Fight against stalking thanks to OSINT

The following lines are the result of collaborative work, under the leadership of Justin Seitz. There are many of us working together, including Heartbroken and Nanardon.

OSINT is an acronym for Open Source Intelligence. It’s a set of investigative techniques, allowing information to be retrieved from so-called open sources. Used by journalists, by police or in cybersecurity, OSINT can help to find information but it can also be used to protect yourself from malicious people.

Violences against people, especially against women increased and diversified. Harassment, raids, doxxing, revenge porn by video or by pictures, identity theft or school harassment, etc.

How to react? How to prevent them? Our goal is to give you simple resources, without the needs for special knowledge.

It doesn’t substitute support groups, law enforcement, health professionals or lawyers.

We trust you.

You are not responsible.

Facts and situations we will use to illustrate ours kits are criminally and civilly repressed.

You are not alone.

The information provided in this article does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available in this article are for general informational purposes only. Furthermore this article was written mainly in regards to French and European laws. Readers should consult their local laws and contact an attorney to obtain advice with respect to any particular legal matter.

When we talk about stalking, we mean watching or spying on someone remotely, using digital tools. We can distinguish two hypotheses:

  • The case where the victim and the stalker know each other personally and intimately;

  • The case where the victim does not personally know the person watching him/her online.

It should be noted that this surveillance can go beyond the digital tools and also result in actions in real life.


Identify all the elements


The common point for both cases is the same as in the previous articles: before deleting anything, collect and archive all items. If you find spyware in your devices, make at least screenshots of the applications found, with all the technical details.


The known stalker


This is usually a person with whom the victim has had a very close relationship: former spouse or current spouse. We use the masculine by default, but victims can be of either sex, just as stalkers can be either male or female. Finally, this situation is not unique to heterosexual couples.

The common denominator is the victim's access to intimacy: his or her place of living, but also his or her digital devices, daily habits, address book, etc. How does this materialize? Usually, the victim has the impression that his stalker knows exactly where he is, who he is with, when he goes to a specific place, etc. The victim has the impression that his stalker knows exactly where he is, who he is with, when he goes to a specific place, etc. Obviously, the victim has not previously said that he or she is going to this or that place, or that he or she is going to see this or that person. Nor did they post the information on social networks.

In this case, the most likely hypothesis is that the victim's cell phone was unwittingly equipped with spyware. Called spouseware or stalkerware, it is used to spy on spouses using smartphones. To be installed, you must have physical access to the phone and know the phone's unlock code.

The first step will therefore be to analyze the cell phone, in order to search for a possible application. For Android type devices, we refer the reader to this article from Malekal which explains the procedure of detection, but also cleaning.The article is in French but you can use DeepL to translate it. For iPhone owners, you can follow this guide

Most of these softwares have a big flaw: they drain the batteries. If your device discharges faster than usual, while your use is not excessive or unusual, check if it is not equipped with such software.

If you have found spyware on your devices, change all the passwords for the different services you use. Try to make backups of documents, music, videos, in order to make - if it is possible and does not cause you to lose software or operating systems - factory restorations. Your machines will start from scratch and any spyware will be erased from your system.

Also consider disabling or better yet, caching your laptop's webcam and disabling wireless devices (WiFi or Bluetooth) when you are not using your devices.


The unknown stalker


The unknown stalker is the one you don't know in real life, but who knows you through the traces you leave on social networks. This is the typical example of OSINT misuse: you use the tools to spy on someone, with malicious intent.

If you are confronted with this situation, set all your social network accounts to private or restricted access. Also remember to disable geolocation and avoid using your social network accounts to access other services. For example, Discord allows you to connect your account on the platform to your Facebook, Twitter, GitHub or Spotify account. This may sound cordial and harmless, but it can allow malicious people to collect information about you.

The stalker may also try to get you to install spyware, either on your computer or smartphone. On your computer, generally speaking, current antivirus software is well enough designed to allow you to avoid them. On mobile devices, especially smartphones, this is often done via rogue SMS messages. The latest new feature is malicious links sent via messaging services such as Telegram, WhatsApp or Signal. Whether it is PayPal, Amazon or La Poste or a banking service, SMS never replaces the information available on your personal space. So do not click on the link and go directly to the account of the service concerned.

Another parry consists in inciting the victim to install himself a malicious application, outside the official store of his device, PlayStore or App Store. Fortunately, these applications don't work without jailbreaking iPhone phones or enabling the "Unknown sources" option for Android phones. Never break the security of your device, it will make it vulnerable and you with it.

What about unsolicited private messages on Twitter, Facebook, LinkedIn and other social networks? You can set up your account to not receive messages from people you don't follow and block impetuous messages so they don't bother you anymore. On Facebook, by default, messages from people you are not friends with are stored in another tab of the messaging system, a tab that is very easy to forget.

For calls and SMS, if your stalker always uses the same number, you can blacklist him/her directly. As for emails, you can place it directly in spam or configure a filtering rule with ThunderbirdThis filter also exists on Outlook. . If it uses different phone numbers, see the article on doxxing


False Wanted Notices


On social networks, especially Twitter, people sometimes leave messages with a picture saying that their sister, cousin or other family member has been missing for a few hours, without giving any news. The messenger asks to be sent all relevant information to find the missing person.

Unfortunately, this may be a false missing person report. Stalkers call upon the solidarity of Internet users to collect interesting data, if only to find out where the person is in real time.

If you see search notices on the Web, only share them if they come from the police, the prefecture or the "serious" press. Although time is very precious when it comes to real disappearances, it is best to take certain precautions.


The legal rule


The difficulty with stalkers is that they generally do not come into direct contact with the victim. They are content to follow the victim from a distance, either online or in real life. This means that you can't know in advance that you're being spied on and it's difficult to take legal action.

But if you discover spyware, receive insistent messages or messages that make it clear that you are being spied on, you have a material element and you can file a complaint or at least a handrail. In the specific case of spyware, under French law, this can be severely punished.

Ajouter un commentaire