HOW TO DOX A SCAMMER USING OSINT | The Zeartul Example

in steemit •  7 years ago 
(Disclaimer: All information provided in this post has been pulled from publicly available data. This post is for educational purposes only)



osint-STEEMIT-MASTER-TITLE-PIC2.jpg

OSINT stands for Open-Source Intelligence and is the task of collecting and analyzing publicly available data on someone or something gathered from public, and open sources. OSINT is primarily used by national security, and law enforcement agencies but can also be used by anyone as all the tools used are publicly available. Below is an excerpt about OSINT from the CIA's own website:

cia.jpg
Source



If you ever find yourself in a position where you need to know someones information for some reason you'll first need to find a breadcrumb of personal information about the person or their family/friends. In this post I will be using the scam artist known as Zeartul as an example. First I found this post from a few months ago by @steembusiness introducing Zeartul as a witness. In this post he talks a little bit about Zeartul's personal life.

Random Witness Introduction: @Zeartul - A New Witness Among Us | Steemit - 08/23/2017

As @zeartul is one of the few witnesses actually posting something about his real life I simply have to include some of it in here to make him more vivid for you. He seems to be very passionate about fitness, which might be encouraged by the fact that his girlfriend is working as an instructor and running her own fitness video-channel (Eventually to be seen on Dtube soon).



In the post above the author provides a bit of info about Zeartul's girlfriend which was all that was needed to begin with. Next I went looking for any references to Zeartul's girlfriend in any of his previous Steemit posts. Sure enough he links to his girlfriends You Tube fitness page in a post he published about a week before SteemBusiness wrote his post about Zeartul.

Intro~My Fitness Obsession (Itzzia Polanco) My girlfriends video coming to steemit! | [Steemit] - 08/13/2017

I wanted to share one of my girls video of her fitness journey, that she uploaded on youtube a while back, she will be coming to steemit real shortly!

She is a fitness coach at one of our local gyms,

In the post above Zeartul linked to a video from his girlfriends Youtube channel. Looking at her 'About Page' reveals her other social media accounts. I should just point out that as far as I know Zeartul's girlfriend has nothing to do with his scamming but she does need to be included in this post as her Facebook was the crucial link in finding Zeartul in the first place.



Searching her Instagram doesn't reveal much apart from confirming she is the same woman and that she works in a fitness studio. Looking through her Facebook posts reveals her city (Simi Valley) and a recent photo of her and Zeartul indicating she is currently in a relationship with Zeartul. We can confirm this is Zeartul by cross referencing known photos of Zeartul in this blog post about him.

z-and-gf.jpg




Although we have now confirmed this is Zeartul's girlfriend we still needed to confirm his name. So looking down her FB post history at the likes and comments on some of her Facebook pictures turned up someone called Carlidos Cardenas.

itzia-old.jpg

Since my last post Zeartul has changed his Facebook name from Carlidos Cardenas to Nathans Oldman. fortunately I archived his profile before he had a chance to change it.

itzia-new.jpg
Source

Below is an archived version of Carlos Cardenas original Facebook profile before he changed his name to Nathans Oldman. As you can see his avatar is of him and his girlfriend. Here is an archived link to the new Nathans Oldman Facebook page

Source



Finally we searched for Carlidos Cardenas on White Pages, a data broker website. This returned a couple of variations of his name. Carlos Cardenas was one of them.

carlos-WP.jpg
Source


To confirm this was the correct person and address I searched for his girlfriends name on the same website and sure enough searching his girlfriends name returned the same address.




As I briefly stated at the beginning, this post is meant for educational purposes only. It provides an example showing how easy it can be to find out someones details and why you should never use your real name and details online. It should also hopefully act as a deterrent to anyone thinking of scamming people online. The moral of the story is if you're going to be stupid enough to scam people online don't use your real name, and don't do it on an uncensored, decentralized platform like Steemit.com.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Great job! Now which one of the victims will step up and report his theft to the Simi Valley Police to get the ball rolling?

Cracking job @fortified
Staying anonymous is essential when online IMHO especially when disseminating the truth. It astounds me how much private information people put online.
Just yesterday I saw an intro post where the girl gave her place/date of birth, full name and place she works and lives!
WTF is wrong with people?

  ·  7 years ago (edited)

I'm a privacy advocate. Doxxing is not cool, especially on a blockchain where information is permanently registered. Giving you a little downvote, because I don't think such practices will solve any problems.

  ·  7 years ago (edited)

This guy provided enough of his own information out there on the blockchain and then went and scammed people. Based on his history, he's also a lifelong scammer who doesn't seem to think himself capable of earning money honestly. Fair play imo.

  ·  7 years ago (edited)

totally, that's why his girlfriend, which has nothing to do with this, is now publicly exposed, both through her full name and her face and possibly address, to hundreds of people that hate her boyfriend. Nice, way to go steemit

He involved her on his own accounts here.

On a platform that thrives on transparency. 😉
"Doxxing" I consider a mean and spiteful action.... Sometimes though it's simple justice.... Fraud and theft, simply exposing a criminal.

  ·  7 years ago (edited)

It thrives on transparency about the transactions and blockchain operations, not people's private information. If you want privacy violations, make a stop at Facebook

Actually none of that information was private.

True, this was all information that he self published for public consumption. It's right in the title of the post "open source".

But steemit is not really private. If you want a private Social network there are some sites on tor for that.

[-]drakos, are you kidding me? if someone took all your steem and money. you would do the same to find out who did it.

Yes I would do my own research to find out who he is, but I wouldn't dox him publicly. I mean now that his identity is known, what's next? Send someone to his address to punch him in the face? Is anyone taking any measures to visit or sue him?

yeah nothing can stop that. but i think people get doxxed for a reason. i cant see someone putting up innocent peoples info and then someone go do something to them

  ·  7 years ago (edited)

i cant see someone putting up innocent peoples info and then someone go do something to them

yeah, like that one time some kid got doxxed as the Boston bomber, even though he wasn't and turned out he actually was missing and dead. totally didn't traumatize his family.
What a naive statement!

Would you share the information you collected with the other people he defrauded? How?

A great many people were defrauded by @zeartul, and I don't think @fortified has an obligation to @zeartul to conceal his identity while helping those people get their money back, or at least to know who took it.

To hold back that information from folks that you know were defrauded could be considered a crime itself: misprision of a felony.

Given this is a criminal matter on a decentralized blockchain where the community is supposed to resolve issues without centralized powers, this is the only solution.

This isn't doxxing. It's solving a crime. Do acknowledge the difference, because he owes people on Steemit money he deliberately stole, and counted on not being named to get away with the crime.

In this case, revealing his name is necessary to enable his crimes to be compensated by him.

Some day, he may decide he wants to be morally upright, and being able to compensate those he's stolen from might become important to him. Since this may be the only way those people can make their availability for refunds known to him, he might actually be grateful for that opportunity, should he become a morally upright person.

If not, they have a right to know who he is so they can get their money back.

tl;dr this isn't doxxing. It's justice.

  ·  7 years ago (edited)

This isn't doxxing. It's solving a crime.

so you're advocating vigilantism. great. The truth is people invested money in a dubious scam and should've done their research, it's their fault and they should own up to it, not become fucking crybabies. The blockchain wasn't made for that kind of people. Code. Is. Law.

I am totally advocating decentralized operations on Steemit, including resolving tort actions. If you call that vigilantism, then you so define all decentralized operations to resolve such criminal matters.

Code is fact. Code is fungible. Code is broken, and flawed, and needs to be fixed all too often. It is not the equivalent of 'Thou shall not kill'. Don't steal isn't something that can be embedded in code.

Therefore redressing grievances is something that needs to happen, since code can't prevent it.

I am not hearing people crying over their lost SBD's. I do consider buying votes a morally hazardous practice, so I don't do it. That doesn't mean that people who are suckered into scams shouldn't be able to redress their greivances. It means I didn't lose any damn money when @zeartul cleaned out @bellyrub and bailed the platform.

Are you claiming that every votebot on the platform is a scam? If so, the community should remove them from the platform, just like every other scammer, spammer, and plagiarist. I don't think votebots are criminal by default, and given that folks like @aggroed and @berniesanders run votebots, I think there is damn good reason to say that votebots aren't dubious scams. Neither of them has scammed anyone, and equating votebots with scams is slanderous.

Votebots are unsafe presently, because there are no mechanisms that have evolved - due to instances like this, that create perception of the need for them - to secure peoples investments in buying votes.

Regardless, decentralized tort resolution is necessary on decentralized platforms that involve fiduciary matters, and spewing ad hominems like 'vigilantism' isn't useful.

As much as you revile crybabies, I detest thieves and psychopaths incapable of empathy.

Make of that what you will.

  ·  7 years ago (edited)

no, I call doxxing vigilantism. You advocate doxxing, thus you advocate vigilantism. Keep living in your own delusion by trying to banalise this extremely dangerous point of view.

When someone will falsely get accused of scamming , and then get doxxed before people realise the accusation was false, maybe you will understand why this is completely fucked up.

The people that'll lose money to scams will always be idiots who saw a big potential roi and went for it. People that can get their lives destroyed by doxxing, however, may be completely innocent and just happen to be falsely accused.

Despite my best effort to see things from your point of view, and I can certainly empathize regarding innocent victims of doxxing, I just can't see how you can have any realistic expectation that people who have been defrauded should be unable to pursue recompense.

You completely fail to elucidate a realistic alternative, which is just encouraging the current protocol. Your only criticism of the current protocol is that mistakes can happen.

Name any mechanism, in any social institution, in which mistakes can't happen, and be bad.

If you expect people that have been defrauded to do nothing to recover their money, your opinion is so divorced from reality it is meaningless. Propose a reasonable, functional alternative, point to clues to such, or be ignored as irrelevant.

Because expecting people to do nothing is irrelevant. It's not even remotely reasonable.

  ·  7 years ago (edited)

If you expect people that have been defrauded to do nothing to recover their money, your opinion is so divorced from reality it is meaningless.

have you read the bitcoin white paper? Or at least the abstract? that is exactly what I'm advocating. Decentralization comes at a price. No one forces you to spend money on bots. no one.

I exemplify that truth. I have never used a bot intentionally. I intend never to do so, at least not for votes.

Yet, I recognize that they infest Steemit. People use them for reasons, the median payout on Steemit is $.01, and this drives people to seek upvotes from bots.

This drives profits into the coffers of SP delegators, and is a net negative to the platform - and Steem - but that doesn't relieve scammers like @zeartul of his personal responsibility for their frauds.

People have a right to seek redress, and they will do so, regardless of our opinions. It's gonna happen.

It's not wrong, either.

Nice post! Resteemed and following!

Wow. On one hand it is amazing how much information can be accessed online about someone. On the other hand what if someone is innocent but is wrongly accused and doxed? That would be a painful experience. Not using Zeartul as an example because there are plenty of evidence that he robbed people but someone who truly is innocent. Is there a way that someone reviews all the evidence before things escalates?

TLDR, so zeartul is a scammer?

Yes

Shit, i knew it!

Great read! recently someone named Peter Shephard scammed people via Hexabot. I hope someone can track him and report to the police!

I have performed many white hat OSINT collection projects for clients to determine the publicly accessible information signatures of executives, sensitive facilities and operations. One of the more interesting vulnerabilities out there is the Progressive Insurance website. Their auto quote system links to the Department of Motor Vehicles - DMC (in the US). So, anybody who knows your name, address and phone number (very easy to find online) can enter the info into the Progressive site and it will provide a DMC listing of the type, model, year and color of your car. A nice little OSINT tool for recognition and surveillance.