Open-Source Intelligence (OSINT)

• Aggregates publicly available data (websites, social media, official announcements) on purported lotteries, timeshares, or inheritance processes.
• Assists in verifying whether advertised schemes are genuine or part of advance fee fraud by uncovering discrepancies or confirming there is no legitimate underlying entity.

• Combines public records, news articles, and local sources to verify actual farming operations or the legitimacy of NGOs/foundations claimed to support agribusiness.
• Identifies whether agribusinesses exist in remote or non-productive locations and reveals any lack of real activity.
• Detects potential shell foundations or NGOs by confirming or refuting reported philanthropic or operational activities in the agricultural sector.

• Collects publicly available information, including any dark web affiliations, onion addresses, or marketplace references.
• Assists in correlating anonymized financial transactions with reported dark web activities, identifying potential links to illicit marketplaces or hidden user identities.

• Provides publicly available information on auction house policies and participant identity requirements, uncovering potential gaps in AML controls.
• Identifies private or sealed bidding processes that facilitate anonymity and hinder oversight.
• Supports investigations by revealing unregulated or high-risk auction platforms frequently used to conceal illicit funds.

• Collects publicly accessible data from websites, social media, and news reports to verify the legitimacy of individuals and agents.
• Uncovers unlicensed intermediaries or suspicious practices in CBI/RBI applications, including inflated fees or questionable accreditation.
• Supports AML detection by revealing the presence of fraudulent or non-compliant advisors and identifying red flags in applicant backgrounds.

• Verify the physical presence, staff, and operational legitimacy of the captive insurer.
• Uncover external media or public records revealing nonexistent offices, fake claim events, or questionable business backgrounds of key personnel.

• Collects publicly accessible information, such as social media, online forums, and web content.
• Identifies discussions or recruitment postings for underground cash courier or informal money-transfer networks.
• Supports AML investigations by uncovering potential relationships or organizational structures that facilitate bulk cash smuggling.

• Publicly available information from social media platforms, websites, and online forums.
• Detects suspicious activities or communications referencing the grooming and exploitation of minors, enabling more targeted financial investigations.

• Compiles publicly available information, such as online forums, auction listings, and dealer credentials.
• Supports verification of claimed provenance and valuation for collectibles, detecting inconsistencies or missing documentation.
• Identifies unverified or questionable dealers lacking legitimate track records.
• Cross-references external data to confirm the authenticity of claimed sales or the existence of particular high-value items.

• Aggregates publicly accessible information, including social media posts, online marketplaces, and specialized forums.
• Can reveal possession or advertisement of counterfeiting equipment, suspicious behaviors, or associations not captured in traditional banking data.

Includes public data from websites, social media, and other open channels, enabling the monitoring of unregulated online marketplaces, suspicious digital advertising, and unverifiable pharmaceutical brand promotion to help detect counterfeit medicine networks.

• Aggregates publicly available information about decentralized bridge platforms, including KYC policies and user experiences.
• Allows investigators to identify minimal-KYC or non-compliant bridges used to facilitate illicit cross-chain transfers.
• Supports enhanced due diligence by verifying public disclosures (e.g., social media, community forums, platform announcements) around cross-chain services and user activities.

Provides publicly available reference data on market pricing for virtual items, external RMT platforms, and user activities. This supports the detection of inflated or irregular pricing structures and the identification of unregulated marketplaces facilitating cross-platform trades.

• Gathers publicly available data from social media, news outlets, and official campaign pages.
• Assists in validating the authenticity of fundraising narratives by identifying vague or inconsistent details.
• Helps detect multiple campaigns operated by the same entity or overlapping beneficiary information.

• Identifies cloud-based or remote mining providers widely reported to have negligible KYC or AML controls.
• Correlates negative news, user reviews, or regulatory warnings about mining platforms that bad actors exploit.
• Provides context on emerging trends, enabling investigators to pinpoint newly listed unregulated mining services.

• Open sources may reveal campaigns, lists of affected victims, or known malware signatures.
• Helps supplement investigations with public reporting on cryptojacking incidents, associated wallet addresses, or attribution data (e.g., from security research or threat intelligence).

• Aggregates publicly available information on custodial mixer operators, including location and regulatory status.
• Assists in identifying mixers operating in jurisdictions with minimal AML oversight or those flagged for illicit activities, thereby supporting enhanced due diligence.

• Provides publicly available data on phone numbers, domain registrations, IP addresses, and other digital footprints.
• Enables verification of newly registered domains or unrecognized phone numbers used in deepfake impersonation attempts, helping flag suspicious contact points not associated with legitimate account holders.

Includes publicly available information from websites, social media, and news outlets about third-party developers or software tools used for transaction manipulation. Investigators verify whether external parties are offering or facilitating digital document forgery or unauthorized transaction editing.

• Publicly accessible information from media outlets, websites, and social platforms.

Open Source Intelligence (OSINT) can uncover reports of unusual diplomatic shipments, abuses of immunity, or repeated diplomatic pouch usage to transport financial instruments, aiding investigators in corroborating suspicious activity claims.

Encompasses publicly available data from websites, social media, news outlets, and public records. This information helps identify duplicate product listings, verify inconsistent business claims, and detect newly established websites with suspiciously high transaction volumes or minimal online presence, revealing potential fraudulent e-storefronts.

Collects publicly available information (e.g., company websites, social media, business directories) to verify vendor legitimacy. Discrepancies between claimed vendors on expense reports and publicly documented entities can reveal shell or non-existent vendors used for fraudulent expense reimbursements.

• Collect publicly available information from job boards, social media, and other online platforms.
• Aid in detecting unrealistic recruitment ads, mass unsolicited offers, or suspicious online communication patterns.
• Help verify employer legitimacy and identify posts referencing quick payment processing jobs with minimal skills required.

OSINT involves gathering publicly available information from websites, social media, and other open sources to verify a firm's actual business presence, operational footprint, and staff. These details help identify virtual or shell offices that may indicate a fictitious consulting setup.

• Data Provided: Publicly available information from social media, news outlets, and other open data sources.
• AML Relevance: Helps detect nonexistent or dubious employment histories and spot red flags like fake profiles or inconsistent public records.

• Aggregates publicly accessible data such as brand information, corporate announcements, and product authenticity details.
• Allows verification of claims about jewelry origin, quality, or business legitimacy by cross-checking publicly available information.
• Assists in detecting misrepresentations or contradictions in advertised versus actual business operations.

• Gathers publicly available data from social media and other online platforms regarding campaign details, user aliases, and beneficiary information.
• Enables monitoring of altered or repeatedly re-launched fundraising campaigns, revealing potential deceptive practices in fraudulent social media fundraising.

• Includes public records, website data, and social media posts to verify physical premises and examine the legitimacy of stated operations.
• Detects inconsistencies when businesses claim active operations at addresses that appear vacant, shared, or virtual, suggesting a possible front.

Publicly available data from social media, news sources, and other online platforms can confirm or contradict customers' submitted personal details. This information helps identify inconsistencies or evidence of stolen or fabricated identities involved in identity manipulation schemes.

Aggregates publicly available data from news outlets, social media, and websites to identify reported incidents of artifact theft, looting, or suspicious auctions. This information can verify or refute provenance claims, highlight known smuggling networks, and reveal any publicly documented controversies related to the parties or artifacts.

• Aggregates publicly available data from forums, marketplaces, and social platforms where in-game currency or items might be traded at unofficial exchange rates.
• Helps investigators link accounts or individuals advertising or conducting illicit third-party exchanges, facilitating the detection of unregulated trades.

• Aggregate publicly available information on intermediaries or brokers, including websites, social media, and news sources.
• Verify regulatory status and licensing, identifying potential unlicensed or complicit operators.
• Check for negative media coverage, historical sanctions, or collusion.

OSINT investigations support detecting rogue or uncredentialed brokers who may facilitate illicit annuity schemes.

• Publicly available information from websites, social media, corporate registries, and news outlets.
• Helps verify the investment company’s stated operations and legitimacy, flagging minimal online footprints or contradictory public information indicative of shell or front entities.

Includes publicly accessible information from websites, social media, and forums. This data helps scrutinize promotional claims, track abrupt changes in disclaimers, and analyze recruitment tactics used in fraudulent 'guaranteed return' investment schemes.

Publicly available information, including news articles, corporate websites, and social media, can reveal contradictions in a fund’s declared operations, beneficial ownership, or performance claims, potentially exposing manipulative practices.

Provides publicly accessible data—including social media, press releases, and NGO/grant registrations—that can validate or refute claimed philanthropic activities. In the event of sham NGO or foundation usage within agribusiness or charitable contexts, OSINT helps confirm the absence of genuine charitable operations.

• Includes information from public websites, social media platforms, and news outlets, which may contain misleading or false statements regarding securities or assets.
• Helps detect pump-and-dump schemes by identifying coordinated promotional campaigns or negative disinformation that artificially manipulates market sentiment.

• Aggregates publicly available data from news outlets, social media, and official publications.
• Enables correlation of reported match anomalies or rumored bribery incidents with suspicious betting patterns.
• Supports gathering additional context on participants, events, and potential integrity breaches tied to match-fixing.

• Gathers publicly accessible information from media, websites, and social platforms to confirm affiliations and identify risks.
• Verifies connections between payers and individuals employed by border or port authorities who may be complicit in smuggling.

• Includes publicly accessible data from social media, forums, and websites advertising quick-money schemes or job offers targeting potential money mules.
• Provides insights into mule recruitment networks and communications, enabling analysts to cross-reference online postings with individuals opening new accounts.
• Reveals social media patterns or user interactions that indicate potential involvement in organized mule activities.

Collects publicly available information from websites, social media, and online forums to identify suspicious or misleading job postings that promise easy income for transferring funds, a key indicator of money mule recruitment.

Cross-searching social-media handles, leaked-credit databases, and genealogy forums uncovers maiden names, kunyas, or transliteration variants that the customer failed to disclose—linking them back to historic SARs.

Aggregates publicly available information (e.g., websites, social media, news) that may reveal unregulated money exchangers, informal networks, or references to off-the-record currency exchanges. By examining this data, investigators can identify key players or brokers facilitating NEP.

• Gathers publicly available data from the dark web, social media, and other sources, including listings of stolen gaming assets.
• Assists in correlating suspicious in-game items, compromised accounts, or large-scale item theft with potential laundering schemes.

• Provides domain registration details, social media, and public postings.
• Enables checks for newly registered or impersonated domains and unrealistic online job adverts.
• Helps identify phishing or scam recruitment tactics pointing to money mule recruitment schemes.

• Gleans publicly available information from social media, online forums, and websites to verify personal or business claims.
• Identifies negative news or scam alerts about fraudulent trading platforms promoted in pig butchering.
• Corroborates suspicious relationship-building activities or questionable investment endorsements.

Publicly available information from news outlets, social media, and maritime forums regarding piracy incidents, ransom demands, or facilitators supports investigations by revealing potential networks, negotiation patterns, or newly emerged suspects tied to ransom laundering.

• Involves publicly available information from websites, social media, and news outlets.
• Helps confirm whether any genuine promotional or marketing campaigns actually occurred, thereby detecting fabricated or nonexistent sponsorship activities used to launder illicit funds.

• Consists of publicly available records, including news articles, social media, and official announcements, useful for verifying claimed lobbying activities.
• Allows cross-checking a lobbyist’s or donor’s public profiles, ensuring stated political or advocacy engagements are genuine.
• Detects inconsistencies between reported lobbying expenses and verifiable public events or hearings.

Captures public-facing information on promotional activities, referral campaigns, and network-driven recruitment. This helps reveal the marketing and recruitment patterns typical of a Ponzi scheme and uncovers social media or online platforms used to solicit new investors.

• Gathers publicly accessible data from news outlets, social media, and investigative reports.
• Provides insights on private couriers, hidden shipment methods, or emerging smuggling trends related to precious commodities.

• Aggregates public information from websites, social media, forums, and surface or dark web listings.
• Detects advertisements for precursor chemicals, equipment, and potential leads on supplier or broker networks.
• Assists in investigating suspicious entities and verifying the legitimacy of claimed business operations.

Collects publicly available data from news articles, social media, corporate announcements, and other open platforms about professional intermediaries. This enables investigators to uncover adverse information, suspicious associations, or regulatory red flags linked to these service providers.

Aggregates public data, such as news articles, social media, and publicly available records, on individuals and entities.

• Verifies if recipients labeled as charity, donation, or membership fee beneficiaries are actually paramilitary or extremist groups demanding protection payments.
• Helps confirm or refute suspicious affiliations not evident in internal banking data.

Aggregates publicly available information, such as social media, news reports, and web content, to verify declared ownership structures and identify undisclosed relationships. This process helps uncover adverse media or hidden affiliations that may confirm proxy arrangements.

• Provides reference data on known Tor exit nodes, proxy IP addresses, and suspicious hosting services.
• Enables cross-checking of session and transaction IPs against publicly documented anonymizing networks.
• Helps investigators identify IP ranges frequently associated with criminal or high-risk proxy usage, thereby enhancing AML detection and investigation capabilities.

• Gathers publicly available information, such as local building regulations, licensing data, and contractor business profiles.
• Enables verification of contractors’ operational histories and reported construction projects, identifying fictitious or unsubstantiated renovation claims.

• Gathers publicly accessible data such as online profiles, social media posts, and scammer blacklists.
• Assists investigators in correlating suspicious account usage or identities with known romance scam masterminds or commonly reported ruses.
• Facilitates cross-referencing of personal details against widely circulated romance scam scripts or flagged recruiter profiles.

Includes publicly available data from websites, social media, forums, and news outlets. Investigators can detect abrupt project website shutdowns, unverified or anonymous online personas, and social media hype campaigns, which are warning signs of a rug pull. OSINT also helps verify project claims and track online footprints that may reveal fraudulent or rapidly abandoned crypto ventures.

• Publicly accessible information from websites, media outlets, social networks, and industry directories is used to verify whether purported licensing authorities or documents exist and match official references.
• This enables the detection of fabricated credentials or organizations by cross-checking claimed sector compliance against recognized regulatory bodies and published industry standards.

• Gathers publicly available information from websites, social media, and other open data sources.
• Assists in detecting online advertisements or solicitations of sexual services, linking them to illicit financial flows.

• Aggregates publicly accessible data from websites, social media, news articles, and other open records.
• Confirms whether a listed company address is merely virtual or a mailbox service, indicating potential misuse of a shelf company lacking any real operational footprint.

• Incorporates publicly available information—websites, social media, public records—to verify claimed operations.
• Identifies lack of valid business premises, employees, or other signs of a functional enterprise.
• Corroborates (or refutes) reported commercial activities for shell company detection.

• Gathers publicly available social media data, online postings, and user reports.
• Identifies suspicious recruitment ads, scam alerts, or negative coverage regarding purported social media 'employers.'
• Correlates the timing of job postings or discussions with observed account activity, supporting direct linkage to money mule schemes.

• Data elements: Publicly available information, such as player market valuations, club ownership disclosures, media reports on sponsors, and industry analytics.
• AML Use: Enables cross-referencing public player valuation benchmarks, confirming sponsor legitimacy, and verifying reported attendance figures, helping to detect artificially inflated revenues and questionable sponsor arrangements.

• Verifies the legitimacy of registered business addresses, revealing virtual offices or mail-drop services.
• Corroborates the absence of genuine commercial premises.

This helps confirm ephemeral shell companies that lack a real operational footprint.

• Aggregates publicly available information such as social media updates, domain registrations, corporate announcements, and other online data.
• Validates project documentation and team credentials by comparing them against credible sources and identifying plagiarized materials.
• Detects sudden removal or alteration of websites or social media profiles, signaling potential exit scams or fraudulent conduct.

• Gathers publicly accessible information from news outlets, social media, and community forums that may reference unlicensed or underground gambling venues.

• Identifies local reporting on illicit activities, neighborhood complaints, or advertisements for unregulated gambling, supporting investigations into hidden or unregistered operators.

Leverages publicly accessible data sources, such as domain registrations, website content, and contact details, to identify suspicious overlaps or entire absences of legitimate activity associated with virtual enterprises. OSINT can reveal multiple entities sharing identical addresses, phone numbers, or other corporate details, suggesting potential shell setups.