The OSINT Newsletter - Issue #34
How to do higher fidelity reverse username searches that reveal profile information, images, and more
๐ Welcome to the 34th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. My goal with this newsletter is to help promote the OSINT industry, develop better investigators, and raise awareness of ethical use cases for open source intelligence.
๐ The OSINT Newsletter is now over 10,000 subscribers. This is the first โbig boyโ milestone for any newsletter. I canโt thank you enough for helping me achieve it. Next year will be an amazing year. Just wait for the surprise in March.
๐จ Next Monday, December 18, will be the last issue of The OSINT Newsletter for this year. Iโll be going heads down in the last 2 weeks of the year finalizing the print version of the newsletter and enjoying some time with friends and family.
๐ Geolocation challenge
In what city was this image taken? What are the specific coordinates?
The first person to provide the correct city gets 1 month of paid access to The OSINT Newsletter for free. The person with the closest coordinates to where the image was taken from will also get 1 month of paid access.
Bonus: When was this image taken? Month and year are fine.
๐ Reply to this email with your answer; winners will be announced on Friday (or Saturday).
For those of you reading this on Substack or for those who subscribed after this issue was released, use the Substack comment section instead.
๐ช If you missed the last newsletter, hereโs a link to catch up.
Letโs get started. โฌ๏ธ
OSINT News
๐ฐ Meta Adversarial Threat Report
If youโre looking to stay on top of the latest trends in nefarious activity online, the Meta Adversarial Threat Report, which is published quarterly, is a great start. OSINT isnโt just about tools and workflows, itโs about having the context to know when to pivot and to where. This is a great resource for staying current.
๐ฉ H/T: Meta, Benjamin Strick
๐ฐ How to Not Get Hacked by a QR Code
Since COVID, QR codes have become much more mainstream (at least in the United States) and are being placed everywhere in public settings from restaurant menus to airport kiosks. Itโs very easy to just slap a sticker on top of an existing QR code with a malicious QR code and infect users. This guide from Wired shows you how you can improve your OPSEC when faced with this risk.
๐ฉ H/T: David Nield
๐ฐ The BBC is building a large OSINT team
Open source intelligence and visual investigations have become more common in large news organizations. The BBC published an update stating theyโre building a large OSINT team at the BBC for more investigative journalism. This is a huge step in the right direction for higher quality, more detailed investigative reports.
๐ฉ H/T: Deborah Turness
๐ฐ How to Recognize AI-Generated Pictures, Videos, and Audio
With the rise of AI, the fidelity of fake accounts is rising. Gone are the days when you could upload a GAN to your profile image, create a sock puppet, and get to work (on whatever your goals are). Things have gotten more sophisticated and itโs important to know how to detect these AI-generated images not only for better OPSEC on your sock puppets but also to spot them in the wild when you see them.
๐ฉ H/T: Social Links
OSINT Tools
๐ nzz-maps
nzz.ch has a Ukraine map that contains information produced from LiveUAMap. This script scrapes the data from the nzz.ch map which serves as sort of a workaround the LiveUAMap API, which is paid. If youโre monitoring conflict and need data (for ethical reasons), consider giving this tool a shot.
๐ฉ H/T: Conflict Investigations
๐ฅ๏ธ Human or AI?
This is a fun exercise to test your visual recognition of sock puppets. Human or AI? shows you images of profile pictures. You have to guess which ones are AI-generated and which ones are real. At the end of the quiz, it lets you know how you ranked across other test-takers.
๐ Global Anti Scam Organization Blocklist
If youโre building a tool or use a tool that processes IP addresses and URLs, consider adding this list of scam-related IPs and URLs to your list. This is a good way to increase your OPSEC, improve your overall security, and build really cool tools to provide insights and data.
๐ฉ H/T: Wu Tingfeng
OSINT Community
๐บ How to Use ProPublica's Nonprofit Explorer News App
If youโre looking to search for documents, specifically Form 990s and other tax records, watch this video on how to use the Nonprofit Explorer News App from ProPublica.
๐ฉ H/T: Charlie Ornstein, ProPublica
๐ฆ This Woman Does Not Exist
This is an interesting case study in the use of AI-generated images for profiles. In this example, Lauren shows how an engineer at Coinbase, who does not exist, was a featured speaker at a conference.
๐ฉ H/T: Lauren Ingram
๐ฆ The Risk Of Moral Injury In Open-Source Researchโ with Hannah Storm
If youโre doing investigations into topics like conflict, child exploitation, and other subjects that contain graphic material, itโs important to maintain your mental health. In this interview with Bellingcat, Hannah Storm discusses her research on the topic and provides some general, non-medical guidance.
๐ฉ H/T: Hannah Storm, Bellingcat
๐ฆ Have you heard about the new "similar channels" feature in Telegram?
Dmitry explores a network graph of the โsimilar channelsโ feature in Telegram using a tool heโs developing for investigations. Often times visualizations help us see the signal in the noise.
๐ฉ H/T: Dmitry (Soxoj) Danilov
โ Thatโs it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, youโll get access to the following:
โก How to get higher fidelity reverse username searches that reveal profile information, images, and more.
This issue contains advanced reverse username methods for:
Instagram
TikTok
Truth Social
๐ You get access to all paid posts in the archive. Go back and see what youโve missed!
๐ If you donโt have a paid subscription already, donโt worry thereโs a 7-day free trial. If you like what youโre reading, upgrade your subscription. If you canโt, I totally understand. Stay tuned for the geolocation challenge in next weekโs issue to get a shot at free access.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.