The first step in launching a cyberattack is to get a clear understanding of the target by using a penetration test. Cybercriminals will try to gather as much information about a person or a business as they possibly can. However, they will need to do this without the target’s knowledge, and without triggering their security measures.
Gathering intelligence about their targets usually starts with assembling information from public sources. This is known as Open Source Intelligence, or OSINT for short. The easiest way to gather this information is through anything available online such as social media platforms for example — which is one of the best sources of OSINT.
However, OSINT is not just limited to social media platforms. There are other sources that cybercriminals will use to assemble information about their target. Anything of value can be used from videos, press conferences, reports, books, and even articles in newspapers.
OSINT is usually gathered from any kind of free public source, which is why cybercriminals can gather this crucial information without your knowledge. The information they use can be found by anyone on the internet.