Federal and local law enforcement agencies have dedicated divisions for fighting cybercrime, and naturally, most of their time is spent browsing the internet — gathering intelligence on cyber terrorists, investigating computer-based crimes, and following up on reports of fraud, hacks and stolen data.
But in today’s world, online research is vital to more than just cybercrime investigations, as evidence of and clues to a variety of crimes exists on the internet. As such, law enforcement professionals need to be familiar with accessing the surface, deep and dark web, using social media, harnessing data aggregators and specialized browser plugins to:
- Quickly gather data on any person or organization
- Uncover associations between addresses, phone numbers and user personas
- Find locations where images were taken
- Connect information from different sources to paint a complete picture of someone’s profile
Below is a list of helpful tools and sites that can help law enforcement agencies advance their investigations.
Data tracking aggregators are your new best friend
Depending on the type of information you’re looking for, there are many websites that can help fast-track their initial investigations. For example, there are several open-source tools that specifically focus on people-centered data.
These aggregators work by scanning court websites and aggregating what they find. Such sites collect public documents based on the Freedom of Information Act (FOIA) and extract information such as individual’s phone numbers, possible addresses, possible family members, known associates, and more. The same information can be obtained by visiting individual court sites, but using an aggregator saves time and helps move the investigation along faster. And it’s perfectly legal and safe to access — without the need to create an online persona or go undercover. Here are some notable examples:
Cyber Background Checks: provides access to structured public records for millions of U.S. adults. The information is presented in a comprehensive, easy-to-interpret summary, and allows investigators to locate people, discover who lives at a particular address, look up phone numbers, and find owners of specific email domains.
FamilyTreeNow is a free genealogy site, where investigators can search for any individual’s known family members, associates, addresses and phone numbers.
Spokeo has organized over 12 billion records from thousands of data sources into easy-to-understand reports that include individuals’ contact info, location history, photos, social media accounts, family members, court records, work information, and much more.
OSINT Techniques provides abundant free open-source assets for following the digital breadcrumbs that people leave behind online. It contains lists of resources on how to extract useful information from social media, public records, image data, domain analytics, maps, directories, media outlets, blogs, forums and even the dark web.
Intelius provides reports on people and their connections to others using publicly available information. Investigators can check criminal records, perform background checks, locate property data, look up potential relationships, and find out who’s behind a phone number – quickly, safely, reliably and confidentially.
Accurint is a service of LexisNexis® Risk Solutions, and is a popular locate-and-research tool among government, law enforcement and commercial customers. It uses public records and non-public information and provides fraud detection and identity solutions for the public and private sectors.
Pipl is the essential investigative tool used by insurance and financial institutions, government agencies and media companies. It speeds investigation tasks by helping quickly locate persons of interest, uncover connections between people, addresses, phones and social handles, and even determine the credibility of sources, witnesses and suspects.
Uncovering metadata from photos
Exif Viewer is an easy-to-use tool to read the EXIF data from JPG images. Image files contain lots of useful information: for instance, some photos may have GPS data, helping investigators identify where the photo was taken; while others contain the camera’s shutter count, which helps detect the type of camera used to take the image. Researchers can open a JPG image from a computer or a URL, or simply right-click on a JPG image in a browser and select “EXIF image info” from the context menu.
Smart and safe social media research
For online investigators, social media sites like Facebook, Snapchat, Instagram or TikTok could be a treasure trove of information. But just like traditional detectives, investigators must be extra careful to maintain anonymity and keep their identity and intent hidden while researching social media. Not only could a clumsy move spook the bad guys into going deeper undercover, but it could also trigger retaliation (cyber or material), putting law enforcement agents at risk.
Thankfully, there are several specialized tools that were developed specifically to help online investigators browse social media sites without risk. They can be a helpful addition to investigators’ portfolios when it comes to following suspects and persons of interest on social media platforms.
Social Searcher is a real-time social media monitoring engine. It allows analysts to search for users, keywords and trends across 11 different social media platforms. Users can search without logging in for publicly posted information on Twitter, Google+, Facebook, YouTube, Instagram, Tumblr, Reddit, Flickr, Dailymotion and Vimeo.
Inflact is a multi-purpose service, which includes an excellent tool for Instagram searches. Its main attraction to businesses is a service that provides marketing automation for Instagram, but it also offers a wide array of analytics and statistics tools, which can be useful to online investigators.
Twitter Advanced Search: is a service available to anyone who logs into twitter.com. It allows users to tailor search results to specific date ranges and people. Analysts can use it to search for specific words, phrases and hashtags; find out what’s trending in particular locations; and see who is posting on specific topics.
TikTok searching TikTok is very straightforward and doesn’t require a login. To find a specific profile, users can go to TikTok.com/@ and enter a username. To locate a hashtag, analysts can enter TikTok.com/tag/ followed by keywords or phrases they are searching for.
Social Bearing is an open search and statistics tool. It can analyze Twitter mentions, find top tweets, hashtags, trends or Twitter conversations; show popular tweets containing specific pictures or links; uncover facts; find geolocated tweets; and analyze any user’s timeline.
Browser beware
Law enforcement analysts know just how easy it is to locate someone online. But they also must keep in mind that their adversaries can use many of the same tools to find out about them and their missions.
Maintaining anonymity is essential for any online investigation. While performing research on the web, law enforcement professionals need to be able to control what investigative subjects can learn about them by what their browser discloses. Leveraging a managed attribution platform like Silo for Research , is the definitive way to properly disguise one’s identity and intent — without creating a false persona, relying on a “dirty” network or using a burner device. By controlling the details of their digital fingerprints, investigators can blend in with the crowd and perform their searches without tipping off suspects.
This article was written by Authentic8. To learn more about our secure online research solution, visit our website. Or tune into NeedleStack, the podcast for online researchers. Our How law enforcement is using OSINT episode is a big hit with listeners.
