Posted on March 24th, 2013
While preparing for this week’s class in Elgin, IL, I updated the private investigation area of the website. This area includes all of the links and applications that I teach during my two day advanced course. Below are the updates:
New OSINT Links:
Pic Search (Similar to Google Images)
Colossus (International Search Engine List)
Toofr (Work Email Address Guess)
Email Format (ID Emails and Format of Business Addresses)
Market Visual (Maps Employees)
PeepDB (People Search)
Wigle (WiFi Info by Location or Name)
Updated Software Pack:
Added Scythe (User Lookup)
Added IP Info
Added Domain Info
Removed Nirsoft (Virus Warnings)
Removed MetaGoofil (Not Functioning)
Removed Jigsaw (Not Functioning)
Updated OS Forensics (2.0.1003)
Updated Maltego (New Transforms)
Added Maltego User Guide
Added Maltego Transform Guide
Added Maltego Video Channel
Posted on March 16th, 2013
The three major credit reporting bureaus say they have uncovered cases where hackers gained access to users’ information. The disclosure offers a glimpse into the sensitive data available to the cybercrime underworld, which hosts several storefronts that sell cheap and illegal access to consumer credit reports.
The acknowledgement by Experian, Equifax and Trans Union comes hours after hackers posted online Social Security numbers and other sensitive data on FBI Director Robert Muller, First Lady Michelle Obama, Paris Hilton and others. Social Security numbers and even credit reports are not difficult to find using inexpensive services advertised openly in several cybercrime forums. In most cases, these services are open to anyone. The only limitation is knowing the site’s current Web address and being able to fund an account with a virtual currency.
One website sells access to consumer credit reports for $15 per report. The site also sells access to drivers license records ($4) and background reports ($12), as well as straight SSN and date of birth lookups. Random “fulls” records — which include first, middle and last names, plus the target’s address, phone number, SSN and DOB — sell for 50 cents each. Fulls located by DOB cost $1, and $1.50 if searched by ZIP Code.
It’s not clear from where this service gets its credit reports and other data, but it appears that at least some of the lookups are done manually by the proprietors. Pending new records requests are tracked with varying messages, such as “in queue,” and “in progress,” and often take more than 15 minutes to process.
I believe that the proprietors of this service and others like it are taking data gleaned from various sources and using it to pull credit reports directly from annualcreditreport.com, a government-mandated Web site created by the three major credit bureaus to help consumers obtain annual free copies of their credit reports. This free service is great for consumers wishing to view their own credit reports, but the security does not limit these views to the individual listed. Knowing some basic information about an individual may allow someone else to access the report.
If you would like to view the leaked website in a safe manner, click here:
This link allows you to scroll down and view some of the live details that were released without visiting any shady websites. The original source has been shut down, this is a link to an archive of the page. Below is a screen capture.
Taking steps now, such as freezing your credit report, will make you an undesired target. If an attacker cannot open new lines of credit on your account, your credit report is not lucrative.
Thanks to Brian Krebs for his investigation.
Posted on March 13th, 2013
The following is a guest post:
Social media has revolutionized the way we communicate, share information and network with one another both personally and professionally. It allows us to instantly connect, interact and exchange ideas with people all across the world.
But like any other powerful tool, social media can be a force for both good and evil. Unfortunately, criminals are beginning to exploit it to help them commit a range of unlawful acts, including burglary and identity theft. Here’s how you can help protect yourself:
One of the most common ways criminals are using social media is to target homes for burglary. In the social media-centric world we live in, we have become accustomed to sharing our daily experiences via tweets and status updates. Unfortunately, there are bad apples who are using this information to monitor people’s whereabouts and plan burglaries for the most opportune times – when the homeowner is on vacation or away from home.
To avoid having your home targeted, it’s best to refrain from posting real-time details about your whereabouts on your social media profiles. Additionally, take a few minutes to double check your privacy settings to make sure only trusted friends and family have access to your posts and personal information.
It’s also a good idea to subscribe to an alarm monitoring service if you haven’t already. Nowadays, most prominent home security companies offer these services for a monthly fee that most homeowners can afford. With monitored protection, trained professionals will keep tabs on your home 24 hours a day, 7 days a week – even when you’re out of town. Click here for more tips and information about monitored home security.
False identity/Identity theft
It’s remarkably easy to create an account on most social media websites. For cybercriminals, this presents a golden opportunity to impersonate an existing person or create a whole new fraudulent identity. Some do this for the sole purpose of tricking and humiliating people. Others have more sinister motives, such as identity theft.
Since most social media profiles are stuffed with sensitive information, such as age, location, birthday and email address, which could be used to steal an identity. Typically, scammers will try to make message you under the guise of someone you trust. Once contact has been made, the thief will oftentimes tell you to take a look at a new profile page, which, in reality is a bogus page designed to pilfer your username it password.
To avoid falling victim to these cybercrimes, you should first limit the amount of personal information you reveal on your profile page. Secondly, you should always be wary of any links that ask you to log or sign in again.
Filed under General | Comments Off
Posted on March 9th, 2013
In my Hiding from the Internet sessions, I always mention some type of technique that will stop websites from tracking your activity. Yesterday, I presented to a large group in central Illinois and discussed Ghostery. I received a few questions about a similar plugin called Do Not Track Me (DNTMe), so I will explain both of these tools here.
I have been using Ghostery for a couple of years now. I also embed this tool into my Investigative Software Pack. Below is the excerpt from Hiding from the Internet that explains the Ghostery plugin available for the Firefox and Chrome web browsers.
Many sites that you will visit will be using website analytics. These free services monitor the visitors of a website and identify the IP address, location, business name, search terms, and site navigation of the visitor. This can be very invasive and personal information can be analyzed and distributed without your knowledge. While you are using the methods in this book to eliminate your personal information from online databases, it is important not to provide more information in the process. Ghostery can be of help. This extension will identify any analytics and other intrusive software running on a website when you visit it. With some configuration, it can be set to block these services and prevent the website from tracking you.
After installing the extension in Firefox, click on “Tools”, “Ghostery” and then “Manage Ghostery Options”. Inside the new window that will open, scroll down to the “Blocking Options”. Click on the checkboxes next to “Advertising”, “Analytics”, “Privacy”, “Trackers” and “Widgets”. This will stop over 1000 different types of intrusive software from monitoring and tracking your internet habits. Click “save” below the options and now click on the “Cookies” tab. Similar to the last screen, select the checkboxes next to “Advertising”, “Analytics”, “Trackers” and “Widgets”. Click “Save” and then close this entire tab. This will block an additional 500 scripts that can collect private information about you. When you visit a site with analytics, the owner will no longer capture any information about your visit. Any time you visit a website that is using a service blocked by Ghostery, you will be presented with a purple window displaying all services running on the page. When a service has been blocked, the service name will be stricken and faded. Below is a screen capture of a Ghostery notification on my website.
Do Not Track Me, from a company called Abine, performs a very similar function. This tool is a bit more user friendly and requires no configuration when installed. The down side is that this product is only a free version of their commercial products DeleteMe and MaskMe. These premium products are not necessary to use Do Not Track Me, but you will receive options to upgrade. After installed into you browser, you will receive notifications in the upper right corner of your browser. This will identify the tracking software being used on the current website visited. By default, it will block the tracking and allow you the option to enable the tracking if desired. Below is a screen capture of the result of my homepage, which uses Google and Woopra to monitor traffic to the site.
Overall, I think both are great. Ghostery has a minimal interface and notification, but requires occasional user configuration when updating. DNTMe offers automatic configuration, but includes ads for their premium services. I still use Ghostery out of habit, but I will spend the next month using DNTMe to review the product. I do not recommend using both at the same time.
Posted on March 1st, 2013
Recently, a Detective in Northern Illinois notified me about a new people search website called PeepDB. This site offers more than the standard people search website that simply scrapes information from search engines. This post will explain the proper search method and the details of how to remove your personal information. This information applies to the content of both of my books, Open Source Intelligence Techniques and Hiding from the Internet.
To search the site, navigate to http://www.peepdb.com. The search field is misleading as it only conducts a custom Google search on the target. I recommend avoiding this field. Instead, choose the links below for the state where your target resides. You will then be prompted to click on a link for the first letter of your target’s last name. This will then continue, asking for the first two letters and then first three letters of your target’s last name. You should then be presented with a long list of subjects that fit the criteria. The capture below shows a few entries for people with the last name of Bazzell in Illinois.
Each of these terms are linked to another page, but only the last name on each line links to the profile of the selected target. Clicking on “Bazzell” on the last entry for Floyd Bazzell presents a new page with partial address information. Click on the link “Get The Uncensored Listing – Free” and you will be prompted to enter a captcha validation (to prevent automated search abuse). This will then unmask the address of your target and should identify a complete home address, phone number, and Google map with satellite view of the residence. the capture below displays a redacted view of the result.
My first search on this site was for my own information. I was surprised to find a recent address for me which appears nowhere else on the internet. I clicked the link below the listing titled “Remove This Listing”. This presented a new page with removal instructions. If you are a government employee, they simply require an email from your work email address identifying the address of your listing (the URL) and a written request to remove the information. I submitted my request at 4:00pm on 02/28/2013. The next morning, I searched for my name and the listing had already been removed.
If you are not a government employee, you can still request removal. Follow the instructions on the removal page which includes sending a scanned copy of a photo ID. I recommended redacting EVERYTHING on this scan except your name and street address that is visible on the PeepDB listing. If you want the listing removed immediately, you can pay them $3.95, however I do not recommend this based on their prompt response to a general request.
I encourage you to identify your own personal information on this site and remove anything that is invasive. This will now be my first public site to visit when trying to locate a target.
Posted on January 8th, 2013
Thanks to J.S. from DC, I realized that the Investigation Software Pack posted last week was corrupt. I have isolated the problem, and a new pack has been uploaded. Log into the investigations portal to download a new copy. Here are a few of the new tools:
Embedded into the Investigation Browser:
Multiple browser support
Reporting function with print formatting
Facebook photo album downloader
Slider bar to see previous versions
Updated media download features
Extract employee information & emails
Map of social traffic by location (6 networks)
Locate hidden private websites from a domain
Extract email addresses from a domain
If you are interested in the training required for this software pack, please contact us at THIS LINK.
Posted on January 2nd, 2013
One year after the release of my first book, Open Source Intelligence Techniques, I have published the 2nd edition. This edition offers over 50 new techniques that were not available during the original printing. I also modified some of the original techniques since the search methods change so rapidly. Additionally, an entire new chapter about radio frequency monitoring is included at the end of the book. These changes resulted in over 65 new pages of content. The new 320 page book can be ordered HERE. As always, I will offer the books for sale at actual cost during all of my speaking engagements and training sessions. The following is a partial list of NEW methods for searching and analyzing online information included in the book.
New Google Search Techniques
New Online Newspapers Archives
Easier Twitter Mapping of a User
Recover deleted information from Twitter accounts
Discover cell number owners through Facebook
Use online maps to rotate views of buildings
Discover hidden date information in satellite photos
View several satellite photos for one location
Discover a subject’s work email address
Locate an IRC user’s current channel location
Search public documents on Google Docs, Dropbox, and Amazon Servers
Properly search Instagram and discover all photos of a user
Search for videos by the text spoken in them
Extract a person’s outgoing voicemail message
Search a cell number through the Caller ID Database
Discover hidden websites on subdomains
Search wireless routers by name and location
Identify Driver’s License numbers in several states
Extract new information from several API’s
Six new investigative browser plugins
Change your IP address to protect your privacy
Extract still images from online and surveillance videos
Locate and map posts from six networks on one site
Locate surveillance cameras by GPS Coordinates
Monitor cellular social network group messages
Monitor radio frequencies to gather valuable intelligence
Posted on December 31st, 2012
During my internet safety presentations, I explain why I believe that you should use different passwords for different types of accounts. For example, you should never use the same password on your email account that you use for your Facebook account. This way, if one account gets compromised, your other accounts are protected. Recently, I began advising that the email address associated with your social networks should be different than your main email address for communication and financial accounts.
If one of your social networks is hacked, the criminal will know the email account associated with it. He will then attempt to gain access to that email account using a variety of techniques. If the email address is compromised, the attacker now has access to much more information. Your emails can be scanned for bank account numbers, your contacts can be sent a message requesting money, or all of it can be deleted out of spite. Most likely, the hacker will use the access to this email account to receive password reset requests from all of your accounts, which then gives complete control to everything in your digital life.
If you have one specific email address that is only used for social networks, this limits the damage. If your Facebook account is hacked, the attacker will only know the email address that you use for social networks. If this email account is hacked, the attacker will find no contacts, no sensitive information, and no emails. The only damage that can be done is to reset the passwords of your other social networks. While this may be an inconvenience, it is not financially damaging.
I ask that you consider the following while you start your new year:
1) Change all of your passwords yearly. This is a great time to start. Make sure none of your passwords are actual words and that they contain letters, numbers and at least one special character. Don’t use the same password on your “important” accounts as you do on your “fun” accounts.
2) Create a new email account through Gmail, and ONLY use it for social networks, online forums, internet groups, etc. Do not store contacts and do not use it for communication. Make this email address the primary account on all of your social networks and remove your real email address from the settings on each network.
3) Enable Dual Factor Authentication on your primary email account. This requires a code that is sent to your cell phone when you log into your email account. This ensures that no one will access your email. Instructions can be found in the “Security” settings of the account.
Have a great new year!
Posted on December 22nd, 2012
Reader S.E. reports:
“The Netwise Data email address in your book/website returns as non-deliverable.”
Apparently, they shut down that email account and have moved to a form based contact system. Here is the new link:
The “General Inquiry” option should be selected and the message should include your desire to opt-out of any data collection of your personal information. I have contacted them requesting new opt-out instructions, and I will post if/when I receive a reply.
Posted on December 19th, 2012
In the current pressing of Hiding from the Internet, there is a section on how to remove your home address and telephone number from the White Pages website. This includes their affilate sites. The technique has changed, and here are the new instructions:
Step 1: Navigate to whitepages.com and click on the “Reverse Phone” tab. Search for your listing by entering your telephone number. You can also search by name or address. If your listing is present, click on your name to open the profile.
Step 2: To the right of the name is a button titled “Claim & Edit”. Click this to create an account on White Pages with your real name and anonymous email address. You can bypass the “Login with Facebook” option by clicking the link at the bottom. Identify any sensitive information and click the “Edit” button. This will allow you to delete any information desired. After the listing looks appropriate for your level of privacy, click the “Submit” button. The data will be removed immediately.
Step 3: Navigate to 411.com and repeat the previous steps to remove your information from 411.com, a White Pages site.
Step 4: Navigate to phonenumber.com and repeat the previous steps to remove your information from phonenumber.com, a White Pages site.
Thank you to reader D.B. for pointing out the expired method.
Posted on December 16th, 2012
I want to share a technique that I just added to the upcoming second edition of Open Source Intelligence Techniques (2013).
The upper right portion of any modern Firefox browser contains a small search box that uses Google as a default search provider. Entering any terms in this field will conduct a search through Google and then launch the Google results page. This functions the same way as conducting the search on Google.com. Clicking the down arrow next to the Google logo will present a collection of search engines that can be used at any time. These include Google, Yahoo, Bing, Amazon, EBay, Twitter, and Wikipedia. The “Manage Search Engines” link will allow you to add new search engines, remove unwanted options, and change the order of the choices.
While Firefox does not announce the option, you can customize this field to do many different searches. This requires some very basic programming, but all of the code will be explained here. Additionally, you can simply download the files needed at the end of the instructions and bypass any coding. When I present my three day course on OSINT techniques, the most common question I am asked is “What should I search first when I have specific details about my target?” The attendees often have one piece of information, such as a Twitter name or an email address, and are looking for the best place to start. Because of this, I have created several custom search engines within Firefox that should help with this dilemma. First, we need to understand where these search engine options are located. If you are using the portable version of Firefox, you can find them at the following path through Windows Explorer after opening your Firefox folder.
You can either browse to this location or type it directly into the location bar with Windows Explorer. There should be six files in this folder titled google.xml, bing.xml, etc. These small files are the instructions that tell Firefox how to search each specific search engine. You can create a new set of instructions using Notepad or Wordpad, which will present an additional search engine option in Firefox. The following will create a new search engine file titled “twitter-complete-archive.xml”. The label within Firefox will be “Search Twitter Complete Archive”, and the search will be performed on “allmytweets.net”. The exact address used will be “allmytweets.net/?USERNAME”. Any Twitter name provided during this search will generate the exact address needed to display the desired results from allmytweets.net. The key terms are in bold to help you identify them.
<os:ShortName>Twitter Complete Archive</os:ShortName>
<os:Description>Search Twitter Complete Archive</os:Description>
<os:Url type=”text/html” method=”GET” template=
</os:Url><os:Url type=”application/opensearchdescription+xml” method=”GET”
This can now be used as a template for all future custom search engines. You only need to change the name of the file, the label of the search, and the address that will be searched. I have created several of these to aid in my own investigations, Instead of detailing the code to each engine; they are all available for download at the following address.
After you download the file, you should be able to double click it to see the contents. Copy all of the files to the folder that contains your “searchplugins” as described earlier. I recommend deleting any files in this folder before copying the new files. If you have access to my Law Enforcement Portal, the version of Firefox in the Software Pack already has these installed. The following is a summary of what each custom search engine provides.
Google: Standard Google search
Bing: Standard Bing search
Facebook Posts Stream: Live posts on Facebook
Facebook Wall Posts: Archived posts on FBSearch
Facebook by Email: Email search through Facebook
Facebook Graph: Public account data through Zesty
Twitter Complete Archive: All posts through AllMyTweets
Twitter Topic Search: Live search through Twitter
Twitter User API: API view of user’s account
Twitter Posts Mapped: User’s posts on Bing Maps
User Name Search: Search of target through KnowEm
Pipl Email-Username: Search through Pipl
Phone Number (w/ -‘s): Search through Reverse Genie
Website or IP Address: Search through EWhois
Docs from Domain: Locates documents on a website
Posted on October 20th, 2012
I have two success stories to announce as well as a replacement anonymous telephone number service.
Reader P.B. reports:
“I completed all of the steps outlined in the book and I received a promising sign. In my mailbox today was a small envelope addressed to “Resident”. Inside was a letter welcoming me to my new home and offering coupons for local businesses. Apparently, I did such a good job at removing my name from the internet that mailing services assume that I moved out and someone else moved in! ”
This is an excellent sign. This indicates that your address has been added to some databases that are designed for new residents. This is a great indication that you have removed a substantial amount of personal information from the internet.
Reader J.F. reports:
“I successfully removed my information from my county’s registered voter database when I first bought the book. My wife, however, did not take the steps. Lately, my wife has been receiving daily mailings from politicians that have identified her as a registered voter. She even had someone come to our home asking for her specifically. She is now in the process of completing all of the steps in the book. I have not had one piece of political mail this entire campaign season!”
I forgot how much political mail I used to receive during campaigns. If you are receiving unwanted mailings and visits from politicians, read chapter seven of Hiding from the Internet carefully.
Finally, in the book I explain how to use a free telephone number that will keep your real telephone number private. I recommended RingShuffle, but it appears to be out of service for new members. I suspect that they ran out of numbers. Until they re-surface, I recommend using a free Google Voice number. Privacy advocates do not like to use Google for anything, but I am willing to make an exception. I do not recommend using this free telephone number for anything outside of the methods in the book. Allow it to serve a single purpose and you will not sacrifice any of your privacy to Google. Details about Google Voice can be found HERE.
Posted on October 14th, 2012
LinkedIn has become a huge source of personal information during OSINT searches. Recently, LinkedIn has blocked full profile views for free users. It is also becoming more difficult to see profile content of people that you are not connected to through the social network. The below techniques will aid in viewing profiles.
Searching by company
If you are searching for employees of a specific company, searching the company name often provides numerous profiles. Clicking on any of these profiles presents a very limited view, such as the example below.
You are now required to upgrade to a full premium account in order to get further information. Instead, copy the entire job description under the “LinkedIn Member” title. In this example, it is “Marketing Specialist at REDACTED Inc.”. Use this in a custom Google search as displayed in the example below.
PDF Profile View
Each result will link to a profile that should allow for a more detailed view. This will also usually work without being logged in. After you have identified a specific target, log into LinkedIn and search for the subject’s name. Open the profile and review the information. Some profiles will mask some details if you are not connected to the person. When this happens, select the down arrow next to the blue “Connect” button and select “Export to PDF”. This will open a document that should have the full content in resume format. Below is a small section of this content.
The next blog post will identify how to identify bulk cell phone numbers by matching them to Facebook profiles. This can help law enforcement identify cash cell phones that appear in CelleBrite reports.
Posted on October 5th, 2012
I have created a brand new application pack and menu for both the Law Enforcement and Private Sector portable software packs. Log into either the LE or Private Sector portal and grab a new copy. This release fixes security issues with some versions of Windows.
Posted on September 25th, 2012
For those of you that have taken my advanced 2 day course on new investigation techniques, I have drastically updated the software pack. After logging in to the investigation portal, you will notice that the investigation browser link is no longer visible. This browser is now included in the new “Software Pack” on this page. Follow the directions to download and extract the files, and launch the file called “Start”. This will present a new menu with links to launch each program. This makes it easier to get to the program that you want to use. Below is a screenshot. This applies to both the Law Enforcement and the Private Sector versions.
Posted on August 23rd, 2012
Reader J.S. reports:
I’ve been going through “Hiding From the Internet” and doing quite well. However, it seems the email@example.com address is no longer valid based on the bounce I just got. Is there a chance you have an updated address?
In my response, I noted that according to LexisNexis, it is still correct. The following page outlines the details:
However, I wonder if they changed it due to many people applying the techniques from my book. For now, you could send a letter to the address in the link above (or send a free fax through the resources explained in the book). I will research a new email address and update when one is found. Until then, I would try sending the email to both of these:
Posted on July 28th, 2012
This week, my new book is being released. It is titled Hiding from the Internet. In this book, I share my methods for removing your personal information from the internet. I expose the resources that broadcast your personal details to public view. I have researched each source and identified the best method to have your private details removed from the databases that store profiles on all of us.
This book will serve as a reference guide for anyone that values privacy. Each technique is explained in simple steps. It is written in a hands-on style that encourages the reader to execute the tutorials as they go. I provide personal experiences from my journey to disappear from public view.
I originally intended to create a private website that could only be accessed by people that purchased the book. It would include all of the links used in the book and would be updated monthly. Instead, I decided to make this page free to everyone and include it in my main website. These links are under “Hiding from the Internet”, or directly here:
Much of the content of this book has never been discussed in any publication. Always thinking like a hacker, I identify new ways to force companies to remove you from their data collection systems. This book exposes loopholes that create unique opportunities for privacy seekers. Among other techniques, you will learn to:
Remove your personal information from dozens of public databases and people search websites
Create free anonymous mail addresses, email addresses, and telephone numbers
Control your privacy settings on social networks and remove sensitive data
Provide misinformation to conceal private details
Force data brokers to stop sharing your information with both private and public organizations
Prevent marketing companies from monitoring your browsing, searching, and shopping habits
Remove your land-line and cellular telephone numbers from online websites
Use a credit freeze to eliminate the worry of financial identity theft and fraud
Change your future habits to promote complete privacy and anonymity
Conduct a complete background check to verify proper information removal
Posted on July 22nd, 2012
I am in the final stages of releasing my next book, Hiding from the Internet. In this book, I share my methods for removing your personal information from the internet. I expose the resources that broadcast your personal details to public view. I have researched each source and identified the best method to have your private details removed from the databases that store profiles on all of us.
I have decided that I will start sharing some of these techniques on my blog. While the book explains how to remove yourself completely from public view on the internet, the blog will focus on just the most popular websites that you may be exposed on. I will also be releasing all of the links from the book within a couple of weeks. The first resource to discuss is Spokeo.
Spokeo is one of the most popular websites for locating free personal data about people. Fortunately, it also provides one of the easiest methods of information removal. After verification of an email address, the results are immediate. Here is how to eliminate your private information from this site.
Step 1: Navigate to spokeo.com and enter your full name. You will be presented with a list of any states that possess information about the name entered. Select your state and then select the city that you live in. The site will now identify any locations in the city that you specified, as seen in figure 3.01. If any of these display your address, select the entry. You will now see the profile that Spokeo has collected about you. Select the entire URL of this page, as seen in figure 3.02, and right-click and select “copy”. This URL will start with www.spokeo.com and end with a series of numbers.
Step 2: Navigate to www.spokeo.com/privacy. This will present a form at the bottom of the page with three fields. The first field requests the URL that you copied above. Right-click this field and select “paste”. The next field requests an email address for verification. Enter your e-mail address. Finally, the third field requests the captcha code that appears to the right of the field. Select “Remove this listing” and check your e-mail inbox.
Step 3: Complete the removal process by visiting the link included in the e-mail. This confirms your request for removal. You should now search your name again and confirm that the profile was deleted. Complete this process for every entry on Spokeo that applies to you. If there are more than five entries, you may need to use a secondary e-mail address for verification.
Posted on June 16th, 2012
Over the past few years, there have been several websites that conduct a reverse search of a telephone number. Many of these worked only on land-line numbers, and simply used the White Pages database. The attendees of my presentations on Open Source Intelligence Techniques receive access to my master list of free resources for finding personal information online. I have always dedicated an entire section to telephone numbers. Lately, many of the sites that I had listed began asking for money to complete a search. It appears that most of the sites are now forwarding the user to premium sites such as Intelius. Because of this, I have removed several sites. Fortunately, I have found a couple of new sites that take over for those outdated services.
For land-line numbers, I still recommend a search of White Pages. Checking Google can also be helpful, but usually the results are dominated by pages promising results and failing to deliver. Using Google Operators to eliminate some of the keywords that appear on these sites will eliminate much of this junk. For example, you could conduct the following search on Google, using the real target number:
618-555-1212 -reverse -directory -prefix -info -free
This will probably not provide the information that you want if your target number is a cell phone. For this, I now rely on Reverse Genie and Number Guru. Reverse Genie has shocked me with the amount of public information available from a cellular number. First, enter the target number and complete the “captcha”. Please pay attention to the letters, as they are case sensitive. This will search over one billion records and present results.
As a test, I entered one of my personal cellular numbers. I was immediately presented with some of my previous addresses, my full name, and two subjects that I know well. The site also used Google Maps to give a small street view of the residence that the number is associated with. The results that I received on my own information indicate to me that they are searching data from various financial databases such as utilities, marketing, credit cards, and loyalty programs.
My next test was the main Alton Police number, which identified all of the details of the department. This was not surprising. What was surprising though was what happened when I started searching private direct numbers at the department. The results did not identify the person assigned to that number or the business name (Alton PD), but it did show a street view of Alton City Hall, indicating that the number was assigned to the City of Alton.
The reverse email option worked surprisingly well too. My personal email identified a Facebook page and full name. This was obviously using the Facebook Graph tool which is available on many sites.
As my paranoia kicked in, I began researching how to have information removed from the site. The opt-out page was easy to locate (LINK) and it identified the procedure to have your listing removed. There is no online option for this, but sending a fax through a free fax service seems to be the quickest way. For smart phone users, there is an app that conducts these searches as well.
Number Guru was not as successful at retrieving information on target numbers, but it did find a few. These results appeared to be generated by users. Most of these were for telemarketers and other annoying calls.
I will continue to search for better reverse number engines. Law Enforcement should take advantage of the free service from TLO which has identified about 75% of my target cellular numbers.
For more information about using the internet to find personal information, please check out my book Open Source Intelligence Techniques.
Posted on April 21st, 2012
A few recent news articles announced a new service called DeleteMe that will remove most of someone’s online information for a $99 fee. These services will never find everything, but will locate and remove the bulk of personal information stored on websites. This includes sites that show your address, phone number, e-mail, etc. After poking around, I discovered the exact method that DeleteMe is using to remove your information. This can all be done by yourself, but it will take some time. The link below will take you to a detailed list of all of the steps.