Latest Posts

  • 22 May 2022 • 6 min read

    Gumtree and Australia Post Credit Card Scam

    A cunning scam targeting people selling online is going around on WhatsApp. The con is remarkable because it operates with professionally designed phishing pages and tailored chat messages. The criminals’ goal is to get the credit card details of the unsuspecting sellers on Gumtree, eBay and other marketplaces.

    This OSINT analysis found a novel hosting infrastructure, many targeted brands, and strong ties to Russia.

    Read more
  • 19 Jan 2021 • 4 min read

    tfvpn ⁠–⁠ A self-hosted VPN for OSINT investigations

    Protect your privacy and keep expenditures low during OSINT investigations with tfvpn, a VPN automation project allowing an effortless deployment of self-hosted VPNs in the cloud.

    Read more
  • 28 Oct 2020 • 3 min read

    Full Address Search with the Unclaimed Money Portal

    Various government organisations are providing a convenient service to find unclaimed money. People in Australia can visit these websites looking for funds that could be owed to someone alive or deceased. The unclaimed money finder service is rather useful to ascertain whether someone owes you a few hundred dollars here and there. Each state of Australia is providing this handy lookup service at everyone’s disposal.

    When it comes to OSINT, however, these unclaimed money search engines allow investigators to discover the registered addresses of its subjects under investigation.

    Read more
  • 23 Oct 2020 • 7 min read

    Bulletproftlink - A phishing service from Malaysia (Part 3)

    How lucrative is being a phishing service operator? How the facade of his professional life look like? Today, we review how much money can be made with phishing in merely two years and how large the Bulletproftlink operation is.

    Read more
  • 23 Oct 2020 • 6 min read

    BulletProftLink - A phishing service from Malaysia (Part 2)

    How the phishing campaigns ran by ‘thegreenmy87’ is linked to a bulletproof hosting provider? Who is responsible for the phishing campaigns facilitating identity theft? How could we pinpoint an individual behind ‘Anthrax Linkers’? We provide further insight into a long-running scam operation in this article.

    Read more
  • 23 Oct 2020 • 5 min read

    BulletProftLink - A phishing service from Malaysia (Part 1)

    Today’s OSINT investigation involves a talented young hacker, who slowly turned into the operator of a large-scale phishing network. What we found on the surface is a story of a happy father, who facilitates identity theft when nobody is looking. In this article, we demonstrate how we managed to track down the operator of this phishing operation called ‘Bulletproftlink’.

    Read more

Subscribe via RSS