The first point of focus should be the phone number – after all, this was the delivery method of the malicious link to the user.
Good place to start is Google, plain search first, then including search operators:
“+12568417086” OR “256-8417086″ OR ” 1 2568417086″
intext:”+12568417086″
allintext:”+12568417086″
site:”<whatever site you search>” intext:”+12568417086″
These methods might or might not yield the desired results, which will also vary in accuracy and details.
Phone lookup websites come and go. Searching for EU-based phone numbers has been hampered since the introduction of the GDPR. However, searching for non-EU numbers on specific websites might still be effective.
I searched for the phone number on the following sites (with no results, sadly):
https://sync.me/
https://www.truecaller.com/search
https://spamcalls.net/en/
https://800notes.com/
https://www.unknownphone.com/
https://whocallsme.com/
https://www.anywho.com/reverse-phone-lookup
https://www.zabasearch.com/
https://www.spydialer.com/
http://www.phonelookuper.com
This list is by no means exhaustive, there are dozens more reverse phone lookup sites.
The ones that did yield some results included:
https://www.whitepages.com/phone/1-256-841-7086
https://www.411.com/phone/1-256-841-7086
https://www.revealname.com/256-841-7086
https://www.numlookup.com/
The revealname and numlookup websites both offered an additional snippet of information that allowed me to pivot into a more specific direction.
Great review very detailed and easy to understand
Nice piece of work… found it amusing however that you advise folk not to click on shortened url’s then include them in your article… of course some of the US based engines that you used for searching also decline to assist EU based personnel because of concerns about GDPR, but you can often get around this by either using a van or even on occasion changing your language settings to English (US).
Nice write-up!
May I suggest https://app.any.run for using the malicious URL? It collects a ton of information, without the need to setup or start a complete VM, just for visiting a single website.
OSINT Research
Also the good aul Virus Total will do the job: https://www.virustotal.com/gui/home/url
Hi Matt, thanks for this guide. I would suggest adding to your phone lookup websites list:
1) https://www.reportedcalls.com/ – phone numbers reported to the U.S. Federal Trade Commission and/or Federal Communications Commission.
2) https://www.thisnumber.com/ – phone numbers found in the United States federal, state, local, and other government datasets.
What’s up it’s me, I am also visiting this web page on a
regular basis, this web site is in fact good and the
viewers are genuinely sharing nice thoughts.