open source intelligence (OSINT)

Best Practices for Sock Puppets

Creating research accounts can be a challenging task, and it often requires a lot of effort and experimentation to get it right. Trial and error is often the key to success in this process. There is no step-by-step process when setting up accounts, but these are some considerations before creating a research account; some points may seem basic but are equally important.

The best approach is to create an account as a regular user. Quick entry of email and password is critical.

  • IP Address: To avoid getting flagged by social media platforms, it’s best not to use a Virtual Private Network (VPN) when creating a sock account. After making the account, signing in from different locations using free Wi-Fi connections (like those available at coffee shops) is essential, as this will show the platform that you are a legitimate user. By using a variety of IP addresses, you’ll be less likely to get flagged.
  • Name: Use fictional details when considering a name for your sock account. Avoid using your real identity. Consider what name would blend in with your target group because you want to make sure your account stands out if you are suggested as a friend.
  • Email address: You have several email provider options (Mail.com, Gmail.com, Yandex.com, Outlook.com). Do not use a previously created email address – always start fresh and create a new email that has not been once used.
  • Phone verification: If you cannot bypass the verification, use a burner phone and SIM card to create accounts.
  • Profile photo: When choosing images to post on social media, it’s best to use generic landscapes like mountains, beaches, etc. It’s important to avoid using someone else’s identity or photos. Stock images can be helpful in some cases, but you should always crop the photo to delete any previously stored data before uploading. Social media platforms have algorithms that can detect the use of stock images, and your account may be flagged if this is seen.
  • Activity: Once your account is created, you must start interacting naturally, such as posting links, liking pages, etc. The main objective is to mimic how a natural person would use a new account and convince the platform that you are a natural person.
  • Setting/Privacy settings: Immediately review and set the privacy settings for the platform and choose the most secure privacy settings that will allow people to see as little information as possible.
February 16, 2024 by Cyber Security 0

What are Sock Puppets in OSINT

Sock puppets, or research accounts, are fictitious online identities that conceal an OSINT investigator’s true identity. They are created to gain access to information that requires an account to access. However, it is essential to note that creating fake accounts goes against the Terms of Service of some websites. Therefore, the users are responsible for reading and understanding the Terms of Service of their websites. Although creating sock puppets is not usually illegal, it is equally important to check with your organization’s policies to ensure you have permission to create and use them.

Purpose of Sock Puppets

Sock puppets are created to keep OSINT research separate from personal life. This ensures that OSINT investigators maintain anonymity and practice good Operational Security (OPSEC). It is crucial to emphasize the importance of separating an OSINT investigator’s real identity from their research accounts.

Some social media platforms, such as Facebook, may expose your identity to a target being investigated through friend recommendations. Additionally, if you use your account to conduct online research, you may accidentally like a post or send a friend request to your target. To avoid these risks, it would help if you created sock puppets before starting your research. To put it in perspective, imagine yourself as a police officer conducting surveillance using your vehicle, which would reveal your identity. You would not do that, right? Similarly, using your personal social media accounts to research a subject could be better because it can expose your real identity.

What are the Sock Puppet Functions?

When you are passive, it means that you do not interact with a particular target. However, your profile might still show up in the “suggested friends” or “people to follow” results, so it is advisable to try blending in a little. One way to do this is by choosing a name that fits well with your target group.

Engaging with your target in some way, such as by adding them as friends on Facebook, is essential to conducting active research. Blending in with the target group during active research is even more crucial. If you plan on engaging with your target, creating a few accounts on different platforms is recommended to make it appear like you are a natural person.

January 4, 2024 by Cyber Security 0

Recent Comments

No comments to show.