Solving financial crime plagues investigators, but open-source intelligence methods could be the key to saving billions annually.

Financial crime (FinCrime) is a general term that refers to any illegal activity that leads to acquiring money or other assets from a victim. The victim could be an individual, a company or even a government. As the world becomes increasingly connected and contactless payment transactions become widespread, financial crime has broadened to include all illicit activities involving money schemes. As payments move increasingly virtual, open-source intelligence (OSINT) can be the lynchpin to solving these persistent offenses.  

There are several types of FinCrime. Here are the primary types:

  • Tax evasion
  • Embezzlement
  • Money laundering activities
  • Counterfeiting
  • Terrorist financing
  • Sanction evasion
  • Cybercrime, such as ransomware and other digital extortion types
  • Fraud

As we note, the scope of FinCrime is widespread and ranges from a single person conducting fraud to large-scale operations that involve organized criminal groups and foreign governments. A recent study by Deloitte found that the amount of money laundered each year is estimated to range from 2 to 5% of global GDP, equal to €1.87 trillion annually. This study shows the significant problem caused by FinCrime and the importance of tracking it efficiently by financial organizations and governments worldwide.

Regardless of the type of FinCrime or the perpetrators conducting it, OSINT can play a critical role in mitigating and discovering this type of criminal activity.

In this guide, I will discuss how OSINT can be leveraged to investigate FinCrime, and I’ll list numerous tools and online services that aid OSINT gatherers in achieving this. The guide will be divided into two parts, the first dedicated to investigating individuals and the second for organizations.

Advantages of OSINT for financial crime investigations

OSINT can help investigate FinCrime in different ways:

  1. Discover hidden assets of individuals, organizations and governments that could be purchased to launder money or to evade imposed sanctions
  2. Track cryptocurrency transactions via public blockchain ledgers
  3. Connect various online entities (websites, email addresses, files) to discover hidden relationships
  4. Search large volume of leaked databases that could contain valuable information about the entities we are tracking
  5. Gather information from social media platforms and internet messaging channels such as Telegram to discover cybercrime activities
  6. Inspect darknet marketplace to track money laundering activities and other illegal marketplaces used to sell stolen credentials that could be used later to commit financial crimes
  7. Monitor criminal networks that sell counterfeited products and money via the internet
  8. Discover ways sanctioned entities use to evade sanctions imposed by Western countries
  9. Perform background checks about individuals and organizations before engaging in business relationships with them

Key OSINT techniques and sources for conducting financial crime research and investigations

Investigating cases related to FinCrime requires a plethora of tools, online services and search techniques. In this guide, I will mention the primary tools that can be used in different investigative scenarios.

Track an individual's digital footprint

Most people have one or more social media accounts. We can get information about anyone worldwide by checking their activities on social media platforms. OSINT techniques can be used to investigate social media profiles and gather helpful intelligence that helps investigators profile their targets to discover illegal FinCrime activities.

Find all social media accounts belonging to one user

Most internet users tend to use the same username or handle across different social media platforms. We can use a dedicated online service to find all social media platforms used by the same username. Here are two popular services:

Verify mailing addresses

We can verify the mailing addresses of persons and companies using different techniques, such as:

  • Google map and street view
  • For the US addresses, we can verify a particular mailing address via US Postal service and Census Bureau
  • Perform a reverse address lookup using search engines like intelius and Truthfinder; these services are more efficient than trying to search public databases yourself
  • Check target social media profiles like Facebook, Twitter (now known as X) and LinkedIn

Search phone numbers

If you do not know a person's phone number, you can use the same services mentioned above (verify mailing address) to find their phone. However, if you have a phone number and you want to see who owns it, then use these services:

Search email addresses

If you have someone's email address, then this could be a great starting point. For example, we can conduct these searches when knowing the subject email address:

  • Search previous data breaches to see if the email was included in one of them. Here are two services for searching breached information:
  • Some people use their email handles as a basis for their names on social media platforms — remember this tip and use it!
  • We can send a tracking email to the target email address to collect various technical information about it, such as IP address, date/time when they opened the email, and device info (operating system and email client type). If we successfully acquire the target IP address through email tracking, we can perform a reverse IP search to discover further information about this IP address. Tracking emails work by sending an email containing a transparent tiny image. When opened by the recipient, it will collect various information about their device. Most email tracking software is commercial, so I will not recommend one
  • Search for the email address on Google and other dedicated email search engines like Hunter to find associated content with this email

Inspect geolocation data

Social media posts can indicate a person's geographical location, but this should be carefully verified. Images posted on platforms like Instagram can contain metadata with GPS coordinates pinpointing where a photo was taken. Here are some tools to investigate image metadata:

Authentic8’s solution for financial crime investigations, Silo for Research, includes a built-in EXIF data viewer. Learn more about Silo Image Metadata Viewer >

Monitor internet messaging channels

Criminals use internet messaging (IM) applications like Telegram for communication and file exchange due to their anonymity. Searching for potential targets within these channels and performing keyword searches to uncover leads within Telegram channels is crucial.

Here are some online services to make OSINT on Telegram:

  • Telegramchannels: Directory of the best telegram channels, groups, and bots
  • Telegrammic: allow searching within Telegram channels
  • Tgdir: Another Telegram directory
  • Lyzem: Search on Telegram for a specific keyword (see Figure 1)
  • Telegago: Search Telegram chats by keywords
Screenshot of yzem search of Telegram channel contents
FIG 1 | Using to search within Telegram channel contents

Search court records

Court records can reveal important information about individuals and companies involved in previous lawsuits or were a part of any kind of legal proceedings, such as witnesses, defendants, victims and associated entities.

For example, by checking court records, we can reveal:

  • Hidden assets and wealth of persons and organizations
  • Alternate names of individuals
  • The criminal history of the entity under investigation, which gives a clear clue about their reliability and good conduct
  • Verify identities — for example, by reading court documents, we can identify the mailing address, phone numbers and date of birth, among other sensitive information
  • Court records can reveal money transactions between the defendant and other parties, which will lead to revealing more associations   
  • Leads to additional information found elsewhere

Here are some places to start our search in court and criminal records:

Property records

Property databases provide vital information when investigating FinCrime cases of people and organizations. For instance, verifying asset ownership helps in tax and sanction evasion investigation cases. Rich persons connected to governments in oppressive regimes tend to purchase luxury assets in Western countries to launder money, and discovering asset ownership can greatly help in this area.

Other benefits of using property search are:

  • Identity verification: Some property databases will reveal the owner's personal information, such as phone, mailing address and date of purchase, among other info; this helps OSINT gatherers to cross-reference this information with other sources
  • Mailing address verification: The property database will commonly contain information about the owner, such as their mailing address, which will help to verify the target person's address if we got it from another source
  • Measure financial health: Property search can be used on the good side, not just for tracking tax evasion and criminals; for instance, the acquisition of high-valued properties will give a clear sign about individuals’ and companies’ wealth, which banks and other financial institutions can use as a measure of their financial stability
  • Discover other connections: Property search helps discover if a particular person or business owns the property they claim to have; for instance, many companies reside in rental premises to save costs. By knowing the actual owner, we can discover business relationships between different parties

These were some of the benefits of using property databases; here are some online services to start your actual search:

Here, we’ve seen how OSINT can be leveraged to check persons' backgrounds to reveal valuable information for financial crime research and investigations. 

Remember to stay secure and anonymous while you research. Protect your identity and the intent of your investigation with a purpose-built managed attribution platform like Silo for Research. 

Financial crime OSINT research Social media