Financial frauds are undoubtedly the most financially draining crimes committed by bad actors. It is because they do not require much effort to execute and are committed due to the lack of an effective analysis procedure.
Financial frauds cost people more than a million dollars and companies around billions every year in India alone. While lots of effort and money is devoted to fighting financial crimes, data suggests that most fraud/crimes go undetected.
In today’s world, rapid developments in Information and Communications Technology have provided consumers with new ways of procuring goods and services for themselves. As a result, financial transactions have become more vulnerable to vicious attacks in the form of frauds than ever before.Also, monetary instruments can be transferred virtually using the Internet and thus are outside the reach of regulation by various governments.
One of the most common types of financial frauds may be traced back to the third-party payment processors, who act as mediators between a merchant and their customers. These processors are widely utilized by vendors of both products and virtual services. Additionally, they allow consumers to make financially driven decisions without entering into contractual relations with the vendors.
For investors, it not only negatively affects the stock and commodity market but also causes heavy losses. An important point to note about these fraudsters is that they rely heavily on information asymmetry and minimize the costs through outsourcing. They utilize outsourced payroll services companies, smurfing and the use of mules, overseas shell corporations, money laundering via third party financial institutions or even directly through hawala transactions, anonymous communications channels such as internet-based email accounts and prepaid debit cards.
In India, financial frauds occur mainly in Banks & Financial Institutes. Most of such frauds rely on identity theft and Operation Security (OPSEC) failures by employees. These frauds include duplicity, impersonation, phishing, money laundering and forgery. Regardless of the efforts to prevent identity theft, they fall victim to frauds again and again. Much of this is because all banks/financial institutions are not empowered with effective knowledge of utilizing various public information sources to prevent such crimes.
Awareness is power, and OSINT can serve as a great tool to help level the playing field for law enforcement in combating financial fraud.
As such, traditional methods of identifying financial fraudsters have proved inefficient in certain scenarios. Advancement in technology has enabled the emergence of open-source intelligence (OSINT), which is used in improving information gathering and analysis capabilities.
OSINT can be deployed through various channels at a relatively low cost and hence reduces the entry barrier for smaller institutions to fight against international frauds. Since all bills are labelled with serial numbers, utilizing OSINT to create a database of banknotes is a relatively simple endeavour. With this information, one may detect counterfeit bills more easily than if they relied on their naked eye alone. [1]
The OSINT tools available for preventing, combating or investigating financial frauds are Shodan, Maltego, Mitaka, SpiderFoot, Spyse, BuiltWith, Intelligence X, DarkSearch.io, Grep.app, Recon-ng, theHarvester, Metagoofil, Searchcode, SpiderFoot, Babel X.
These tools are effective in:
- Discovering and mapping information contained in public records, social media, the deep web, and the like.
- Disseminating information in charts and graphs to make it analysable and understandable.
- Functioning as a cross-platform reconnaissance tool to gather information like domain names, contact details, usernames, IP addresses, e-mail addresses, etc.
- Leveraging public information to identify potential security vulnerabilities in your network, and to help organizations discover threats they may be inadvertently exposed to the internet.
OSINT is often used in the initial, or first stage of the investigation. This method utilizes the wide availability and percentage of publicly available information to achieve an objective.
From global stock market manipulation to Ponzi schemes, to credit card theft, financial crimes are a growing menace. Operating through websites and email phishing scams, crooks can extract money from unsuspecting victims all over the world. Perpetrators of financial fraud commonly utilize the information available on social media networks for their nefarious purposes. However, it is not easy to ascertain the nature of the fraud and it may take experts’ help to conclude. OSINT is no longer about simple keyword searches and making connections, it should be thought of as a full body check up on entities in the digital space.