Handling Large Volumes of OSINT in Economic Investigations

Leveraging OSINT and automation in economic cybercrime investigations.

Category
Guides & Information
Date
November 10, 2024
Author
Paul Wright and Neal Ysart

Authors: Paul Wright and Neal Ysart (The Coalition of Cyber Investigators)

As cyber threats grow in complexity each year, economic cybercrime has increasingly become a major challenge. According to the Association of Certified Fraud Examiners (ACFE), businesses worldwide lost an estimated $55 billion to fraud in 2024 alone, with 49% of respondent companies reporting incidents of fraud. This marks a steady upward trend in economic cybercrime. To counter these evolving threats, businesses and governments are now focusing on risk-focused cybersecurity strategies over traditional compliance-driven approaches.

Investigators of OSINT and Cybercrime

One of the most potent tools in economic cybercrime is open-source intelligence, or OSINT. Collected from open, private, and public sources, OSINT enables investigators to analyse vast amounts of data and convert it into actionable intelligence. This capability helps economic crime investigators stay ahead of cybercriminals' changing tactics in this cat-and-mouse game.

Cybercrime investigators are on the front lines, relying on various evolving technologies and platforms to address new methods of cybercrime. However, outdated technology and fragmented systems can hinder their efforts. Investigators must often work with several non-integrated devices, applications, and data sources. Such a disjointed toolset delays investigations, slowing the identification of crucial evidence.

Grading the sources is a significant issue in intelligence management. By applying handling codes to digital evidence, investigators can prioritise information, standardise credibility assessment, and improve the organisation of digital evidence.

Challenges for Financial Institutions (FIs) in Investigations

Financial institutions (FIs) face their own hurdles when investigating economic cybercrime, and the quality of these investigations can vary greatly. Many FIs lack access to specialised forensic or analytical tools, relying instead on basic office applications that are often insufficient for in-depth investigations. Fragmented platforms further hinder investigations, resulting in a failure to connect and increasing the risk of overlooked evidence. This fragmentation increases the risk of missing critical evidence.

Moreover, investigative roles at FIs are frequently filled by personnel without formal training in intelligence analysis. IT staff, HR professionals, compliance officers, and internal auditors are often tasked with leading investigations—not because it is part of their job description, but because there are no trained investigators available. These roles typically lack the skills needed to effectively gather, analyse, and interpret intelligence.

While regulators and authorities continue improving their strategies, cybercriminals adapt quickly. Some common challenges investigators face include the constantly fluctuating volumes of OSINT, which could provide an overwhelming influx or a scarcity of information. This variation causes investigation complexity since data overload and scarcity are challenging. Additionally, the inconsistent quality of intelligence necessitates time-intensive verification, as location-based and user-history influences often create discrepancies in search results.

OSINT practices can also pose security risks, as investigative actions can leave traces on sensitive online platforms. Digital footprints on social media could expose investigative actions to interference. For example, OSINT practitioners often need to create and deploy isolated accounts known as ‘false persona research accounts’ that help avoid identifying the actual account owner. Practical digital forensic tools help mitigate these challenges by transforming raw data into actionable intelligence, enabling investigators to analyse data in an organised and secure manner.

Even the most experienced investigators could benefit from advanced data and technologies to make their work easier. Intelligent automation is one of the most crucial developments of this nature, merging robotic process automation (RPA) and artificial intelligence (AI) to allow smooth sailing in the collection, collation, and analysis of intelligence without much disturbance.

Critical Benefits of Intelligent Automation for Investigators

Intelligent automation offers economic crime investigators significant advantages by simplifying and optimising the investigative process. It provides a centralised intelligence perspective, enabling investigators to access internal and external information from a single dashboard, thus facilitating faster and more accurate decisions. Automation also helps manage information overload by providing pre-graded intelligence, thereby reducing the time spent sifting through irrelevant data. Given the volumes of data experienced OSINT practitioners typically handle, this can be a significant advantage. This systematic approach also supports a structured workflow essential for managing the complexity of economic cybercrime investigations.

Digital Evidence in Investigations

Most OSINT and economic crime investigations involve digital evidence, which requires specialist skills and techniques to help ensure transparency and accuracy when tracking and presenting complex financial transactions. The increasing volume and complexity of digital data make effective data management essential for maintaining investigation quality. According to the National Institute of Justice (NIJ), specialised digital forensic tools are essential for preserving evidence integrity, supporting the credibility of findings, and enabling investigators to handle large amounts of data without compromising accuracy. Deploying data collection tools helps maintain evidence, preserving the chain-of-custody protocols necessary for court admissibility. 

Future Prospects

Intelligent automation holds promise in the fight against economic cybercrime, especially in financial services cases involving high volumes of OSINT and system-generated evidence. Automation could be applied to continuously perform repetitive analysis tasks and surface only the most relevant intelligence for human review. This helps investigators manage complex cases with multiple and voluminous data sources.

The challenge of dealing with the volumes of data in economic crime investigations is likely to become more pronounced, especially given the increasing trend toward public-private partnerships and real-time information exchange. Such collaborations allow financial institutions and regulators to anticipate emerging threats and conjure large volumes of economic crime-related intelligence cooperatively.

With their advancing automated tools, they can do more to make investigations more effective and elevate intelligence standards. Intelligent automation will undoubtedly play a central role in the fight against economic cybercrime, strengthening the sector's ability to reduce risks and protect consumers.

"
An outstanding atmosphere and an amazing gathering of professionals
Daniel Heinen
Founder, GeoSpy
Bridging industry
gaps to create a real community
Stephen Adams
Founder, Intelligence With Steve
Synergy between different minds and tradecraft
William R
Founder, The Aracari Project
The first meet-up was informative, engaging, and community-driven.
Peter Allwright
Head of Suntera Forensics
Prev
Next
About & Team

Making the United Kingdom the global leader in open source intelligence.

Events

Talks, networking opportunities, hackathons and more.

Content

Guidance Guides & information to become a world class OSINT expert.

© UK OSINT COMMUNITY LTD — Company number: 15762520
Made in the UK 🇬🇧