In the course of assisting corporations with their incident response activities, we are occasionally asked to help find information about employees that might reside on the internet. During a computer exam for an employee threats case, we found activity on Facebook, Twitter, and two different webmail accounts. We captured the public facing social media pages and included them as part of our exam report.
While this is nowhere near new territory, it may be useful to compile a quick hit list of websites to quickly and efficiently build a profile of an individual's social media and internet use. In our case, if the person of interest made public threats outside the business as well as the private threats that occurred inside the business, we needed to find them as quickly as possible and make sure we had them documented.
Here are some good places to start your search:
Social Media
Free People Search
Paid People Search
- Intelius (there are many, but this one is one of the best)
Reverse Phone Number Search
The argument can be made that this type of search is outside the realm of a forensic exam, but it is still worth knowing about these sites and where they receive their information. Most of these sites have options for having your personal information removed, but there are many hoops to jump through. It may be worth starting with a site like Intelius as it feeds information to some of the other free sites. You'll never be able to remove all your information, but it might be worth a try. After you've built a few profiles on people, it makes you think twice about what type of profile someone might be able to build on you.
Matt Churchill currently manages the digital forensics practice at Continuum Worldwide and has earned the GCFA, CFCE, CCE, and CISSP certifications. Follow him on Twitter and expect more posts as he tries to earn the SANS Lethal Forensicator Coin!
.png "Anastasia Sentsova")
