Dude,Where’s My Check? An OSINT-Based Analysis of the Link Between Check Theft and Identity Theft

Abstract

Identity theft targeting American citizens continues to rise. While prior research has linked this trend to data breaches and scams, a more recent development—check theft from U.S. Postal Service (USPS) mailboxes—may also be contributing to the problem. However, the absence of official data connecting check theft to identity theft limits our ability to fully assess this relationship. This paper investigates whether check theft activity observed on Telegram, a major platform for illicit trade, can predict officially reported identity theft incidents as recorded by the Financial Crimes Enforcement Network (FinCEN). By integrating open-source intelligence (OSINT), we were able to collect and analyze publicly available data and compare it with formal crime reports, to illustrate how combining alternative and official data sources can enhance our understanding of the online fraud ecosystem, particularly the factors driving identity theft.

Keywords

fraud identity theft mail theft stolen checks victimization open source intelligence

Get full access to this article

View all access options for this article.

References

Ablon

Libicki

M. C.

Golay

A. A.

(2014). Markets for cybercrime tools and stolen data: Hackers’ bazaar. Rand Corporation.

Aldridge

Decary-Hétu

(2015). Cryptomarkets and the future of illicit drug markets. In Mounteney

Oteo

(Eds.), The Internet and drug markets (pp. 23–32). Publications Office of the European Union.

Bazzell

(2023). OSINT Techniques: Resources for uncovering online information. Inteltechniques. com.

Beals

M. E.

Carr

D. C.

Mottola

G. R.

Deevy

M. J.

Carstensen

L. L.

(2017). How does survey context impact self-reported fraud victimization? The Gerontologist, 57(2), 329–340.

Biegelman

M. T.

(2009). Identity theft handbook: Detection, prevention, and security. John Wiley & Sons.

Dehghanniri

Borrion

(2021). Crime scripting: A systematic review. European Journal of Criminology, 18(4), 504–525.

Garkava

Moneva

Leukfeldt

E. R.

(2024). Stolen data markets on Telegram: A crime script analysis and situational crime prevention measures. Trends in Organized Crime. Advance online publication. https://doi.org/10.1007/s12117-024-09532-6

Girish

K. K.

Bhowmik

(2023, December). Historical analysis of financial fraud and its future [Conference session]. International Conference on Applied Soft Computing and Communication Networks, Singapore (pp. 51–64). Springer Nature Singapore.

Holt

T. J.

Lee

J. R.

(2022). A crime script analysis of counterfeit identity document procurement online. Deviant Behavior, 43(3), 285–302.

10.

Holt

T. J.

Smirnova

Chua

Y. T.

Copes

(2015). Examining the risk reduction strategies of actors in online criminal markets. Global Crime, 16(2), 81–103.

11.

Howell

C. J.

Fisher

Muniz

C. N.

Maimon

Rotzinger

(2023). A depiction and classification of the stolen data market ecosystem and comprising darknet markets: A multidisciplinary approach. Journal of Contemporary Criminal Justice, 39(2), 298–317.

12.

Howell

C. J.

Maimon

(2022). Darknet markets generating millions in revenue selling stolen personal data, supply chain study finds. The conversation. https://theconversation.com/darknet-markets-generate-millions-in-revenue-selling-stolen-personal-data-supply-chain-study-finds-193506

13.

Kosinski

Stillwell

Graepel

(2013). Private traits and attributes are predictable from digital records of human behavior. Proceedings of the National Academy of Sciences of the United States of America, 110(15), 5802–5805. https://doi.org/10.1073/pnas.1218772110

14.

Leukfeldt

Kleemans

Stol

(2017). The use of online crime markets by cybercriminal networks: A view from within. American Behavioral Scientist, 61(11), 1387–1402.

15.

Maimon

(2022). How cybercriminals turn paper checks stolen from mailboxes into bitcoin. The conversation. https://theconversation.com/how-cybercriminals-turn-paper-checks-stolen-from-mailboxes-into-bitcoin-173796

16.

Markham

Buchanan

(2012). Ethical decision-making and internet research: Recommendations from the AoIR ethics working committee (Version 2.0). Association of Internet Researchers. https://www.aoir.org/reports/ethics2.pdf

17.

Ouellet

Maimon

Howell

J. C.

(2022). The network of online stolen data markets: How vendor flows connect digital marketplaces. The British Journal of Criminology, 62(6), 1518–1536.

18.

Pomerleau

P. L.

Maimon

(2022). Evidence-based cybersecurity: Foundations, research, and practice. CRC Press.

19.

Shah

Harrison

T. G.

Freas

C. B.

Maimon

Harrison

R. W.

(2020, December 10–13). Illicit activity detection in large-scale dark and opaque web social networks [Conference session]. 2020 IEEE international conference on big data (Big Data), Atlanta, United States (pp. 4341–4350). IEEE.

20.

U.S. Government Accountability Office. (2024, April 16). Fraud risk management: 2018–2022 data show federal government loses an estimated $233 billion to $521 billion annually to fraud, based on various risk environments (GAO-24-105833). https://www.gao.gov/products/gao-24-105833

21.

U.S. Postal Service Office of Inspector General. (2021, May 20). U.S. Postal Inspection Service pandemic response to mail fraud and mail theft (Report No. 20-305-R21). https://www.uspsoig.gov/sites/default/files/reports/2023-01/20-305-R21.pdf

22.

Wachter

Mittelstadt

Russell

(2017). “Counterfactual explanations without opening the black box.” Harvard Journal of Law & Technology — on GDPR gaps in algorithmic accountability.

23.

Yeboah-Ofori

Brimicombe

(2018). Cyber intelligence and OSINT: Developing mitigation techniques against cybercrime threats on social media. International Journal of Cyber-Security and Digital Forensics, 7(1), 87–98.