Shoplifting and organized retail crime (ORC) have become sophisticated operations that rely on data mining and cybersecurity weaknesses as much as they do on boosters and fences to steal and move physical merchandise. This makes monitoring online activities essential to loss prevention.
Leveraging Open Source Intelligence (OSINT) is the most effective way to investigate theft and survey potential threats, but effective investigations require numerous tools, specialized training, time, and more.
Here is how to effectively leverage and manage OSINT tools to strengthen your loss prevention strategy.
The OSINT Basics
Open Source Intelligence is a methodology of gathering and analyzing publicly available data to assess or investigate situations and/or individuals. In the context of loss prevention, OSINT enables LP professionals to find information about thieves who have targeted their companies or employees, and even sniff out and prevent cyberattacks or in-person thefts before they happen.
Gathering publicly available information entails much more than simply searching Google. There are three tiers to the internet: the surface, deep web, and the dark web. The surface web only accounts for approximately 10 percent of the data on the internet. The deep web refers to non-indexed pages (i.e., those accessed via web browsers but unlisted in search results). The dark web includes non-indexed pages often only accessible by specialty software (such as Tor), which frequently feature illegal information, products, and activities.
OSINT involves collecting information from all three parts of the web, analyzing patterns, finding relevant information—such as conversations about planned or executed illegal activities—and even building suspect profiles (by accessing court records, social media, and other sources). This could vary wildly, depending on your needs: OSINT encompasses everything from searching relevant hashtags and geotags on social media to accessing parts of the dark web where thieves exchange illegally obtained information, such as social security numbers, gift card numbers, and more.
Why Does OSINT Matter in Loss Prevention?
According to a 2018 report from multinational aerospace firm Thales Group: “Retail is a prime cybercrime target, especially in the U.S. Exactly half (50%) of U.S. retail were breached in the past year alone, well ahead of the Global average (36%) and nearly double Global retail (27%).”
Because the nature of retail theft is ever-changing, effective loss prevention demands a company find relevant information in a timely manner.
How Can I Use OSINT for Loss Prevention?
There are basic OSINT tools that just about anyone can use, but doing so well is another matter altogether.
Your loss prevention team might be able to handle basic search functions on social media sites such as Facebook, Instagram, and Twitter. You can perform social listening by looking for posts geotagged at a particular store, searching a certain geolocation, or using a particular hashtag. That said, it can be difficult to filter out noise, aka irrelevant social posts.
Your LP team can also utilize the surface web in theft investigations by:
- Searching Facebook Marketplace, Craigslist, and other web-based resale communities for stolen merchandise
- Building suspect profiles using social media, where thieves regularly brag about their crimes and post pictures of stolen goods
You will likely need a third-party team of OSINT investigators to search the deep and dark web to find:
- Discussion boards on which thieves share tips on shoplifting and other forms of retail theft
- Forums where organized retail crime (ORC) rings plan heists and exchange information
- Deep web sites selling fraudulently acquired gift card information, security info on retailers, and other information that leaves your company vulnerable to cybertheft
What Kind of OSINT Tool Should I Use?
There are dozens of proprietary OSINT tools on the market, and which you choose depends on the type of probe, where you’re searching, budget, and other strategic determinants, such as how much training you need.
How much training to safely use OSINT? Yes, training. It is dangerous to access both the deep and dark web. You not only need special tools (with steep learning curves), but using these incorrectly or accessing sites without proper training could compromise the security of your systems, making you even more vulnerable to ORC. Shodan, for example, is a search engine for Internet of Things-connected devices that hackers use to find compromised assets and more easily target retailers.
Turn to Zellman for Your OSINT Needs
We help clients secure financial recovery through a combination of cutting-edge forensic Open Source Intelligence and proven investigative techniques. We have been partnered with SKOPENOW® from their inception. They are an automated social media investigations platform that provides organized and actionable data. In addition, our team of investigators is certified in several OSINT tools and techniques. Contact us today.