2021 saw record figures for data fraud and leaks, and with personal and corporate data continually finding its way onto black markets, we need to be discussing how it gets there.

The problem is that most stolen data isn’t hacked in the traditional sense; it’s elicited through social engineering strategies which trick or coerce victims into inadvertently giving up their security credentials.

As we take footsteps towards the web3 era, the scope for security threats and data exploration are bound to grow and diversify exponentially. In light of this, analysts must now be ready to adopt the latest methods of investigation such as OSINT to keep up and deal with the increasingly aggressive digital environment.

Let’s have a look at the developments that unfolded in April.

Voters Lose Their Anonymity as Polling Info Leaks onto the Dark Web

A lot of parties have a vested interest in the analysis of public sentiment. And for many, when the attainment of such data is crucial, the ends may justify the procurement means. So, it should come as no great surprise that voter identities have now become a tradable commodity. And one which is in high demand.

However, what may be surprising is the price. You probably spent more on your last lunch than it would cost to buy the voter identities for an entire state. You can get the entire Florida voter database of 12.5 million individuals for $10, and get hold of equivalent info US for an array of federal states – amounting to 107 million US voters – an average price of $8-15 each.

As of yet, details on whom the individuals voted for is not inclusive, but a selection of other data is. According to the Privacy Affairs research, you can determine which elections each individual voted in, as well as their voter ID, full name, addresses, gender, DoB, and citizenship, which is considerable for analytical purposes.

How the Data is Used

Of course on one level, such data can be used for antisocial or anti-state purposes: threat actors could use the information in identity fraud or attempts to destabilize regimes. Yet other  parties such as politicians also naturally have an interest in understanding the voting demographic. Public policy strategy consultants buy up such databases to analyze public sentiment and build predictive models for the upcoming elections.

Based on voter data and history, analysts can determine who should be targeted for political marketing in a particular state, district, and area. For example, those who tend to vote early or have changed their address may most likely be urged to vote for the ‘right’ candidate via promotion campaigns or door-to-door agitators.

Since the 2008 U.S. elections, political campaigns have become increasingly data-based, and consequently, those who acquire voter information gain a substantial strategic advantage in campaign planning.

New Browser-In-The-Browser (Bitb) Phishing Attack Hitting Internet Users Heavily

Phishing scams have long depended on their ability to be mistaken for legitimate items. Traditionally, they have most commonly taken the form of emails from banks, which look authentic, but are in fact bogus. The latest development on this strategy is a tactic whereby the phishing platform poses as a browser.

It is very difficult for typical internet users to distinguish a browser-in-browser phishing site from a regular browser action window. Believing that they are just logging into google or Facebook, victims unwittingly disclose their login details to the scammers, which can provide access to the sensitive data of individuals or entire organizations.

Hydra’s homepage after seizure

At the time of the seizure, Hydra managed 19,000 drug sellers supplying 17 million customers from all over the world. The Central Office for Combating Cybercrime (ZIT) and Germany’s Federal Criminal Police Office (BKA) report that Hydra had a turnover of $1.35 billion in 2020, making them the largest drug marketplace in the world.

💡

Though the Hydra marketplace may have been taken down, there is still a huge amount of valuable information on the illegal trading that it oversaw. SL Professional provides search methods for conducting retrospective Hydra checks. By revealing masses of information on Hydra buyers, sellers, and transactions, law enforcement investigators can make significant progress in drug cartel cases.

Facts of the Month

Social media cyber attacks rose by 103% in 2021, making it another record-high year for criminal activities in the cyber domain.

social media attacks
Number of attacks every month in 2021

💡

SL Professional delivers multiple tools for data leak detection, both on darknet marketplaces and popular messengers such as Telegram. The software can monitor whether your corporate or personal data has been leaked and provide early notice for breach containment. This can save millions of dollars.

The number of fraud attacks targeting payment processing increased by 70% in 2021, while the volume of fintech transactions surged by 121%.

payment fraud osint
Digital services plagued by payment fraud

  • FBI reports $7 bln Losses through Investment Cyber Fraud in 2021
    Investigators consider that the modern state of routine – and personal – cybersecurity is so weak that the number may hit new records in the years to come.

  • QR Codes Luring the Unsuspecting to Phishing Sites
    Few people think twice before putting their camera lenses toward QR codes. However, you never know what might be behind the visual code.

  • Cybersecurity Magazine Posts Their Top-7 Cryptocurrency Exchange Risks
    Among usual phishing and scam issues, the experts highlighted the problem of unregulated cryptocurrency exchanges. However, recent events show that even well-known and regulated crypto exchanges may disappoint their customers.

  • The OSINT Landscape 2022
    Bringing together 12 areas of application and 120 companies, tools, and platforms, our team mapped out the lay of the land so you can make sense of the current OSINT sphere as a whole.

And that’s a wrap for our April Digest. We hope this month’s edition has given you some food for thought. Watch this space for more OSINT-related news.

💡

Interested in learning more about how OSINT can assist your business in reaching its full potential? Simply fill out the form, and we’ll get back to you quickly to arrange a full product demonstration!