conversation with a Paralegal on using social media for deposition cases. He shared with me that the firm he works for conducts social media research on everyone. He shared that it was the only way they knew if their clients were being truthful with them. Too many times they learned of mistruths during the actual deposition. Can you imagine? Social media intelligence is becoming increasingly necessary for many cases.

That led me to think about what we do when we conduct social media/deep web research on a person of interest for a client. The who, what, where and why is becoming more and more important. Let’s beak it down even further.

The Who- What – Where – & Why –

Who: The who is the demographic information on your person of interest. This plays an important role in how we approach the search. Staying up to date on social media usage by demographics will help you narrow down your search a bit. Or, at the very least, give you a starting place.
What: What is the case about? Is it fraud, infidelity, workman’s comp, insurance fraud? This matters a lot. Depending on the case, there are less obvious sites to take a look at. For example, if an employee is stealing merchandise from their place of employment you may need to visit eBay or Craigs List.
Where: What area of the country does the person live? Someone living in a small town with limited resources may approach things differently that a person living in a huge city. The number of friends may be significantly larger in Facebook just because the city person may know more people.
Why: The why has to do with what you are specifically looking for. “We need to know if the suspect was active in sports after a certain date.” We are given this information by our clients many times. By knowing this information, we are able to use our time better by looking in social media specifically for this type of posting.

Stay Up To Date With Statistics As Part of Your Social Intelligence Process

Researchers are trained to keep up with changes in social media usage. It is part of an overall social media intelligence strategy. And that is not an easy task because people change their usage all the time. Ask any social media marketer. They are constantly looking at what is new in each platform on a weekly basis to be sure they are hitting the right audience with their marketing.

You see, it is not only about software. Software helps us to pinpoint areas of interest and certainly gives us additional, important clues. It helps to streamline the process. However, the human side is just as important if not more. Artificial intelligence and the understanding of algorithms are important but they have in no way replaced skilled researchers.

Social Media Regulation & Section 230

Will Social Media sites ever be regulated? Should there be a social media regulation policy? You can’t stop people from giving their opinions. That is called free speech. Social Media is the place where we all take part in free speech. What is up for debate is whether or not expressing your opinions on those sites falls under our First Amendment rights or not.

This week it comes front and center once again because of a Tweet from President Trump that Twitter added warnings to. Trump did not break any Twitter rules, however the social media site added its own opinion on the subject. It is no secret on how liberals feel about Trump’s Tweets. They despise them. I am certain that even some of Trump’s followers cringe at many of his Tweets. The problem here, in my opinion, is not the subject matter but the way in which Twitter did it. Should the owner of a social media platform be able to censor an opinion of anyone? And where does it stop?

What did Twitter Do?

Twitter said that the tweet about mail in voting fraud fell into a gray area of misleading content that the company deems as being important to call out. The platform rolled out its new fact-checking approach on May 11, around misinformation about COVID-19 which can be very dangerous. There is a lot of false statements made on all social media platforms and I think when it comes to public health this is very important. I am glad they have this safeguard in place.

However, did Twitter go too far this time? What does the law say? When this is talked about, Section 230 is always brought up. But is it out of date?

What is Section 230?

Section 230 was actually is part of federal legislation that was created 20 years ago. It has a total of 26 words. A recent Forbes article explains it this way:

They are the “26 words that created the Internet,” says Jeff Kossett, a cybersecurity law professor at the U.S Naval Academy and one of the foremost experts on Section 230.

Most fundamentally, Section 230 provides immunity to social media companies like Facebook and Twitter against being sued over the content on their site. This allows them to operate and flourish without needing to moderate content.

“Section 230 set the legal framework for the internet that we know today that relies heavily on user content rather than content that companies create. Without Section 230, companies would not be willing to take so many risks,” Kosset says.

Has social media gotten too big to regulate? Should it even be considered? What about censorship in the media? How does one ever really fact check these days when so many news outlets have their own agendas?

What do you think?

Who is Tied to This Email Address?

We have had a few requests over the years asking if there is a way to search an email address to see who it is tied to. There are actually numerous ways in which to do this on several different sites. Many of them require payment of some kind. You can try basic searches in Google, Bing and Yahoo first, however if you come up empty there, where do you go?

Interestingly enough, data breaches over the years have become an open source researchers’ best friend. In part this is due to the fact that when there is a large-scale data breach, it is often obligatory for the business to provide a site in which a user can check to see if they are part of the breach.

When searching for an email owner, we may want to know if the email is valid. Does it even exist or is it a made up, dummy email? By using some of the resources in this post, you can at least get confirmation that the email is valid. For example, if you discover the email has been part of a data breach, chances are it is a real email address. We can go one step further to say, with a degree of confidence, that it is most likely tied to other discoverable items in the deep web.

Not all data breach sites allow the user to look up another person’s email address. Most want to verify you are indeed the owner of the email address and genuinely want to know if your email has been compromised. There are a few that are not as strict. Two example sites that offer a quick and easy scan are:

Have I been Pnwed?

A quick search here will tell you if the email address has been part of a data breach or not. While it isn’t going to give you any details, it will give you a number of times it has been included in a breach of some kind.

You can see that a quick scan of this email address indicates it has been a part of 5 breached sites but doesn’t tell you which ones. It does let you know that it is most likely a “real” email address.

Avast Email Check

Another site you can try is Avast. This is one of the newest sites that provides users the opportunities to scan for a “friend’s email address”.

Marianne’s email was linked to MySpace, which leads me to think that she had an account at some point tied to this email address. I would search on the site to see if anything still exists in MySpace.

You may also want to try variations of the email address just in case you find closely configured email addresses. Use Google, Bing to search them to see what you come up with.