JungleScam – The First eCommerce OSINT Tool

I’ve found myself at an awkward place at the intersection of OSINT and eCommerce.  The reason I find it awkward is I feel like tons of people are talking about eCommerce but no one in the infosec or investigations community comes to mind.  As more and more transactions become digital, I think it’s important to have a frame of reference on dealing with eCommerce scammers, hijackers, counterfeiters, and money launders. When searching through Amazon for potential red flags that may indicate some variation of fraud, I found myself doing a lot of manual labor.  There are plenty of Google Chrome extensions available that do data mining with very useful visualization tools, but none of them conducted the searches I was looking for.  I knew there would be a web scraping solution to this, but unfortunately I don’t have the development skills, and am quickly learning I don’t have the attention span either, to build a tool.  So I reached out to the developer of Twint, Francesco Poldi (@noneprivacy) who I’ve been helping by providing guidance and basic development to.  I asked how difficult it would be to achieve something on Amazon and he generously provided his services to me and created something in a matter of days.  This collaboration is called JungleScam and it’s the beginning of what I think is a pioneer into the abyss of eCommerce OSINT. The Jungle part of it refers to Amazon (jungle), and the scam part is pretty self explanatory. Here’s a quick snapshot.

I created a quick GUI for the program to make it a bit more user friendly and visually appealing.  What JungleScam will do is scan all products listed in the search results and export any sellers who are listed as “Just Launched” into a csv.  This means they are newer sellers who have yet to receive customer feedback.  This is a general red flag for fraud, but doesn’t necessary guarantee that the seller is fraudulent.  It’s simply a starting point. Here’s a step by step of the input for JungleScam.

  1. Allows you to enter the URL of a search result page to scan for all listed sellers for each product.  Simply type in “toys” to Amazon, for example, copy and paste the URL, and put it into JungleScam.
  2. Allows you to specify how many pages you want to crawl.  Right now the crawler is very slow due to captcha issues on Amazon.  You can get around it by spoofing your IP with a VPN, but we’re experimenting on how fast we want to make it without raising any red flags.
  3. Allows you to name the csv before export for easy access.

This script is currently in beta and there are plenty of other features that will be built into the program.  For example, in v.1.2 I’m planning on adding an option to search for sellers whose customer feedback falls below 60%, or any other arbitrary number I choose.  Another feature I’d like to add is the ability to scan all products on a page and test to see which products have mostly fake reviews using ReviewMeta API.  This will likely be in v.1.3.  I’m sure there will be plenty of other features I’d like to build into the platform once we’ve proved the concept and seen value generated from it.

If you’d like to check the script out, you can find it at GitHub.

JungleScam

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s