Utilizing OSINT to Understand and Combat Fraud in E-Commerce

Utilizing OSINT to Understand and Combat Fraud in E-Commerce

E-commerce has revolutionized the way we shop, offering convenience, variety, and often better prices. However, it has also opened new avenues for fraudulent activities. Fraudsters not only exploit the anonymity of the internet but also create very attractive websites, complete with legitimate-looking names and images, to deceive consumers and businesses alike. The psychology of fraud often involves manipulating trust and exploiting the desire for attractive deals, preying on emotions and cognitive biases to trick victims into parting with their money or personal information. These scammers meticulously craft their online presence to appear trustworthy, making it more challenging for individuals to discern legitimate operations from fraudulent ones. The Golden Owl® team has crafted a guideline rooted in our investigative experience to help prevent deception. While we don’t publish the names of scammers for now, our blacklist is being updated daily to ensure comprehensive protection against fraud.

Common Cases of Fraudulent Behaviors:

1. Award Scams: Victims are misled into believing they have been nominated for or won a prize, such as an industry award, but are told they must pay fees or taxes to claim it.

• Example: Receiving an email or letter stating, “Congratulations, you are nominated for an industry award!” followed by a request to pay a processing fee to receive the accolade.

2. Phishing Attempts: Attempts to steal sensitive information through deceptive communications.

• Example: Emails mimicking a bank asking for your login details to resolve a supposed issue with your account.

3. Counterfeit Products: Sale of fake goods that mimic real products, often of inferior quality.

• Example: Purchasing a branded watch at a significantly reduced price, only to find it’s a cheap imitation.

4. Subscription Traps: Misleading offers that trick consumers into recurring payments.

• Example: Signing up for a free trial that automatically converts into a costly monthly subscription.

5. Fake Charities: Scammers create non-existent charity organizations to solicit donations.

• Example: A fake fundraiser for disaster relief that pockets the donations.

6. Advance Fee Fraud: Requesting payment upfront for a service or prize that never materializes.

• Example: Paying a fee to claim a large inheritance from a distant relative.

7. Rental and Real Estate Scams: Listings for non-existent rental properties or real estate investments.

• Example: Paying a deposit for a rental property that doesn’t exist.

8. Employment Scams: Job offers that require payment for training or materials.

• Example: A job requiring you to buy expensive training materials upfront.

9. Tech Support Scams: Fraudulent claims of computer issues to elicit payment for unnecessary services.

• Example: A call from “tech support” claiming your computer has a virus and asking for payment to fix it.

10. Investment Scams: Promises of unrealistic returns on investments.

• Example: An investment scheme offering high returns with no risk.

11. Fake Online Marketplaces: Websites that mimic legitimate e-commerce platforms to scam consumers.

• Example: An online store selling luxury goods at steep discounts, which never delivers the purchased items.

OSINT in Investigating E-Commerce Fraud

Open Source Intelligence (OSINT) refers to the collection and analysis of information that is freely available in the public domain to investigate activities or entities. In combating e-commerce fraud, OSINT can be a powerful tool. Here are some ways it can help:

• Social Media and Online Forums: For instance, if you are considering buying a product from an online seller, you might search for the seller’s name or the product on social media platforms and online forums like Reddit or Quora. By reading through the discussions and reviews, you may find that multiple users have reported issues such as non-delivery of items, receipt of counterfeit products, or poor customer service. These recurring complaints can indicate a pattern of deceptive behavior by the seller, suggesting that you should proceed with caution or look for alternatives.
• Domain Analysis: For domain analysis, you might use a WHOIS lookup service to check the registration details of a website’s domain name. For example, if you encounter a new e-commerce site offering high-end electronics at unusually low prices, you can use WHOIS to find out who owns the domain and how long it has been registered. If the domain was registered very recently or the owner’s information is hidden behind a privacy service, this could be a red flag. Additionally, tools like Wayback Machine can show the history of the website’s content, helping you to see how long the site has been in operation and what kind of changes have been made over time. If the site shows a history of dubious or inconsistent content, it might indicate that it’s not legitimate.
• Image Search: Reverse image searching can help identify if product photos are stolen or if a property listing is fake. For example, if you come across a listing for a rental property with pictures that look exceptionally well-furnished and offered at a very low price, you might be suspicious. To verify the authenticity of these images, you can use reverse image search by uploading the image to a search engine like Google Images or TinEye. If the search returns results showing the same picture used on multiple listings in different locations or associated with past scams, it’s likely that the property listing is fake.
• Financial and Legal Databases: To investigate the legal standing and financial health of a business, you can access various financial and legal databases. For instance, if you’re considering investing in or doing business with a company, you might look up its records in local databases, or use local public databases like the U.S. Securities and Exchange Commission (SEC) EDGAR database for publicly traded companies to view financial statements, regulatory filings, and other official documents. These records can reveal important information such as the company’s profitability, debt levels, and any legal issues or regulatory actions it has faced. If the company has a history of financial instability or legal troubles, this could signal potential risks in dealing with them.

And:

• Verify independently: Cross-check information from multiple sources to confirm its accuracy.
• Maintain a skeptical mindset: Approach every piece of information with caution and verify before trusting.

The digital marketplace offers immense opportunities but also poses significant risks. Being realistic about the potential for fraud, conducting thorough checks, and utilizing tools like OSINT can provide critical defenses against scams. Always verify before you trust, maintain a healthy skepticism, and remember that if something seems too good to be true, it probably is. For more intricate cases, consider utilizing Golden Owl® services for comprehensive and in-depth investigations.