Could you suggest me some websites or apps to perform a Isn't search ?
I'm thinking of doing an Osint search to see what I can find about my data online, could you suggest the best way to do it?
Searching online I found this site: https://www.osint.industries, however Bitdefender mobile blocks it, what do you think? Is it safe in your opinion?
Do you have any other sites or software to recommend for doing this type of search?
Answers
-
Hello @Eno-Scott,
I think the detection occurs for good reason. I've checked the link with Scamio as well, and here's what I got:
Considering this, I wouldn't access that page..
But do you already use Digital Identity Protection? If yes, it will do the job just fine and you don't really need additional tools, in my opinion. Here's what DIP can do for you:
I hope this helps.
Regards,
Alex
Premium Security & Bitdefender Endpoint Security Tools user
1 -
Thanks for the answer,yes I'm using Bit defender Digital Protection service, anyway I'm facing some issues with it..for example ,like I've already said in another thread here on the forum,the function for scan the inbox of my outlook account doesn't works and I've not found a solution for that at now..do you have any suggestions about?
That's one of the reasons for my search of a second option for check my digital footprint online and possibles impersonifications / violations of my accounts, another one it could be for example the fact that using a data broker ( I know that you don't recommend doing that ),I've founded another person like a possible user of my outlook account for his activities/profile on a famous social network related to work..asking to Microsoft for that they've answered that there isn't any sign of compromission by their side...anyway I've also asked the social network for that and they've asked me to send my documents for clarification (I've not done this yet )..this possible impersonification where not been signaled by Bitdefender Digital Protection ( that I reputee a good service anyway ) ..
For these reasons I'm trying to figure out a good solution to perform an Osint research..I'm searching some softwares or websites for that,so if you've some advices about feel free ( I'll appreciate it ) to share your knowledge with me !
Thanks 🙏
0 -
Hello @Eno-Scott,
While I can't really recommend other software or services that could help you check your digital footprint, since I haven't tried any others, apart from Digital Identity Protection and the website where you can check your email address for breaches - which I can say is trusted, I think DIP is sufficient for this. When it comes to impersonation check, when it encounters a profile (usually from social networks) that has common elements with your identity but has not been confirmed to be yours, it will alert you about the possibility that a profile belonging to someone else is attempting to impersonate you. The service will also display suggestions for actions to be taken in case it is indeed an impersonation attempt. Now, if an email address belonging to you has been leaked somewhere, it can end up anywhere, so apart from the fact that you could become a target for spammers and scammers, it may also be used without your authorization, and that's something that must be indeed reported to the management of the platform where such information was displayed without your consent, and it's true that usually a proof of ownership will be requested from you, from the respective platform (social media, website, etc.).
If you do have reasons to believe that an impersonation attempt took place, or if you suspect that some of your personal data, such as email addresses have been compromised in a data breach at some point, you can start by taking some precautionary measures such as changing the passwords of your accounts immediately (and don't use the same password for all accounts), and wherever possible, enable 2FA for an added layer of security, especially for email, financial, and social media accounts. If you have already identified a possible leak, log in to any accounts that may have been linked to the compromised email to review activity and ensure no unauthorized changes have been made. If you find that other accounts (e.g., social media, financial services) are using the compromised email, update passwords and enable 2FA on those accounts too. If you’re unable to access any account, use the platform's account recovery options to regain access.
It is very important to report the impersonation, if such thing happens. So, the best practice is to contact the support teams of the platforms where your email has been misused, explain the situation, and request assistance in recovering or securing the account. Most platforms have procedures for addressing impersonation or account breaches. Like I said above, services like "Have I Been Pwned" can give you an idea of how the compromise occurred and whether further action is necessary. Another preventive step which you can take is to set up alerts for logins or unusual activities in your email account and any other important services. Many platforms allow you to be notified whenever a login occurs from an unfamiliar device or location.
Also, in the event your email addresses were indeed part of a data breach, or if impersonation is discovered, inform your contacts so they don’t fall victim to phishing or other scams posing as you.
That would be a set of actions to take and best practices to consider. Apart from this, can you share more details regarding the scan of the inbox of your Outlook account? Are you referring to Bitdefender's Email Protection feature, or something else?
I hope the information is useful.
Regards,
Alex
Premium Security & Bitdefender Endpoint Security Tools user
1 -
Hello @Alexandru_BD and thanks for your answer,for my part I can say that I have tried more or less everything you suggested, but I am still having problems related to the accounts that make me think that I am continually the victim of some form of computer violation or attack... I know I have been pawned and from the research done it seems that there are no violations for this email of mine, however: even though I am frequently changing the password for my main accounts, for example, I continue not to see the notifications relating to the accesses in the security section of my Google account, nor do I receive the emails when I access the account (as instead happened before), I continue to receive calls from unknown numbers (which I never call back and I almost always report and block for security) at regular intervals, (some of these are identified as spam by the phone, others are not but if I try to call them back those times I tried no one answered or a message from the telephone operator was sent), in conjunction with these calls recently (but also some time ago) I noticed particular behaviors of the smartphone, for example: I find the account disconnected from the Galaxy Store, I find the VPN disabled, I find the bluetooth active while before it was not it was...all this makes me think of some sort of cyber attack (I know that Pegasus spyware for example could be injected even with a simple phone call, however checking in your guide it seems that Bitdefender now detects it..in any case I continue to have the feeling that it could be something similar..)..
Other "symptoms" could be for example that I sometimes find (often when I receive these phone calls) system applications that have used permissions that I had deactivated in the settings and if I subsequently go to check in the relevant settings I still find those permissions deactivated..
Also regarding the PC I am encountering particular problems for example in "settings" > "security" I often find some features deactivated such as: "memory integrity", "account notifications", I also had confirmation from Microsoft support that there was something that was not working correctly when I contacted them for a problem with "account managed by your organization" that I detected in both the PC settings and among the accounts on the smartphone (as far as I know I do not have an account managed, mine is a personal account), often checking in the "details" section of gmail from a pc I find accesses that occurred at times when I was not using my devices or from unclear IP addresses (on which I am looking for some information, but it seems more complicated than expected), ... I have made reports and written in the various official forums (Microsoft Answer for example but also Google community, Malwarebytes and this one) for most of these problems, however in some cases I receive inexhaustible answers .. I am aware that it is a very broad topic and that it requires very specific skills for this reason I continue in my small way to try to understand something by documenting myself and following the instructions I receive. I could add other problems found in various devices/operating systems, but the list would be very long..
Other strange problems were for example: that of my Outlook email used by a stranger found with a data broker, the fact of having found in Digital identity protection in the digital trace some services that seemed to be using or had used my phone number in the past (then asking support I was told that there were applications that could steal phone numbers, and that the detection could be related to one of these, but that I shouldn't worry because now the problem seemed solved) ... I asked for more information, but I wasn't told anything more, if you are interested I could search for the relative email or send you screenshots to give you a better idea..
When I talk to you about the feature that is not working well in Bitdefender Digital identity protection, I am referring to the scanning of the mailbox for my Outlook account that I can't connect correctly and I still don't understand why (the account seems to be checked for violations, but the email inbox is not checked as it is for gmail )...
Thanks for your help, despite everything I will continue to search online/in various forums, etc. for information on how to learn more..
if you know or someone who will read this post knows of some other source, or site that could be useful to me please respond or contact me if you want!1 -
Hello @Eno-Scott,
From what you’re describing, it’s clear that you’re observing concerning patterns on your mobile device. It’s wise to stay vigilant, especially since these unusual behaviors could indicate either a complex technical issue or, in the worst case, a targeted cyber attack. I would advise against calling any unknown numbers that called you out of the blue, because these can often be premium-rate lines, resulting in expensive phone charges, or they can attempt to trick you into giving personal information. If your phone allows, enable a setting that silences calls from unknown numbers (you can disable this feature whenever you are expecting calls from people who are not registered in your contacts list, for example whenever you are expecting a delivery, etc.). I know it's not the ideal workaround, as you can miss important and legitimate calls, but that would be one way to suppres unwanted calls. Also, some call-blocking apps may provide insights on persistent spam or malicious numbers.
I remember I was once stalked by someone who called me with no caller ID insistently, and I know how unsettling this can be.
Next, I would advise to go through the list of installed apps and verify that no permissions are granted beyond what is strictly necessary. Look especially for unusual system apps or permissions that keep re-enabling themselves.
For each app, restrict background data usage and background activity, especially for apps you don’t use frequently.
Another good practice is to turn off Bluetooth, Wi-Fi, and mobile data when not in use. If they re-enable themselves without your input, that may signal interference. Since you use a VPN already, confirm it’s a trusted one, and regularly check to see if it has mysteriously disconnected. In regard to Galaxy Store and other Accounts, it is recommended to enable two-factor authentication (2FA) for all accounts that support it. Regularly check for unusual login activities. Another useful tip is to ensure that your device’s OS and all apps are updated to the latest versions, which can often patch known vulnerabilities.As a last resort, performing a factory reset can be effective in erasing embedded spyware, should this be the case. However, carefully consider what apps and data you restore to prevent reintroducing any malicious elements. Resetting your device to factory settings can be inconvenient to do, and should only be carried out if all options are exhausted. After any actions, continue to monitor your phone for unusual activity, especially around permissions, account logins, and app behavior. This will help confirm whether your device remains secure or if further investigation is warranted.
If the factory reset doesn't solve all the issues you've described, then I think two options remain: either you take the device to someone that poses the required knowledge to find the root cause and fix those problems, or replace the device, as some spyware can embed itself deeply, especially if it’s been jailbroken or rooted without your knowledge. But that would be the most extreme measure to take, in the worst case scenario, of course.
For this part — the scanning of the mailbox for my Outlook account that I can't connect correctly and I still don't understand why (the account seems to be checked for violations, but the email inbox is not checked as it is for gmail I think Support intervention is required.
I hope this helps.
Regards,
Alex
Premium Security & Bitdefender Endpoint Security Tools user
2 -
Thank you very much for the reply, in fact that's what I fear (the targeted cyber attack)... To tell the truth I don't know how something like this could ever happen to me (I don't think I'm an attractive target to target, I'm a normal person. ..also this situation has been going on for a long time now (a few years)..
In general, in fact, I never recall the numbers precisely for these reasons that you indicated (I have read some articles about it), however sometimes I tried to see how it went and the result was what I told you...Moreover, as you yourself said unfortunately sometimes contacts who are not in the address book,call (it has already happened) and not answering regardless can cause various problems... On my smartphone I have the native anti-spam and unknown number protection option active (the one integrated into the app telephone and messages),however from what I understand regarding unknown numbers this does not block all calls coming from an unknown number, but only those calls that come from those numbers that have set the option to make their number unknown to the recipient (this is what said me the assistance)...As for third-party apps with this function, the only one I know of that can serve this purpose is Truecaller ID (I think that's what it's called), could you tell me something about it/recommend some apps??This situation is causing me several problems, among other things for example I believe that because of this I will no longer be able to use Ebay (where I could purchase at advantageous prices), in fact some time ago I received a report from them for my account which was permanently blocked (they hardly gave me any explanation via email), at the time not understanding the reason for the ban I tried to contact them via email, they called me with a number that I didn't have in my address book (obviously) and from a foreign country, I hung up believing that was a scam and for this reason I was permanently banned (and I believe I still am...)...After which I read in the guide that using a VPN (as I did, again as a consequence of all these reported problems) on their platform it was forbidden...so could this have been the cause, or was someone using my account to do something illegal? (I'll never know, in fact, from what I know, once they ban you from there it's impossible to recreate an account with your own data or that of a family member as they would have to block all the IP addresses associated with the network of the blocked device/banned account, etc...)...And this is just one of the problems I'm facing..
I searched several times in the list of installed apps to see if there could be some sort of spyware or app not installed by me (both on smartphone and PC) without being able to find anything substantial (I also checked the system apps sometimes, but it's an unnerving process as there are so many of them with absurd names and often you can't find information about them on the Internet unless you do very long searches...)...As I may have already told you, I've found what you report for several apps (system's apps or apps with permissions denied by me that despite this continue to use that permission that should not be granted to them... I was able to notice this from the setting in Android 14 which shows which system apps and not have used which permissions ( which was not present in previous versions of the operating system)...Some of the ones that come to mind now are: 'Personal Hotspot', 'Dual Account', an app indicated as 'Error', 'Silent Logging', but I assure you that there are others too and they are almost all system apps (as if that weren't enough for some of them I can't change the permissions)... In some cases I asked support for this but usually they always gave me generic answers in this regard such as: 'If the app is using a certain type of permission it will probably be because you have done a certain type of particular action previously', 'Do you remember if you have granted any permissions previously? ','Do you remember if you did anything that may have caused the app to activate? '...
As a consequence of this I removed almost all the permissions of the apps of the various devices (even when the phone advised not to do so) also by consulting various videos found online by people who deal with/deal with issues relating to privacy and IT security.
Subsequently I opted for a less drastic solution, trying not to grant only the permissions that I considered unnecessary for a specific app (a solution that I consider better and more intelligent, furthermore, as you well know, it is not wise to remove the permissions of system apps as they could have problems...).
I also check the battery and data usage very often (always to try to understand if there could be spyware) and to tell the truth I have also found something strange sometimes, for example in the section that shows the battery usage of the various app, every now and then I come across an app listed as 'Battery usage during calls' (or something similar), I asked support about it but they said it's just a function of the system to control battery usage during calls (all the data from this alleged app, however, is not viewable like the others, I mean for example how many packets it sent or what type of data it used...also it doesn't seem like it was there before).
In 'Data usage' however I found applications (which should/would like to be system ones as they have the icon with the Android robot) indicated only as numbers for example: '10368', '10372' ... I initially deactivated the data in background for those apps that made me suspicious, then I actually activated the 'data saving' mode, allowing the use of data in the background only for the apps that I considered necessary...I also limited WiFi access to many app granting it only to those that I considered most suitable...I often check the permissions as I told you and sometimes also the special permissions such as those for modifying system settings, those for activating the screen, those for analyzing the data of the app...but it's a complex process and sometimes (often) I go by feel (certainly even making mistakes as I don't know the exact functionality of all the various apps)I always leave Bluetooth and Wifi deactivated and when I'm not using my smartphone I activate airplane mode for safety...
However, as I told you in this specific case, when I restarted the device I found Bluetooth active and the VPN deactivated....and at the same time I had received one of these calls from 'spam'/unknown numbers (which I almost always report now).. I am also finding several times that the account is not shown in the Galaxy Store, for this reason I opened a report using Samsung Members and sending the log data, screenshots and screen recording, they made me check if the VPN was active in safe mode /can be activated after deactivating airplane mode, the option to activate the VPN was not really selectable... they replied that they will send my data to the development department..
The VPN I use is Duckduck, it is not the most famous and to tell the truth, from what they say, more than a VPN it should be a way to filter the various app trackers which however is seen by Android as a VPN... however I have also used the Bitdefender and Adguard VPN, finding that sometimes they disconnected on their own as you say (to tell the truth, even on PC I'm noticing that the Bitdefender VPN activates itself at the startup even if I haven't granted authorization in the settings to do it...I had already reported this problem, but I think I'll have to do it again as it needs to be looked into further, especially since I recently performed a reinstallation of BDTS and an Inplace reinstallation of the operating system)0 -
I have activated two-factor authentication where possible and use your password manager (in both cases I have sometimes had problems for example with Microsoft Authenticator once I was unable to restore data from backup and had to reconfigure all accounts. ..with Bitdefender password manager I was blocked a couple of times and could no longer access it, I had to open a ticket for this and before being able to use the software again I had to wait a while), I now regularly check system updates for the various devices and also those of the apps (even too much.. )
I also often check accesses and sessions and sometimes I have noticed something suspicious there too (accesses from suspicious countries, accesses that do not correspond to my position or made with a browser different from mine, sometimes devices different from mine, accesses occurred at times when I wasn't using my devices, or indicated with a particular IP address that I didn't recognise..), even recently checking the accesses in my Opera account I found a session from Russia...generally when this happens I change the passwords ..as I may have told you, I'm changing them quite often for my main accounts also because I continue to occasionally encounter problems (such as logins no longer being shown in the section relating to the latest activities of my Google account, but also other problems/strange things such as the Microsoft account which seemed to be managed while it is a personal account, having found a stranger who was using my Microsoft account for his social network I don't know in what way or how it is possible, having recently found information exposed about my account using a fingerprint scanning service, I also use Bitdefender Digital Identity Protection anyway..)
In fact, I'm thinking of doing a factory reset of the device in question (which I've already done in the past and also for my other devices)... as I already told you, this uncomfortable situation has been going on for some time (years), but lately it seems to have gotten worse despite the fact that I continuously try to document myself and protect myself in the best possible way... I'm also thinking (it was also suggested to me in the past by Samsung's technical assistance) after formatting/factory reset not to reinstall from backup to see if the problem continues to occur and then have the device/devices examined by an authorized centre...
In addition to this, do you know, can you tell me who I could turn to for a problem like this (cyber security experts? Postal police? Investigative agencies? Someone who can carry out a forensic investigation in the right way?) ?In fact, as you say, I have been thinking about changing my devices since some time, but the problem is that although up to now I have changed some smartphones and a PC it seems that this has not solved it...
Finally, regarding scanning the Outlook inbox, I have already opened a ticket with technical support and I am waiting for their response, we have tried something but so far without results, I hope they will respond to my last email that I sent a few days ago about this...
Thanks for all your helpLet me know
0 -
Hi,
Well, I'm not necessarily suggesting that the phone is really infected, but judging by the symptoms you described, I don't exclude this possibility. Here's the thing: many people believe they're unlikely to be targeted by hackers because they assume cybercriminals only pursue high-value targets with substantial assets or sensitive data. However, the reality is that everyone is a potential target, for various reasons. Even if someone doesn’t consider their data valuable, information like Social Security numbers, addresses, and even birthdays can be sold on the dark web or used in identity theft. Criminals can take out loans, open credit cards, or create fake identities using this information. Or they can create large databases in time, which can later be sold to interested parties for profit.
Also, hackers often use individuals as an access path into larger systems, especially if they are connected to workplaces, family members, or other organizations. Compromising a “regular” person’s device could be a stepping stone to more significant targets. For example, social engineering attacks are manipulative tactics used by cybercriminals to trick individuals into revealing confidential information, granting access, or performing actions that compromise security, sometimes with the scope to conduct larger scale operations on important targets. These attacks exploit human psychology, such as trust, fear, curiosity, or urgency, rather than technical vulnerabilities in systems.Another reason why cybercriminals may target anyone is that they often attempt small-scale fraud that may go unnoticed, such as unauthorized subscriptions or microcharges on a credit card. They may also use individuals' bank accounts for money laundering or financial scams. Smaller cash withdrawals can be easily overlooked by the victims, so they take small amounts from individuals to avoid getting caught. But these add up. I mean, picture this, if a scammer tricks 1 million people to give him 1 dollar, he will have 1 million dollars at the end of the operation.
So yes, everyone can be a target. Also, hackers can hijack personal devices to create botnets, which are networks of infected computers used for larger attacks, like DDoS (Distributed Denial of Service) attacks, or even for cryptomining, where they use the processing power of the device to mine cryptocurrency.
My point is, when surfing the internet we are all vulnerable to phishing attacks and ransomware, which don’t require high-value information to be profitable. An unsuspecting user can inadvertently download malware or give away sensitive data, which hackers can then exploit. That's why it is very important to consider a trusted cybersecurity solution and take the necessary precautionary measures to secure accounts and other personal information. But unfortunately, some people think such things cannot happen to them, and this is exactly what cybercriminals want you to believe, so they can catch you off guard. Now, I'm not saying that we should become paranoid, not everyone is out to get us, of course, but I think it's important to be be aware of these threats and ensure the minimum device hygiene and have at least some basic protection installed on our devices. Hackers may find it easier to target those who assume they’re “safe” rather than high-value targets who invest heavily in security.Regarding ebay, I know exactly what you mean because I was there myself, and I think my account is still blocked for some reason. After creating an account many years ago, I got paypal as well, added some funds there and changed my mind shortly afterwards and attempted to use a different payment method. Apparently, this move triggered some warnings on their end and they blocked my account. I haven't unlocked it since, but I remember it was indeed a cumbersome process to follow. You could pursue this further, or create a new account altogether, and if they block it again, get in touch with their Support representatives to prove your identity and request unblocking.
Now, I can't really recommend a place where you can take your mobile device for investigation, but a quick search on the Internet should reveal the stores and specialists available in your area. I would recommend to take both devices to clean them up and start fresh in this case. Because I think it's almost impossible to find out exactly what happened there without having someone who knows what they are doing take a look at the device.
Of course, since you have Bitdefender installed, if you suspect that malware or spyware is present on those devices, you can open a ticket for the Bitdefender Support teams and the engineers can further investigate this. The anti-malware researchers have developed a special tool that can reveal any hidden malware on Windows PCs. BDsysLog is basically a malware analysis tool created by Bitdefender Labs. It performs a deep scan of critical system areas to enable security experts to identify evasive and unknown malware threats on your PC. To generate a BDsys log on your Windows PC, use the method described in the article below, then contact the Support teams to request an investigation:This may help you find out if your PC is clean or not. Regarding the mobile device, well like I said, I think it's best to take it to a specialized shop, or even consider a factory reset and take it from there. As far as the accounts are concerned, if you suspect that some of them may have been compromised and are monitored, perhaps it's a good idea to consider replacing them, to start from scratch and then have all the necessary protection reinstalled on your devices before using them again.
Regards,
Alex
Premium Security & Bitdefender Endpoint Security Tools user
1 -
Thank you for answering me,I know that what you've said is the truth and a good counsel,anyway I'm searching for some tool to perform a better check about the issues that I've said..
I suppose that this will require a deep research on the web and even a good amount of study...
For what you've said about BDsys,I've already used it on my PC in the troubleshooting of some possible issues that I've had on it.
Unfortunately from what I've learned till now from my research activity on my devices about these problems,there isn't almost never a sure answer to questions like : " I'm infected? " or "They've hacked me ?" ...I mean that if there isn't evidences this doesn't mean that the problem is not happening ..
Plus sometime there could be symptoms caused by some other conflicts or bug I suppose..
Someone said : "A journey of thousand miles begins with a single step" ... nothing more true from what I've learned until now..
0 -
You are most welcome and I wish I could help you more. The thing is, such tools may reveal if, where and how your data may have been leaked in a breach, for example, or if you were indeed a victim of impersonation, but they may not cover the full extent to which your personal information may have been exposed, and data recovery/deletion options may not be available, because usually when this happens, it's like a snowball effect and you never know where the data ends up and you don't really have full control over it. But I think it's important to be aware of this, because you could be targeted with phishing attempts or other malicious attacks afterwards. As for the affected device, sure, there's always the possibility that it doesn't function as expected for reasons that are unrelated to malware or spyware, but that's why I think it's recommended to take it to someone that can help you sort it out, start fresh, secure your accounts and use a security solution at all times.
Regards,
Alex
Premium Security & Bitdefender Endpoint Security Tools user
1
