How to use OSINT (Open Source Intelligence) to verify an “opportunity” in minutes???
I heard about Mr. Henry Joel, who was willing to invest $10,000 in a start-up business, without asking for anything in return, because he liked the business as it appeared on Facebook. Sounds good? Too good.
The Facebook profile looks promising (sarcasm), the person in the photo is clearly a “supportive father figure”. Although I saw a slight discrepancy between the name and the Facebook username, which appeared in the URL as facebook[.]com/azizat.opeyemi.509. Below is the profile as it appears on Facebook Messenger and on the website itself.
The rest of the profile shows some interesting photos, which reveal either “Henry’s” interest in young ladies, perhaps “Henry’s” family members or some discrepancy.
I downloaded the top left photo and uploaded it to Google Images and Yandex Images. You could also try TinEye. These sites will find similar/matching images in their database.
Visiting the websites appearing in Google/Yandex revealed the photos have been used all over the Internet by threat actors engaging in various scams.
The end. 2-5 minutes to save you some headaches.
What could happen if one engages with “Henry”? Two likely scenarios:
Advanced fee scam: “Henry” might say he is willing to send you the $10k, however would need you to send him a small fee, to cover his “expenses”. Your money gone.
Money laundering: “Henry” would actually send you money. More than $10k, and would ask you to send the remaining funds to somebody else via a remittance service or to a compromised bank account. “Henry” in reality would be willing to sacrifice $10k, they stole from someone else, to keep the rest. As soon as you send the money to someone else it may appear “clean”, as it is coming from a person who has not (yet) been identified as a person involved in financial crimes. It is highly likely the financial institution you are using would flag the incoming money as “tainted”, after the victim whose money was stolen reported it.
There are other forms of scams. In fact there are new twists and turns and versions of new and old scams. The Australian Government maintains a list of the trends. Another great source of wisdom is Brian Krebs‘ website.
Whenever you engage in OSINT research the very least enable third-party cookie blocking, use “Private” browsing in Mozilla Firefox or “Incognito” browsing in Brave. These will not hide your I.P. address, but will provide some tracking protection. Better yet use the TOR Browser, which provides stronger privacy. Remember there is no perfect anonymity, just good OPSEC (Operational Security) 😉