Identity theft through OSINT/social engineering presented at grrcon 2017

by Zee Abdelnabi,

Summary : This talk will demonstrate how easy identity theft has become because of OSINT and the ability to easily social engineer and grab meta data. It will cover how an attacker uses OSINT to build targeted attacks. How an attacker builds a profile using software to represent their data about you. How an attacker uses data points to pivot from one source to another online. The target was a random target that was picked. Not only does it cover his current activity but his cached activity which enables attackers to target him. The story will show how an initial search to a complete PWNAGE was done on the individual because of a random blog that was discovered. This talk also shows how easily I was able to find his company’s email format, private IP addresses which could of completely allowed me to own his companies network because his company allowed BYOD. It will cover how you can better prepare and protect yourself.