Although OSINT is a fundamental tool in all forms of cyber attacks, it is particularly important in social engineering. Speaking to DarkReading<\/a>, TrendMicro\u2019s vice president of threat intelligence, Jon Clay, said:<\/p>\n\n\n\n \u201cThe actors investigate their victims using open source intelligence to obtain lots of information about their victim [and] craft very realistic phishing emails to get them to click a URL, open an attachment, or simply do what the email tells them to do, like in the case of business e-mail compromise (BEC) attacks.\u201d<\/em><\/p>\n\n\n\n Many security teams already use OSINT tools to do penetration testing against their own systems to identify potential gaps and vulnerabilities a real-world hacker might be able to exploit. This helps them reduce their attack surface.<\/p>\n\n\n\n However, few cybersecurity professionals audit employees’ personal data available on the open web to measure or mitigate social engineering risk. According to Verizon\u2019s 2022 Data Breach Investigations Report, 82% of breaches<\/a> recorded in 2021 involved some form of social engineering, with phishing via email accounting for more than 60% of breaches.\u00a0<\/p>\n\n\n\n Numerous guides exist on using OSINT tools to gather intelligence and create convincing social engineering campaigns. Most specifically mention free data brokers and people search sites. <\/p>\n\n\n\n By reducing the amount of publicly available information about employees on people search sites, security teams can cut off important OSINT pathways and reduce their organization\u2019s visibility to cybercriminals. <\/p>\n\n\n\n Open-source intelligence, or OSINT for short, is the act of passively gathering intelligence from publicly available sources and tools. <\/p>\n\n\n\n These might include:<\/p>\n\n\n\n A popular OSINT methodology for finding free OSINT techniques (public records, data brokers, search engines, forums, blogs, social networks, WHOIS, the dark web, etc.) and OSINT data is the OSINT framework<\/a>.<\/p>\n\n\n\n <\/p>\n\n\n\n The OSINT framework is continuously updated, and anyone can suggest new resources via the OSINT framework GitHub page<\/a>.<\/p>\n\n\n\n OSINT has many use cases aside from cybercrime. It is a practice also used by security researchers, law enforcement agencies, and journalists. <\/p>\n\n\n\n As noted in a KnowBe4 webinar, \u201cA Look Behind The Curtain: Open Source Intelligence (OSINT) Hacking Data Sources That Bad Guys Use<\/a>,\u201d finding exploitable, real-time sensitive data during an OSINT investigation is a trial and error process.\u00a0<\/p>\n\n\n\n While some public sources offer up-to-date intel, others might host outdated or wrong data. As a result, attackers will try to connect data points to see what\u2019s likely and what is misinformation. <\/p>\n\n\n\n For example, if you wanted to verify the information on a people search site, you might see if an address they list for an individual is correct by comparing it to an address on a property record database. <\/p>\n\n\n\n Any social engineering attack, whether phishing or pretexting, starts with the attacker finding information about the target organization.<\/p>\n\n\n\n Questions like:<\/p>\n\n\n\n Knowing the answers to these questions gives cybercriminals a good idea of who has access to what systems, what context would make sense to a target, and whom the email\/text message should come from. <\/p>\n\n\n\n For example, according to the OSINT Curious Project<\/a>, more conservative organizations with stronger hierarchies might be easier to phish using an authoritarian pretext because they tend to have a \u201cdo and don\u2019t ask\u201d culture.\u00a0<\/p>\n\n\n\n Attackers frequently use LinkedIn and an organization\u2019s website to discover this information. <\/p>\n\n\n\n Other useful resources include Corporate Governance Reports (for company structure), employee review websites like Glassdoor and Indeed (company culture), partner company\/service providers\u2019 case studies (to identify whom to impersonate), and people search sites (to find out a target\u2019s interests and other relevant information that would make the social engineering campaign appear more believable). <\/p>\n\n\n\n Once threat actors know whom they want to go after, they will try to figure out their targets\u2019 contact details, i.e., their email addresses and phone numbers. After all, if an attacker can\u2019t reach their target, they can\u2019t attack them. <\/p>\n\n\n\n There are many ways for cybercriminals to find out someone\u2019s email address or phone number. Using people search sites\/data brokers is one of them. Data brokers like Spokeo have both personal and professional phone numbers and emails. They pull the latter from business directories. <\/p>\n\n\n\n Unsurprisingly, ransomware groups like Conti<\/a> have been proven to use data broker sites like SignalHire to gather information on targets, including contact information and contacts to \u201cname drop\u201d within phishing campaigns to make them look more legitimate.\u00a0\u00a0<\/p>\n\n\n\n Data brokers are a particularly valuable part of anyone\u2019s OSINT toolkit because:<\/p>\n\n\n\n What would you discover if you used open-source intelligence tools and techniques to look for human targets within your organization? An employee\u2019s phone number? That your colleague is into gourmet coffee? The name of the CEO\u2019s spouse and children?<\/p>\n\n\n\n Whatever information you find, threat actors can also see it. As attacks become more personalized, companies must work on shrinking their employees\u2019 digital footprints and removing as much public data about them as possible.<\/p>\n","protected":false},"excerpt":{"rendered":" Reconnaissance is how most cyber attacks start. Open-source intelligence (OSINT) is a powerful, free, and common way for cybercriminals to conduct reconnaissance. In an interview with the YouTube channel Russian OSINT, a ransomware group LockBit 2.0 member alluded to using OSINT tools and techniques throughout their attacks. We also know that the now-defunct Conti group […]<\/p>\n","protected":false},"author":16,"featured_media":7516,"menu_order":0,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"b2b-category":[45],"class_list":["post-7514","b2b-post","type-b2b-post","status-publish","format-standard","has-post-thumbnail","hentry","b2b-category-resources"],"acf":[],"_links":{"self":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/b2b-post\/7514","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/b2b-post"}],"about":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/types\/b2b-post"}],"author":[{"embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/users\/16"}],"version-history":[{"count":0,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/b2b-post\/7514\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/media\/7516"}],"wp:attachment":[{"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/media?parent=7514"}],"wp:term":[{"taxonomy":"b2b-category","embeddable":true,"href":"https:\/\/joindeleteme.com\/wp-json\/wp\/v2\/b2b-category?post=7514"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}What is OSINT?<\/h2>\n\n\n\n
\n
![\"OSINT](\"https:\/\/joindeleteme.com\/wp-content\/uploads\/2024\/04\/5KpkRe67EzWQv7wTRnC0RCg5fw3AIQ_TYN9dWEjG0MOVpUZ3sDQW_fvse0APBHPaj9z8MUDB3YESg_u2vgd27ooV8kvoQqkuJ48ovGOTwZbyid3FZeCD21qbxYJx-1024x877_69.png\")
<\/figure>\n\n\n\nTrial and Error<\/h2>\n\n\n\n
How Data Brokers Make OSINT Easier<\/h2>\n\n\n\n
\n
\n
\n
<\/li>\n\n\n\nManaging Your Organization\u2019s OSINT Footprint <\/h2>\n\n\n\n