The OSINT Newsletter - Issue #70
Finding company information by mining public job listings
👋 Welcome to the 70th issue of The OSINT Newsletter. This issue contains OSINT news, community posts, tactics, techniques, and tools to help you become a better investigator. In this issue, we’ll cover the following:
Deceptive techniques by fake LinkedIn accounts
AI generated images for products online
An OSINT crackdown boiling in Indian
Pivoting from favicons to OSINT using a new tool (better than fav-up)
Exploring the dark web using AI
A legitimate source for leaked documents
⚡ Finding company information by mining public and private job listings
🪃 If you missed the last newsletter, here’s a link to catch up.
⚡ Investigating the identity behind an Ethereum wallet using OSINT
Let’s get started. ⬇️
OSINT News
📰 Fake LinkedIn Profiles Used Deceptive Technique to Appear Legitimate
LinkedIn allows you to add a website to your biography. This will create a hyperlink to allow searchers to pivot to your website. Fraudulent accounts are using this to fake how many connections and followers they have. Be on the look out for this deceptive technique.
🎩 H/T: Richard King
📰 Don’t Get Scammed! Tips For Spotting AI-Generated Fake Products Online
On the note of fraud, AI generated product images are also becoming more prevalent. If you don’t know what you’re looking for, you can easily get scammed by these attempts. Bellingcat does a deep dive into this phenomena.
🎩 H/T: Kolina Koltai
📰 Crackdown on OSINT Platforms Using Leaked and Dark Web Data: Police and Central LEAs to Take Action
OSINT platforms have been lumped in with leaked data providers and other grey hat options. Indian law enforcement agencies are starting to take action. This is something I thought would affect the OSINT industry sooner and in more data privacy-centric countries. A sign of more to come.
🎩 H/T: Titiksha Srivastav
OSINT Tools
🔎 Favicorn
Tools like fav-up have allowed you to pivot from favicon to IP addresses using Shodan. Favicorn takes this a step further and checks it across several sites including VirusTotal, ZoomEye, CriminalIP, and more.
🎩 H/T: sharsil
🔎 Robin
Dark web data is notoriously hard to discover, process, and analyze. Sources go up and down, data is fragmented or difficult to scrape, etc. Robin is an AI CLI tool for dark web OSINT, using LLMs to refine queries, filter results, and summarize findings. It makes this process a whole lot easier.
🎩 H/T: Apurv Singh Gautam
🔎 Library of Leaks
Library of Leaks is a repository of leaked datasets. Some information is publicly available, other information requires you to have an approved login. It’s presented by a non profit and the stakeholders are identified by their actual names (a good sign).
🎩 H/T: Distributed Denial of Secrets
✅ That’s it for the free version of The OSINT Newsletter. Consider upgrading to a paid subscription to support this publication and independent research.
By upgrading to paid, you’ll get access to the following:
⚡ Finding company information by mining public job listings
Job postings can often tell you a lot about what a company is doing, planning on doing, or has done in the past. In this issue, you’ll learn how to mine public job postings using several methods. You’ll also learn how to streamline the analysis of job postings to produce competitive or investigative intelligence using AI.
👀 All paid posts in the archive. Go back and see what you’ve missed!
🚀 If you don’t have a paid subscription already, don’t worry there’s a 7-day free trial. If you like what you’re reading, upgrade your subscription. If you can’t, I totally understand. Be on the lookout for promotions throughout the year.
🚨 The OSINT Newsletter offers a free premium subscription to all members of law enforcement. To upgrade your subscription, please reach out to LEA@osint.news from your official law enforcement email address.
Keep reading with a 7-day free trial
Subscribe to The OSINT Newsletter to keep reading this post and get 7 days of free access to the full post archives.