Concealing your online identity
To better understand the importance of concealing your identity as an ethical hacker when performing OSINT, let’s imagine your organization was compromised by a threat actor who sent a phishing email message to a high-profile employee of the company who was tricked into clicking an obfuscated link that looked safe. Upon clicking the obfuscated link, malware was downloaded and executed on the victim’s system, which enabled the threat actor to gain unauthorized access and exfiltrate confidential data from the organization’s servers and other devices. Afterward, the threat actor sent an email message to the organization that indicated the type of data that was exfiltrated from the servers and requested the company send a payment of cryptocurrency within 24 hours, or else the threat actor would sell the data on the dark web to the highest bidder.
Within the organization, Bob is the security professional who manages and oversees the...
