Detection and Investigation
Anti-fraud, money laundering and counterfeiting laws are worthwhile with effective online monitoring. It is important to empower organisations who experience loss from fraud and counterfeiting sales of their products to target and take down the offenders with the use of automated open source intelligence (OSINT) monitoring. Today organisations are focused on using internal data which is justified but there also needs to be focus on capitalizing on external data, or OSINT. Constantly monitoring the external environment enables organisations to proactively mitigate risk before it damages their organisation. When risk events do occur, monitoring also helps discover and deal with events more quickly and effectively. With more digital channels, such as fraudulent websites, social media accounts, and online marketplaces, it is easier than ever to sell counterfeit products. Monitoring for this type of behaviour helps identify and stop it. OSINT monitoring helps protect physical products, services, websites and entire digital brands.
Perhaps an end user wants to track, filter, sort and analyse all geolocated tweets relating to product names, or create heat maps showing mentions of people claiming they had flood damages in an area where the flood did not occur, or determine a pattern of life for a specific subject of interest identified as selling a counterfeit product on the street. The end user can find the unknown and hidden relationships between websites, or any other entity using OSINT. Financial institutions use OSINT to assist with their “know your customer” (KYC) and anti-money laundering initiatives. Collecting data at large scale from thousands of sources is only half the battle. They then analyse the data and identify and target red flag indicators that may imply an individual country risk, potential exposure to corruption or other risks associated with compromised accounts. Red flag indicators can identify compromised account credentials or credit cards and news identifying new methods being used for fraud across all OSINT, including social media, blogs and message boards. The major advantage of going directly to OSINT for red flags, is it allows institutions to get breach event alerts in near real-time.
ALTEN Calsoft Labs Open source intelligence (OSINT) based Digital Investigation tools explore and visualize connections in social media, OSINT and the deep and dark web. Our digital investigation tools simplify complex fact finding, real-time drill down and correlation of case-specific digital artefacts, enabling you to quickly make connections to move investigations forward.
Social Media Search tool is a unique Maltego transform package that performs automated searches of social networks and online account based activities by email addresses, aliases and names. The results are visualized in minutes to reveal detailed 1 to 1 correlations as well as larger networks of associates .It is a real time investigation tool that automates the process of searching social media. Using Maltego, query results are visualized in just seconds which cuts weeks or months off social media research. Using this tool you can uncover identities, correlations, networks of associates and available geographical information in just minutes. Social media search tool can be invaluable for both cyber or physical criminal investigations and social media forensics.
Features of Social media search tool
- Easy, fast, and reliable visualization of people’s profile information and relationships
- Search 60+ social networking sites and other account based online entities.
- Complete multiple queries in minutes, which would take hours or days to complete manually.
- Visualize 1 to 1 correlations as well as multiple relationships and networks of people into the 1000s of records.
- Reliable and accurate results with a proprietary data collection/query methodology that has been continually refined, supported and updated since 2009.
- It is a Maltego commercial transform package that can be integrated into other platforms using Restful API.
Uses of Social Media search tool
- Criminal investigation
- Back ground verification
- Insider attack investigation
- Brand monitoring and compliance
Malware containment and analysis tool expand Malware Context and Operationalize More Threat lntelligence.It enables cyber security professionals to quickly and reliably identify and visualize global malware connections in context. This leads to deeper insights that make responses and investigations more targeted and successful. The tool does this by bringing together the industry’s most extensive, timely and accurate global malware threat data from Proofpoint ET Intelligence. The tool enables incident responders, threat analysts and law enforcement to identify and visualize malware connections in just seconds to expedite investigations, response and malware protection. The value of the Proof Point data has been proven time and time again and helps you quickly visualize, search and discern correlations not easily seen otherwise.
Features of Malware containment and analysis tool
- Visualize malware connections and correlate campaigns into the 1000s of records, in just seconds.
- Analyze data using commercially supported transforms
- Access current and historical Proofpoint ET Intelligence metadata that is continuously updated and gathered over five years.
- Access data analysed with over 40 categories of reputation and current scores to identify high-risk or malicious IP addresses and domains.
- Connect specific attack campaigns to billions of available individual indicators of compromise.
- Search and view attacks and actors in motion all over the world.
- Easily pivot and drill down with a forensic data trail for incident investigation
Uses of Malware containment and analysis tool
- IDS to malware hash relationship
- IOC correlation
- Geo location of Domain and IP address
- Campaign date correlation