- Rescana Engineering
Think twice before you post that picture – check out SOCMINT (social media OSINT).
These days, we share more of our personal information online than ever before — in most cases, without even realizing it. In fact, Open-Source Intelligence (OSINT) makes up around 90% of all the information gathered by intelligence agencies and services — in other words, it’s all the info we’re sharing ourselves.
For the average Internet user, most of the personal information they’re making available publicly consists of SOCMINT — a sub-section of OSINT that focuses on open-source intelligence from social media.
And while most corporations’ VIP executives take great care when it comes to cybersecurity at work, protecting against malicious actors that are skilled at utilizing OSINT and SOCMINT is another thing entirely. With that in mind, we’re going to talk about the basics of SOCMINT right here.
Who uses SOCMINT?
Intelligence gathering is usually done for a specific goal or reason, and SOCMINT is no different, the following are a few well-known use cases.
· Government and law enforcement agencies may use SOCMINT to find affiliation to terrorist groups or criminal gangs.
· News agencies and Activist groups such as Bellingcat - perform various investigations into war crimes and sometimes debunk fake publications.
· Cyber security companies - to track malicious actors and their activities.
· Banks use SOCMINT for “KYC” (know your customer's process) and to target wealthy customers.
· Hackers – use SOCMINT to perform recon on their targets before a social engineering campaign.
Social Media Content Types
There are various types of content people create and interact with on social media:
● Comments and posts — the text paragraphs created for public viewing by other users. These often include geographical info about those who post them.
● Replies — text messages posted as a reply to another post or comment.
● Videos and images — multimedia content in the form of audio, images, and videos.
● Social interactions — the actions that make up the essence of social networking by connecting people on platforms in various ways (friend requests, follows, etc.)
● Metadata — the sum of all user actions and interactions on a certain platform and the resulting data; like times and dates of various posts, uploaded multimedia content, geolocation data, information about the devices used to access the platform, etc.
While users can restrict access to some of these content types through privacy settings, they often don’t do so in practice — and it’s impossible to hide all information, especially metadata.
Classifications of social media platforms
All social media platforms have something in common — the “social” aspect that’s used to connect people over the Internet. However, in reality, the now numerous websites under the “social media” umbrella are different from each other in various ways, most notably in their functionalities. We can roughly differentiate between these types of social media platforms:
● Social networking — websites like LinkedIn and Facebook, where people connect with brands and other people.
● Photo sharing — websites like Flicker and Instagram, where people share photos and images.
● Video sharing — websites like YouTube or Twitch, specifically designed for the sharing of videos and live video broadcasts.
● Blogs — informational websites like Blogger and WordPress, where people create sets of written posts on a certain subject or topic.
● Microblogs — websites where people post short text snippets shared with their followers, such as Twitter.
● Forums — the oldest form of social media, where people exchange communication in the form of message boards. Today, Reddit is a notable example.
● Social bookmarking — websites like Pinterest and Atavi. Similar to typical browser bookmarks, but designed to be shared with others.
● Service and product reviews — websites like Yelp, designed for users to give feedback about services and products.
Online Facebook Search Tools and Services
Considering Facebook’s status as the most popular social networking website, it’s no wonder there are plenty of SOCMINT tools highly detailed searches:
● Facebook Graph Searcher by Intelligence X — it allows you to search Facebook posts by unknown users, times and dates, and even specific topics.
● Sowdust — allows you to use the Facebook search function to find posts from specific pages, users, groups, locations, dates, and keywords. You can also search for photos and videos.
● Lookup ID — a service for finding personal IDs on Facebook. You’ll need this ID for most other search tools we’ve mentioned here.
● Facebook Barometer — provides you with detailed insights and statistics on specific pages and profiles.
Online Twitter Analysis Services
As the world’s premier microblogging platform, Twitter has plenty of OSINT information about its users. And here are some of the services you can use to analyze it:
● All My Tweets — allows you to see all tweets posted by any public Twitter account on a single page.
● Trendsmap — lets you see all the most popular keywords, hashtags, and trends on Twitter for any location in the world.
● First Tweet — shows you the first search result for any link or keyword on Twitter.
● Social Bearing — provides you with an analysis of the Twitter follower base of any specific account (up to 10,000 followers).
Tinder and other dating sites
Most people don’t think of dating apps and websites like Tinder as a great breeding ground for OSINT data — after all, you can’t browse profiles on most dating websites publicly and freely as you could on Twitter, Facebook, or Instagram.
However, disregarding the potential for the data collection on these websites is a grave mistake most people make when considering their personal cybersecurity pain points and vulnerabilities. In reality, even username data is enough to cross-reference with other online websites and gather valuable information from other, less secure sources.
Also, more sophisticated personal phishing methods often use dating websites because of how open people are to a conversation with strangers on these platforms — after all, there’s no real way to verify whether a person is who they say they are on most of them.
With this in mind, it’s important to use dedicated usernames on every dating site — usernames you won’t reuse on any other email account or social media platform. Also, as a company executive, it’s important to be wary of any lines of questioning that could lead you to reveal personal information vital for your cybersecurity. As much as possible, practice caution while posting images and photos — these are often used for reverse image searches that can reveal your location.
Conclusion and Recommendations
Today, information that individuals willingly — and sometimes unwittingly — share on social media is the backbone of OSINT-based security. Any high-stakes executive or decision-maker who needs to be particularly wary of their Internet security must always be vigilant about what kind of content they share on which social media platforms. Even people who consider themselves savvy at cybersecurity are routinely stunned by how proficient malicious hackers have become at exploiting even the (seemingly) most frivolous SOCMINT information. You might also want to check out AVG’s “Breach Guard” which helps individuals protect their online privacy and Identity.