Today we’re going to talk about applying OSINT techniques and demonstrate how valuable preventive measures really are in business when checking up on potential partners.

This case is based on a true story. In order to preserve confidentiality, all personal data was changed to fictional and are not real.

Let’s be carried away in our thoughts to an IT trade-show in Los-Angeles and imagine you’re an exhibitor there. So at the event, there comes a visitor — Mr. X, he gives you his business card and suggests scheduling a meeting to discuss technical peculiarities of your solution. This business card also has Mr. X’s company name — T company, and his phone number.

This guy seems rather pushy to you, so right before this scheduled meeting you decide to learn more about him and the company he represents.

Well, let’s get it started!

You have a phone number in that business card +1234567890.

Now let’s launch Lampyre and run all the ‘Search by number’ requests. Then we’ll try to verify other data in that business card by running a few more requests.

This is our outcome:

Having analyzed the obtained information, indirectly we can confirm the data of that business card. However, we know from our experience that any data may be fake and we should continue our research.

One of the right tools for verifying those who post online is to study their surroundings in social networks.

That’s why we got so excited when we saw the results of our Foursquare search request. Mr. X — the person of our concern — did not try very hard to hide. Although we could not find anything directly with the ‘Facebook account by phone number’ request, we found out that he posted a link to his Facebook in his Foursquare profile and we were still able to get it.

Now with this new data we can launch search requests right from the graph:

So we enriched our data with those from Facebook and this is what we have:

There are 2 companies mentioned in the Facebook profile, one of them matches the one in the business card. But we’re moving forward and launching a request to search for Facebook friends:

The info we get allows us to create a map of the location of Mr. X’s friends. Oh, looks like Mr. X has friends all around the world!

Let’s make a friends graph and see the statistics on where they worked:

As we clearly see, there is no T company, which is mentioned in that business card, in the statistics at all. Wait, what?!… Mr. X has no friends from the T company? Then why does he have so many friends from other companies?

We can make a conclusion that this person altered his profile info so that it matches the data in his business card. His surrounding of course stayed the same and it gives his actual place of work away.

In addition to this, let’s note that the S company is your direct competitor. Most likely, this is the way they planned to spy on you.

It’s also worth highlighting the ‘Caller ID info by phone number’ request. It shows the names under which the phone number is stored in phone books of other people.

So the obtained data confirms that Mr. X is definitely related to the S company as his phone number is marked with this company name in the phone books of many people.

Well, should we call the S company and ask to talk to Mr. X? ;)

Researching the surroundings of your object of interest often uncovers many peculiar and sometimes unexpected things. And it may not only be finding out his or her real employer! Studying groups of users, which have this or that in common, for example, may point to the real place of birth (if say the person keeps in touch with his school mates) or to the place where he had his undergraduate training. All this, in its turn, inspires your analytical thinking and further research. You could go on and on and on, but with Mr. X we stop here, having achieved our goal.

Oh, the wonders of this OSINT world!!! :)