There comes a time in some OSINT investigations where we have accurately identified our target’s profiles, lifestyle, and communication platforms, but we still aren’t quite to the point of pinpointing where our miscreant is exactly.
While many methods exist for utilizing the data, we have to get to the next step of our investigation. Today we are going to focus on a much overlooked strategy in getting more information on our target: just asking them for it.
Let’s take xXfakecardscammer420Xx as an example (have no doxing fears, our card stealing enemy is a fictional character). We’ve gotten a little intel on our target’s life and determined he’s an avid online gamer, cannabis fan, and lover of Subarus.
Today we are going to be focused on exploiting the things our target has an emotional attachment too. Similar to what we’ve talked about in earlier blogs, when one feels like they share a common interest with someone, their operational security lowers and they become more comfortable with this “like-minded friend”.
First, we will determine a vector of attack. We know he’s an avid gamer. Could we use this to our advantage?
Let’s look at his steam profile:
468 Hours on Counter-Strike, this guy seems like a fan.
Oh and even better:
Seeing as our target is playing a game that is free to play and online as well, we could easily join the game he is in and listen in to his chatter if there is any. (There are other forms of identifying attacks, but today we are focusing on the OSINT/HUMINT aspects)
After donning a new avatar of the Subaru WRX weed racer, we can join the server.
This is where things get interesting and people overlook something super simple. Sometimes we can get our target to tell us about their life. We have an advantage because we know what he likes. Jumping into the conversation at the right time and mentioning the cars or hobbies he likes could get him to respond more passionately.
“Oh I had a Subaru WRX for a couple of years, but had to sell it to pay for court stuff…”.
“My brother raced Subarus for a while but got banged up and smokes weed to kill his neck pain…”
There’re a million different things we could say, but the point is we are armed with some data on the target and what he’s got some passion about. By knowing this with a web search or two, we can ask questions and engage our target until he’s found a “like-minded friend.” This is when we can steer the conversation to his life.
“Man, I love our local pizza place, superPi Pizza, it’s the antidote to the ultra munchies! Fakecardscammer420 you got any awesome local pizza places where you live?”
“Was at the track the other day and some guy completely blew out his Corvette motor racing some kid in an STI. You guys have a track where you live?”
With our OSINT-earned knowledge, we can gain our target’s trust and exploit the weaknesses in his emotional human psyche. While the story above is all fictitious, it’s a very real style of attack vector we’ve seen used to great effect against all sorts of targets from all walks of life.