Category: Security

The Privacy, Security, & OSINT Show – Episode 225

EPISODE 225-Lessons Learned This Week

This week I discuss the recent CTemplar data loss, Mint Mobile's breach, and another Crypto Investment attack. We can all benefit from the lessons learned during these events.

Direct support for this podcast comes from sales of my books, services, and online video training. More details can be found at IntelTechniques.com. Your support eliminates any ads, sponsors, endorsements, Patreon, donations, or commercial influence on this show.

SHOW NOTES:

INTRO:

None

UPDATES:

None

LESSONS LEARNED THIS WEEK:

CTemplar Data Loss
Mint Mobile Data Breach
AltoIRA Data Breach

OSINT:

None

Free Workbooks: https://inteltechniques.com/links.html

Affiliate Links:
ProtonVPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=282
ProtonMail: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=267
SimpleLogin Masked Email: https://simplelogin.io?slref=osint
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Amazon: https://amzn.to/3eCjp7J

The Privacy, Security, & OSINT Show – Episode 224

EPISODE 224-Employment Privacy & Security

This week I discuss privacy concerns surrounding employment, plus the latest news and updates.

Direct support for this podcast comes from sales of my books, services, and online video training. More details can be found at IntelTechniques.com. Your support eliminates any ads, sponsors, endorsements, Patreon, donations, or commercial influence on this show.

SHOW NOTES:

INTRO:

History of Employment Privacy

UPDATES:

Audacity

EMPLOYMENT PRIVACY & SECURITY:

Scope
Intuit/Equifax Deal
LinkedIn Scrape
Traditional Employment
Address
Phone
Credit Freeze
Resumes
Recruiters
Background checks
Photos
LinkedIn
Copies of ID
Birthday
Company Email
Company Equipment
Your Equipment
Mobile Devices
Video Collaboration
General Advice
Book

OSINT:

None

Free Workbooks: https://inteltechniques.com/links.html

Affiliate Links:
ProtonVPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=282
ProtonMail: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=267
SimpleLogin Masked Email: https://simplelogin.io?slref=osint
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Amazon: https://amzn.to/3eCjp7J

The Privacy, Security, & OSINT Show – Episode 223

EPISODE 223-Secure Messaging Woes (and Solutions)

This week I discuss the acquisition of Wickr by Amazon and other secure messaging issues (with my preferred solutions).

Direct support for this podcast comes from sales of my books, services, and online video training. More details can be found at IntelTechniques.com. Your support eliminates any ads, sponsors, endorsements, Patreon, donations, or commercial influence on this show.

SHOW NOTES:

INTRO:

None

UPDATES:

https://www.inteltechniques.net/

SECURE MESSAGING WOES (AND SOLUTIONS):

Wickr Acquisition by Amazon
Choosing Secure Communications
Convincing Others to Use Secure Communications
Communications Redundancy
Unwanted Communications Contacts

OSINT:

None

Free Workbooks: https://inteltechniques.com/links.html

Affiliate Links:
ProtonVPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=282
ProtonMail: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=267
SimpleLogin Masked Email: https://simplelogin.io?slref=osint
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Amazon: https://amzn.to/3eCjp7J

The Privacy, Security, & OSINT Show – Episode 222

EPISODE 222-Spoiler: We all die

This week I discuss privacy issues surrounding death including last wills, living wills, trusts, asset distribution, cryptocurrency, and most importantly, helping our beneficiaries untangle our privacy webs after we die.

Direct support for this podcast comes from sales of my books, services, and online video training. More details can be found at IntelTechniques.com. Your support eliminates any ads, sponsors, endorsements, Patreon, donations, or commercial influence on this show.

SHOW NOTES:

INTRO:

tiktok.com/@murasakisweetpotatoes/video/6972710415092550918

UPDATES:

None

SPOILER: WE ALL DIE:

Last Will
Living Trust
Property Trust
Individual Instructions/Notes
Living Will
Final Arrangements

OSINT:

None

Free Workbooks: https://inteltechniques.com/links.html

Affiliate Links:
ProtonVPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=282
ProtonMail: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=267
SimpleLogin Masked Email: https://simplelogin.io?slref=osint
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Amazon: https://amzn.to/3eCjp7J

Increased SMS Phishing Attacks

I own hundreds of VOIP telephone numbers throughout every state's area codes which all forward to a single email inbox. The benefit of this is the immediate availability of different numbers for various purposes. The annoyance of this is the increasing number of SMS phishing attacks. On Friday, I received the following SMS message to five numbers which possess Illinois area codes.

"Illinois Department of Transportation (IDOT) Driver License Waiver Validation. Validate your details at https://forms.gle/EmxTZFNY8z7paZNb9"

This Google Forms address translated to the following URL:

https://docs.google.com/forms/d/e/1FAIpQLSfIQb0LIuvdtIodJnJiHiffnwgwNh8moq7qHioEouJEHZ9fPA/viewform

Screen captures are below:

This is obviously a phishing attack to steal people's identities, but let's dig in deeper. These messages arrived in chronological order to the numbers. My numbers have a structure similar to the following:

6185551212
6185551213
6185551214
6185551215
6185552000

The messages to the first four arrived within seconds of each other and the fifth number received the message about three minutes from the first. This makes me believe that the messages are being sent to blocks of telephone numbers regardless of whether they exist.

Using OSINT tools, I was able to identify the Gmail address associated with the Forms account. This account appeared within several breaches. A query of these breaches displayed the name and home address of the account owner, who is likely not involved in this scam. The passwords to all of the breaches associated with her email account were identical. The offender probably used her recycled password to access her Google account and generate the Google Form. I have attempted to contact her at a secondary email account, but have yet to receive a response.

The phone number sending the messages (5809542353) is a Verizon prepaid account, but may have been spoofed. I am intentionally leaving the number and URL within this post in case anyone receives these messages and conducts a search for details.

An hour later, I received a similar message to all of my Texas and California numbers. These all included custom forms for the Texas and California departments of motor vehicles.

I made several attempts to report all malicious forms to Google, but I do not expect to any response. As of today (Sunday), the links are still active. I currently have a script entering false details into these forms multiple times every minute until Google picks up the activity and removes the content. I realize I am preaching to the choir here, but please help spread the word to those less tech-aware.