The Benefits of Sock Puppets in Open-Source Intelligence (OSINT)

A Sock Puppet is fake persona, or an alternative online identity used to collect and investigate open-source information on a target.  The main goal of the Sock Puppet is to not have the profile linked back to the investigator.

This is vital as to provide operational security (OPSEC) to protect the investigator from retaliation or to prevent bringing awareness to the target that they are being investigated by a specific entity.

Maintaining and managing a sock puppet also requires a detailed understanding of the many different platforms the investigator will used to create accounts for the fake persona.  As these policies change, so can the information that is disclosed or shared publicly.

To effectively create and use a functional sock puppet here are a few recommendations:

  1. To anonymize the account so that it does not record the original IP address or location, the use of a VPN or TOR while creating the account is highly recommended. In addition, it is recommended doing so from a public Wi-Fi connection.
  2. Certain social media platforms such as Facebook may prevent individuals from creating an account from a VPN or TOR connect. In that case, using a public Wi-Fi is recommended.
  3. When logging to the sock account, be sure to always use a VPN, TOR or public Wi-Fi, under no circumstances should the creator use a direct IP address that may link back to them.
  4. Make the account as legitimate as possible by producing daily activities, using it for a long period of time and making online connections.
  5. When creating a name for the account, it is recommended using a fake name generator. In doing so, the investigator will be provided with an identity of a person that has never existed.  The identity will have a name, address, mother’s maiden name, weight, height, date of birth, in addition to many other useful information need to create a person.  Female accounts then to have more success when creating a sock puppet.
  6. Now that an identity has been created, providing an image is highly recommended. The creator has two options, using a cartoon avatar or providing an image of a human that does not exist through the use of artificial intelligence.  Never use a real person’s face as individuals can use tools such as Google identify the photo’s original owner.
  7. When creating an email account for the sock puppet, it is recommended using any email provider such as gmail.com, mail.com or yahoo.com to name a few. As previously stated, be sure the IP address cannot be link to the creator.
  8. Obtain a burner cell phone and SIM card that can be used account verification. Be sure to not have the phone linked back to the investigator by paying with cash or a privacy-based credit card.
  9. Having more than one sock puppet is highly recommended in case something goes wrong, the investigator will have an active back-up.

Sock Puppets are important for the protection of the investigator, things change fast in the online world, and it is important the investigator keep up with the changes.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.