OSINT — what is it and how to make it difficult (for adversaries)?
OSINT is an activity involving the collection of information from publicly available sources, its analysis and subsequent correlation. In short, if we want to find out more, sometimes much more, about a person or a company without leaving any traces behind, OSINT is just that.
The spectrum of OSINT activities is enormous, and there are also many tools to facilitate the acquisition of publicly available information. Many of these have been aggregated at https://osintframework.com/. In this article, however, we will focus on preventing OSINT quickly and increasing our privacy on the Internet.
Deliberate misinformation
Sometimes we need to get information from a source, but before that we need to give basic data. Usually, the fields required in the form include information such as name, surname, email address and sometimes also a telephone number. However, the information given is subject to potential leakage in the event of a hacking attack, and sometimes some of it can simply be Googled. If we do not trust a site that requires such data, or simply do not want to be disturbed by pushy spam marketing, we can use a service that generates a false identity on request. An example of such a service is https://www.fakenamegenerator.com/.
This service makes it possible to generate not only the data already mentioned, but also other data that may prove useful in the registration process, and we do not have the time or willingness to invent them ourselves, let alone give true data. These are e.g. birthday, age, user name, financial data (payment card data), workplace or favourite colour.
Deleting your accounts from the Internet
Sometimes it happens that we set up an account somewhere because we have been persuaded to do so by a friend or out of pure curiosity to verify what the service offers. After some time, however, we stop using the service actively and want to delete our account and at the same time get rid of the regular mails sent to our e-mail box. If you don’t know how to do this, or if you don’t have time to break through the setting jungle, it’s worth using https://backgroundchecks.org/justdeleteme/ . It aggregates hundreds of services with a brief description of the steps you need to take to delete your account, if at all possible. Sometimes the solution will be a direct link to this setting. Another time, you will have to contact the support of the service provider concerned.
Another way to delete an account is to use a document prepared by Michael Bazzell. The document contains short descriptions of many services (mainly American) and how to unsubscribe from them. The last update was in June 2020.
Still logged in?
Sometimes it is worth checking whether we are currently logged into a service, even though we are not aware of it. This can happen when you do not log out of a service but close a bookmark in your browser or your entire browser. Nevertheless, due to the settings of the service (cookies, duration of the user’s session) we will remain logged in to the service for the next days and sometimes months. Then basically any person using the same computer, but also an attacker who has accessed the system, can access our account without logging on. You will simply be logged in once you have accessed the service page. By default, Battle.net does not log out its users for a very long time — counted in weeks. In order to prevent this type of situation, it is worth going to https://robinlinus.github.io/socialmedia-leak/ once in a while to check if, apart from Gmail (because we are just reading the e-mail) or Skype running in the background, we are still not logged in to Amazon, although we were shopping a few hours ago and have actually forgotten about this fact. From the OSINT point of view, we are reducing the chances of third parties following our activities in some of these services.
Facebook hardening
We are now starting a search in social media to find out more about a particular person. The most popular one is of course Facebook. Therefore, if we make too much information about ourselves publicly available there, we become an easy target for OSINT activities. It is therefore worth configuring your account in such a way that you do not give unauthorised people access to data which would, first, help them identify us correctly and, second, as a result of their analysis and correlation, the attacker would gain knowledge which would make it likely they would effectively attack us. It is, for example, referring by e-mail (phishing) or through Messenger to facts known to a small number of people (most often our friends), and so important that out of curiosity we open a malicious attachment or click on a link to the page when someone refers to this data. You will find a summary of all privacy settings at https://www.facebook.com/privacy/checkup.
Reviewing these settings and possibly modifying them to increase your privacy on this site should be one of the first things you do after reading this article.
Another setting available on this website is the ability to control who Facebook is trading our data with. Like most users, we may not be aware that this is happening. However, it is worth checking periodically whether something new has appeared in this place and if we do not use this functionality simply remove the related companies https://www.facebook.com/off_facebook_activity/.
These are just a few ways of improving your own safety on the Internet. For those interested in on-line privacy and other security maniacs, I can recommend the following pages, which extend the issues raised here considerably: https://www.privacytools.io/ , https://ssd.eff.org/ and https://proprivacy.com/guides/the-ultimate-privacy-guide.
