The OSINT Newsletter - Issue #56
Using a mobile carrier to turn an email and a last name into a partial phone number
👋 Welcome to the 56th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. My goal with this newsletter is to help promote the OSINT industry, develop better investigators, and raise awareness of ethical use cases for open source intelligence.
🚨 I’m taking a break from OSINT Tool Tuesday and switching back to OSINT methods and techniques for paid content. I’ll pick up OSINT Tool Tuesday again this summer. You’ll see paid content in this issue and moving forward.
🪃 If you missed the last newsletter, here’s a link to catch up.
Let’s get started. ⬇️
📰 Phishing Attacks Exposed: Essential OSINT Investigation Tactics
Master practical OSINT techniques and tools for uncovering phishing schemes, an old yet effective threat. Knowing how to analyze phishing campaigns is crucial for OSINT analysts as attackers become more sophisticated each year.
Analyst Note: If you want to practice your OSINT skillset, consider setting up a honeypot email to collect phishing attempts; then, use your skillset and toolbox to investigate the emails sending you phishing attempts.
🎩 H/T: Ervin Zubic
📰 NYU researchers studied how Kiwi Farms harassment attacks were sustained through the site's anti-abuse systems
NYU researchers used data from Open Measures to investigate the sustained harassment attacks by Kiwi Farms, an online forum dedicated to harassment. Kiwi Farms' content policies and archiving practices enable continuous activity and easy reactivation of harassment threads.
Analyst Note: Open Measures’ free tool can help you analyze social media content at scale, identifying several disparate connections between influence campaigns on alt-tech websites.
🎩 H/T: Open Measures
📰 Dubai Unlocked
Dubai has become a hub for individuals accused of criminality and corruption, as revealed by the Dubai Unlocked investigative project. Leaked data shows that money laundering and fraud suspects have invested millions in Dubai real estate.
Analyst Note: This is one of the most comprehensive case studies I’ve read that uses open source investigative techniques in the financial sector. If you’re interested in getting your CAMS certification or are in general interested in investigating fraud, study this example closely.
🎩 H/T: OCCRP
📰 List of recommended OSINT newsletters
Here are some recommended newsletters for quality OSINT updates from OSINTMe. I’m humbled to see The OSINT Newsletter on this list.
Analyst Note: Using tools like Inoreader, you can subscribe to several newsletters and aggregate the content into a single pane of glass. You can customize your filters and rules to only read content that is relevant to your use case.
🎩 H/T: Maciej Makowski
📰 How to Use Free Satellite Imagery to Monitor the Expansion of West Bank Settlements
Free satellite tools can help monitor settler expansion in the West Bank, despite lower image quality compared to paid options. Tools like Sentinel Hub EO Browser and Google Earth Pro, along with resources from NGOs like Peace Now, provide valuable insights into settlement activities.
Analyst Note: If you’re looking at analyzing structures the size of a standard building or larger, free satellite imagery is sufficient. Only when analyzing details like human movements, vehicles, animals, and other objects do you find issues with low-quality satellite imagery. You can see elephants in Africa using Google Earth, for example.
🎩 H/T: Annique Mossou
📰 Navigating the Crypto Jungle: How to Investigate a Trail of Bitcoin
Bitcoin is stored in "Wallets" identified by unique alphanumeric addresses. Despite blockchain transparency, wallet owner anonymity complicates investigations. A wallet identified as belonging to Gate.io channels funds to 12bZ39, with transactions tracked using Breadcrumbs for basic history details.
Analyst Note: Bitcoin wallet investigations are another place to practice your skillset and toolbox without needing to have access to any paid database.
🎩 H/T: Thomas Caliendo
📰 How to Quickly Find Website Subdomains without any tools
Using the rhost operator on Yandex, Saad shows you how you can find subdomains for any website without using paid tools like SecurityTrails, etc.
Analyst Note: Once you’ve found a list of subdomains, don’t forget to check the Wayback Machine to see if those pages were different historically; additionally, make sure to check those subdomains to see if you can find the IP address behind it.
🎩 H/T: Saad Saraj
🧰 Darkus
Darkus aggregates the results of several dark web search engines into a single tool that you can install locally and run as a web app.
Analyst Note: Dark web search engines on the surface web notoriously have poor results. This tool is great as a spot check or to learn but is unlikely to uncover anything high fidelity.
🎩 H/T: Luca Garofalo
🌟 Sponsor: UserSearch Premium
No Code, No API Keys, No Sales Calls — Pure OSINT at your Fingertips.
Check out why UserSearch Premium is growing so fast. A new type of solution, for a new era.
✅ That’s it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, you’ll get access to the following:
⚡ Using a mobile carrier to turn an email and a last name into a partial phone number
👀 All paid posts in the archive. Go back and see what you’ve missed!
🚀 If you don’t have a paid subscription already, don’t worry there’s a 7-day free trial. If you like what you’re reading, upgrade your subscription. If you can’t, I totally understand. Be on the lookout for promotions throughout the year.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.