EPISODE 217-Extreme Privacy 3 & New VOIP Strategies

This week I present my latest book, Extreme Privacy 3rd Edition, and discuss the updates, changes, and overall differences from the previous editions. Plus, I offer my new VOIP strategies and an important OSINT tip for those using Virtual Machines.

Direct support for this podcast comes from sales of my books, services, and online video training. More details can be found at IntelTechniques.com. Your support eliminates any ads, sponsors, endorsements, Patreon, donations, or commercial influence on this show.

SHOW NOTES:

INTRO:

None

UPDATES:

None

EXTREME PRIVACY 3RD EDITION:
https://inteltechniques.com/book7.html

NEW WORKBOOKS:
https://inteltechniques.com/links.html
https://inteltechniques.com/blog/2021/05/14/my-experience-with-privacybot/

NEW VOIP STRATEGIES:
https://www.twilio.com/referral/9FGpxr
https://refer.telnyx.com/refer/zrfmo
Number Porting

OSINT:
VM Updates
https://inteltechniques.com/blog/2021/05/10/important-osint-vm-update/

Free Workbooks: https://inteltechniques.com/links.html

Affiliate Links:
ProtonVPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=282
ProtonMail Encrypted Email: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=267
Fastmail Business Email: https://ref.fm/u14547153
SimpleLogin Masked Email: https://simplelogin.io?slref=osint
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Amazon: https://amzn.to/2B5svbH

EPISODE 215-When OSINT Is Abused

This week I offer a brief episode about the abuse of OSINT details which led to fraudulent unemployment claims, plus a detailed look at the ParkMobile data breach.

Direct support for this podcast comes from sales of my books and the online video training. More details can be found at IntelTechniques.com. Your support eliminates any ads, sponsors, endorsements, Patreon, donations, or commercial influence on this show.

SHOW NOTES:

INTRO:

None

UPDATES:

Travel advisory
Twilio TLS
https://inteltechniques.com

WHEN OSINT IS ABUSED:

https://www.documentcloud.org/documents/20618953-geico-data-breach-notice

BREACH REVIEW: PARKMOBILE

https://inteltechniques.com/blog/2021/05/07/breach-review-parkmobile/

Free Workbooks: https://inteltechniques.com/links.html

Affiliate Links:
ProtonVPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=282
ProtonMail Encrypted Email: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=267
Fastmail Business Email: https://ref.fm/u14547153
SimpleLogin Masked Email: https://simplelogin.io?slref=osint
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Amazon: https://amzn.to/2B5svbH

Note: This post is the first in a series of breach review articles. No fear tactics. No click-bait. Just a rational discussion about the most recent breaches and how they might impact us from both an OSINT and privacy perspective.

In early-April, various data breach communities began discussing a recent breach at ParkMobile, an app which makes parking payments more convenient. The company eventually released confirmation of the breach at https://support.parkmobile.io/hc/en-us/articles/360058639032. I obtained a copy of the data, which contains the following data structure.

CLIENT_ID,TITLE,INITIALS,FIRST_NAME,LAST_NAME,GENDER,DATE_OF_BIRTH,MOBILE_NUMBER,EMAIL,USER_NAME,PASSWORD,SECOND_PASSWORD,THIRD_PASSWORD,SOCIAL_SECURITY_NUMBER,ADDRESSLINE_1,ZIPCODE,CITY,VRN,DESCRIPTIONS

The data was presented within a single 5GB CSV spreadsheet with over 21 million entries. Attempts to create new accounts at ParkMobile with ten random email addresses within the breach confirmed that accounts already existed with that data. This provides anecdotal evidence that the data is truly from the company. The following is an actual record, redacted for privacy (XXXX), with explanations within parentheses.

1453797 (user number), 352256XXXX (telephone), 352256XXXX (telephone), [email protected] (email), [email protected] (email), $2a$05$mYZyhLkCMueaqAPWpxL7c.IJCEN9T3FILDLXGW0C/Dtu0QKvtAbXC,869JI,86XXXX (encrypted password), CGSXXXX (registration plate), CBSXXXX (additional plate), Dani,Escape,Escape,Cadillac,Escape,rental,Dani,Escape,Escape,Cadillac,Escape,rental (additional notes)

It appears that very few entries possess SSNs or DOBs. The raw data possessed telephone numbers for almost all entries, which were already stored in 10-digit format without hyphens or parentheses. This makes them easy to search. If my target was exposed in this breach, I could easily associate a name with email and cellular telephone number or vehicle and phone details with an email address. Overall, I find this breach to be very beneficial to online investigators. I plan to add it to my collection to query emails and telephone numbers during investigations.

From a privacy perspective, I believe this data is quite damaging to the typical customer. This breach reminds us that alias names, forwarding email accounts, and burner VOIP telephone numbers should always be used when providing personal details to any service. I suspect customers will soon begin receiving malicious email and SMS attacks.