October is Cybersecurity Awareness Month, created as a collaborative effort between the U.S. Department of Homeland Security and The National Cyber Security Alliance (NCSA). Its main aim is to raise awareness on the importance of cybersecurity, cyber hygiene, and safeguarding oneβs digital profile.
We used this occasion to gather some best practices and universal recommendations for cyber-hygiene:
- Avoid using the same password on multiple sites, use a password manager.
- Learn what information the cyber world has collected about you.
- Delete old and unused accounts
In this blog post, we show you how Maltego Graph can help you with the latter two points. In this step-by-step guide, we show you how to research the information you share with the world and stay in control of your digital profile.
How to get started? π︎
Maltego is easy to start with! All you need to do is download Maltego and register for free Community Edition (CE) here and start using the OSINT integrations. Read our step-by-step guide for instructions on how to set up your CE.
To begin searching for a person, you can start with what you know about that person, e.g. name, nickname or email. Before we begin, we want to jot down this information to know where to start.
| Item | Value | Example |
|---|---|---|
| Nickname / Alias | Mr. X | spongebob |
| Name | First name Last name | Sponge Bob |
| Firstname Lastname@ |
Spongebob@gmail.com |
Step 1: Researching social networks linked to an alias π︎
Our first step is to add an alias Entity, rename it with your nickname, and right-click it to run the Transform below.
To Social Account [Using NameChk]
This Transform will search different social networks where the given alias is used as an account. This data is retrieved from NameChk. It returns social networks linked to the alias, as illustrated in the graph on above. You can open each Entity result to investigate further using your browser.
If you wish to narrow down the search to a particular social network such as Twitter, it is possible to check for the Twitter handles who have the same name as you. This can assist in finding any potential imposters of your account. You can do this using the Twitter Tranforms in the hub. These Transforms can also show you how much of your tweets are out there in the public and what topics you like to talk about.
Step 2: Investigating personal information using an email address π︎
Next, we look at how to check whether your account has been involved in a data breach. To check this, we use a service by one of our data partners Have I Been Pwned (HIBP).
Starting with your email, we select the email and run the following Transforms:
- Get all breaches involving an email address
- Get all pastes featuring the email address
With HIBP we can obtain the data breaches containing the given email address. Additionally, it is possible to also get pastes where the email is mentioned on online clipboard services like Pastebin, Pastie, Slexy, Ghostbin, QuickLeak, JustPaste, AdHocUrl, PermanentOptOut and OptOut (see full list here), which are sometimes used by hackers to post breach data. Since people tend to reuse passwords across multiple accounts, a data breach in one service compromises the accounts on other services. In case you find your account in HIBP, please change the password for that service if you haven’t done so already. We hope these Transforms help in hardening your digital footprint.
Besides NameChk and Have I Been Pwned, there are also other data leak databases such as the one developed by CyberNews, which investigators can use to enrich or confirm their findings.
Maltego can seem a bit overwhelming initially, but we hope our step-by-step guide helps you get started. After getting the hang of some basics, the possibilities are endless. Read our resources and get in touch with us to learn more.
Follow @MaltegoHQ on Twitter and make sure you donβt miss on updates.
