OSINT For and Against Fraudsters: Two Sides of the Same Coin

Is open source intelligence (OSINT) a force for good or simply a dream come true for fraudsters? Actually, it’s both. Between the media, the internet, public government data, professional and academic publications, commercial data and grey literature (such as technical reports and patents), there is a vast amount of information available. OSINT takes that information and analyses it, producing actionable intelligence for law enforcement and security teams–but also for those trying to evade them.

The potential of OSINT for harm and for good has led to the creation of a treasure trove of web-based tools and techniques. Automation has accelerated the development of many of these, particularly as a result of OSINT’s potential for data enrichment. This has led to a race between fraudsters and those fighting them to see who can best use OSINT to their advantage.

Adding to this complex landscape are the continually evolving regulations that govern the global financial services, banking and commerce sectors. Each time a new payment regulation comes into place, for example, it can give rise to a liability shift that merchants, banks and card networks must factor into their operations–and that fraudsters can potentially exploit.

OSINT use by Fraudsters

Instances of fraud are rising. PwC’s 2022 Global Economic Crime and Fraud Survey saw organizations report the highest prevalence of fraud in the past 20 years. A staggering 51% of those surveyed said they had experienced fraud in the past two years.

OSINT is certainly playing a role in enabling fraudsters to expand the scope of their ambitions, with increasing automation making it easier for them to undertake a wide range of tasks. Phishing, spear-phishing and whaling all become much easier when using information gleaned with OSINT tools. Indeed, LinkedIn is now the most impersonated brand for phishing attacks, with cybercriminals focusing their efforts on the information available on social media.

Examples of the use of OSINT by fraudsters include:

· The use of search engines to discover sensitive information
· The use of social media to harvest personal information
· The use of public databases to find out about a business and its employees

Fraudsters also use OSINT to identify vulnerabilities and to plan attacks, seeking new ways into company systems, often supplemented by social engineering based on details gathered via OSINT. According to this study by Verizon, 82% of data breaches involve some form of social engineering (Verizon, 2021).

Using OSINT Against Fraudsters

The amount of information available to fraudsters using OSINT is vast, but it is also available to those who are combatting them. OSINT can play a key role in supporting businesses to ensure they are only dealing with legitimate customers, for example. It can be used for simple checks, such as verifying a credit card user’s identity, or for more detailed know your customer (KYC) checks, where OSINT-powered reverse email lookup can identify who is legitimate and who is a bad actor.

Data enrichment tools drive this process. They can begin with a single piece of information, such as an email address, phone number, or IP address, then build a full profile of an individual from that starting point. This enables businesses to carry out robust analyses of potential customers without introducing more friction into their processes.

As well as using OSINT for customer due diligence, businesses can also use it to seek out vulnerabilities in their own systems. They can then address any vulnerabilities that they discover before cybercriminals exploit them.

OSINT can also help organizations to identify data breaches, as well as back up decision-making processes. These multiple uses mean that many organizations rely on OSINT as part of a robust approach to their cybersecurity.

The Final Word

OSINT presents both an opportunity and a threat for many modern businesses. Organizations that embrace the technology’s data enrichment potential can strengthen their KYC and customer due diligence processes, as well as strengthen their cybersecurity. Organizations that ignore the potential of OSINT, meanwhile, do so at their peril.

Avatar photo

Jimmy Fong

Jimmy Fong, CCO at SEON, is a young veteran in the fraud detection space. The last three leading fraud and payments startups he has been involved in have been acquired by Visa, Ingenico and American Express. He’s a regular speaker on disruptive technology in the fintech space and a massive advocate of flattening the tech barrier for merchants and financial institutions to fight fraud effectively. A graduate of Edinburgh University, he looks to marry his passion for tech with doing a bit of good in the world.

jimmy-fong has 1 posts and counting.See all posts by jimmy-fong