Posted on May 13th, 2018
In my previous career, I relied heavily on the ability to filter a friends list only to those in common with at least two suspects. I could provide two Facebook user names, and receive a list of all friends that they each had in common. If I had a burglary spree and I knew two of the three thieves, Facebook would help me identify the third. If I was investigating a homicide, I could input the suspect and the victim, and quickly identify a short list of priority interviews. This was my shortcut to the subjects that may provide actual information versus a lengthy list of people that may not know the victim well. The ability to compare common friends of two individuals on Facebook can be accomplished with a URL. In the following example, I will filter the list of common friends between Christopher Hadnagy (christopher.hadnagy.92) and Jayson Street (jayson.e.street). First, I must use my Facebook Search Tool to translate christopher.hadnagy.92 to 100019852604792 and jayson.e.street to 734444097. The following URL displays the results, which include ONLY people that are friends with BOTH of my targets.
This technique has been around for a long time, and is not likely new to many readers. In the past, filtering only two people was sufficient. Today, many online targets have thousands of friends, and filtering common results with another target is not enough. The result is still more profiles than can be easily investigated. Additionally, I cheated a bit in this example because both of those subjects have a completely public friends list. There is really no reason I should not be able to isolate common friends. Consider the following example which brings in a person with a “private” friends list and more than two targets.
Assume (theoretically) that I have just finished the first draft of a book titled “The Invisible Life: My Successes and Failures at Making People Disappear”, which includes extremely detailed examples of every advanced privacy strategy that I use with wealthy clients that want to fall off radar, story-driven to help explain my process. I know that Chris Hadnagy has written several successful books on the topic of social engineering, and I see that he is friends with Bill Pollock, the founder of the publishing company No Starch Press. Assume that I want to infiltrate this connection and achieve an unfair advantage toward promoting this title to Bill. We can already see all friends on Hadnagy’s profile, but notice that Bill is a bit more private and chooses not to display his friends:
The official Facebook URL to see common friends is the following:
This result discloses two of eighteen mutual friends between our two targets. If I translate Bill’s profile ID and recreate the previous link, I receive the entire list of common friends between the two, regardless of Bill’s privacy settings:
The results identify eighteen people that may influence Bill’s book submission process. That is a lot of people if I wanted to send unsolicited review copies of my book in order to generate buzz in Bill’s circles. Instead, I might want to filter this list only to those that are friends with Chris (public), Jayson (public), and Bill (private). I previously had a working Facebook URL that made this process simple, but it stopped functioning in the past month. Instead, we can make quick use of a spreadsheet to replicate the filter. I copied and pasted all results from the following two URLs into Excel:
This resulted in a list of several names. In Excel, I highlighted the column, then chose Home > Conditional Formatting > Highlight Cell Rules > Duplicate Values. The result in this scenario was red highlighting around only those cells that are friends with all three targets. After sorting by cell color and removing duplicates, I am left with fourteen people that know all three of my subjects. This can be very beneficial considering that Chris and Jayson have hundreds of Facebook friends and Bill keeps his friends list private. There are many investigative scenarios where this can expose immediate people of interest. Below is my actual result, including hyperlinks to each Facebook profile:
My apologies to Chris, Jayson and Bill. Hopefully this does not ruin any potential with No Starch Press for a future book!