In summer 2018 Russian businessmen for the first time confronted a hostile bot which paralyzed operations of companies by sending massive requests to their webpages, telephones and other feedback contacts. Igor Bederov, founder of Internet-Rozysk (Internet research) told Invest Foresight how the products he has designed are helping businesses in identifying abusers by phone numbers, e-mail addresses, or Telegram accounts.
Background
Igor Bederov started his career in competitor intelligence and accumulated his experience in a position of a security manager of a large chain of hypermarkets. In 2014 he launched Business Intelligence | CABIS project. The main task Bederov had to resolve, was obtaining lawful sources of information to ensure business security. Such sources had to be no worse than databases accumulated and employed by law enforcement agencies. He then registered Internet-Rozysk, an information research and analysis company specializing in prevention and investigation of economic crimes. For those purposes such products as TelPoisk (telephone search), IP-Rozysk (IP research) and Telegram-Deanonymizer were developed.
TelPoisk
To launch his TelPoisk pilot version in 2016, the businessman only needed two weeks. Since August 2018 an updated program is available to clients who can get information on any phone number or email address worldwide. The program would analyze open information sources to establish who the phone number or email address owner is and where such an owner is located. TelPoisk is useful for personal safety as well, in a situation, for example, when a text message is received informing banking cards are allegedly frozen, which is a typical fraudsters’ trick.
TelPoisk analyzes 46 information sources, more than any other analogous programs. The following data is used for the analysis:
- information on telephone switching and email server;
- social networks and messengers data;
- message boards, employment vacancies and CVs, telephone books data;
- banking services information.
Above all, the service has no geographic restrictions and wherever a phone number’s owner is, the identification probability is 70%. An explicit identification is accomplishes for half of all requests.
An expanded version of the analytical system supplies exact addresses where a GSM subscriber has been spotted, and lists the phone numbers in the immediate proximity of such locations. For collector agencies, a report on a phone number may contain information on a residence registration address and an address where an individual really lives, as well as on the banking cards linked to the phone number.
Information provision is subject to a fee. A user is granted an access to a personal office and can adjust the settings there and get a regular information flow.
IP-Rozysk
The features of IP-Rozysk are quite similar to TelPoisk, but a starting point for it is a computer IP address. The advantage of the system is it identifies not just a city/town like a similar WHOIS service does, but specifies the exact physical location (the exact building) of the equipment in question. An owner of a website visited from a given IP address can see details of-a device, its operational system and browser employed, as well as check if a specific user employed anonymization means such as VPN or TOR. That may be helpful, for instance, in verifying the true number of a webpage visitors. The system would also show the real Internet traffic growth due to advertizing campaigns. It is no secret that an increase in a webpage visitors from China is of no use to a Russian businessman.
Telegram-Deanonymizer can help when an anonymous Telegram user’s identity and location are to be established. A similar idea, by the way, was put forward recently by the Center for Legitimacy and Political Protest Research which designed its Cryptoscan product.
Fraudulent purchase of computers
According to Igor Bederov, his developments are useful instruments for company owners and regular Internet users who need to verify contact details. Information verification resolves the problem of anonymous Internet contacts, helps in preventing fraud, deception, blackmail and extortion in Internet, as well as other IT-based crimes. In cases when computer trespassers have succeeded in implementing their criminal intentions, TelPoisk, IP-Rozysk and Telegram-Deanonymizer help investigating the occurrence and uncovering an individual behind the incident. The device employed by the intruders for accomplishing their unlawful activities is also identified. Submitting such data to law enforcement agencies significantly reduces the time of their investigation thus ensuring an adequate prosecution of the evil-doers.
Igor Bederov refers to a recent accident when an unidentified plotter registered for an online auction of Sberbank-AST marketplace as a representative of a large company and placed an order for computers supply. The verification system accepted his forged documents. Yet the victims of the plotter could have checked out his details to see he was in no way related to the company he referred to.
By Christina Firsova