Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,900 --> 00:00:05,610
In this video, we're going to be taking a look at reverse email searches, so you may be in a situation
2
00:00:05,610 --> 00:00:14,160
where you have your email address, but you're not sure who it belongs to, where they're from or what
3
00:00:14,160 --> 00:00:16,800
else this email account is associated to.
4
00:00:17,850 --> 00:00:20,600
So there's a few ways we could take a look at this.
5
00:00:20,650 --> 00:00:25,950
So one way is you could use a people search program.
6
00:00:26,370 --> 00:00:28,460
People spoke.
7
00:00:28,470 --> 00:00:30,480
You have a couple up here.
8
00:00:30,480 --> 00:00:33,540
I got been verified dot.
9
00:00:35,190 --> 00:00:36,510
We'll start with this one here.
10
00:00:36,510 --> 00:00:38,860
So I we have our email address in here.
11
00:00:38,860 --> 00:00:42,210
Additional games at gmail.com mere click search.
12
00:00:45,860 --> 00:00:50,810
OK, and it's going to be pretty common to all of you, all the people search, once you're going to
13
00:00:50,810 --> 00:00:56,510
see a progress bar, you'll see a spinning circle or it will flash a bunch of random pictures of people
14
00:00:56,510 --> 00:01:00,230
then supposedly searching through, Oh, this is going to take a little bit.
15
00:01:00,230 --> 00:01:03,800
So I'm going to let that run, and I ran a couple other ones here.
16
00:01:04,010 --> 00:01:06,190
So this one is behind it.
17
00:01:07,970 --> 00:01:08,340
I'm sorry.
18
00:01:08,360 --> 00:01:11,900
This one is w w w behind that email.
19
00:01:12,800 --> 00:01:15,830
Now this one actually pulled up a little bit more information.
20
00:01:16,430 --> 00:01:22,220
Typically, these sites aren't real great about finding real information about the email addresses,
21
00:01:22,220 --> 00:01:25,970
so your mileage is going to vary just like any other tool.
22
00:01:27,740 --> 00:01:30,150
This one was a little bit more accurate than usual.
23
00:01:30,170 --> 00:01:36,530
It did come with the name they used for their Gmail account, Jeff, and came with the little icon pitcher.
24
00:01:38,960 --> 00:01:45,630
Well, then again, if they actually searched, say, the Google Plus, you'll probably find it too.
25
00:01:46,710 --> 00:01:49,620
But it came with three social networks and one photo.
26
00:01:50,370 --> 00:01:55,290
And for a one time fee of a dollar 99, you can unlock more information.
27
00:01:55,980 --> 00:01:58,950
But chances are it's not going to find that much info out.
28
00:02:00,580 --> 00:02:03,370
Another one they pulled up was info tracer.
29
00:02:04,630 --> 00:02:10,310
We go back one screen here and it's info tracer recom.
30
00:02:12,700 --> 00:02:20,320
This one came up with an IP address, country address ISP.
31
00:02:21,100 --> 00:02:21,730
Now.
32
00:02:23,570 --> 00:02:28,910
A lot of times these people search sites will come up with information like this or email search programs.
33
00:02:29,630 --> 00:02:34,190
So this IP is actually not my IP, it's an IP they've used before.
34
00:02:34,250 --> 00:02:36,110
This is actually Google's IP address.
35
00:02:36,110 --> 00:02:41,330
If you look it up, country is U.S., which is actually true.
36
00:02:42,110 --> 00:02:45,700
That's only because Google's locate in the U.S..
37
00:02:46,520 --> 00:02:48,530
Mountain View, California.
38
00:02:48,830 --> 00:02:51,390
That's nowhere really near where I'm at.
39
00:02:51,410 --> 00:02:53,930
This is actually Google again, Google's address.
40
00:02:53,930 --> 00:03:01,070
So trying to track down a Gmail user's address, even using email headers.
41
00:03:02,120 --> 00:03:03,650
You're not going to be real successful.
42
00:03:03,890 --> 00:03:11,000
You're going to come up with Google's information just like pretty much any other email address.
43
00:03:11,010 --> 00:03:14,040
So that's going to be the problem with email nowadays.
44
00:03:14,060 --> 00:03:18,080
It's not like how it was, say, 20 years ago.
45
00:03:19,100 --> 00:03:23,210
You used people to grab the email headers, parse out where the location was.
46
00:03:23,930 --> 00:03:29,240
Nowadays, that information is matched by is not ISP by the email provider.
47
00:03:30,470 --> 00:03:35,750
So as you see here, you know, the information that it pulled is all of Google's information.
48
00:03:38,400 --> 00:03:43,410
Now, another thing you could do is you could do a Google advance search.
49
00:03:44,070 --> 00:03:52,140
So what I did here, once I put this bowl games on gmail.com in quotes, so what that'll do is it isolates
50
00:03:52,140 --> 00:03:55,320
that search Gmail search down to that email address.
51
00:03:56,190 --> 00:04:05,280
So in here, you could see a few Amazon.com hits for a couple of apps, and these are apps that actually
52
00:04:05,280 --> 00:04:10,440
did develop under the display game's name or email address, rather.
53
00:04:11,130 --> 00:04:13,470
So that's actually very accurate.
54
00:04:15,540 --> 00:04:21,540
Scrolling down in here, I also see that some of my apps were actually stolen upload to foreign websites,
55
00:04:21,540 --> 00:04:25,950
so that's actually good information for me personally.
56
00:04:29,080 --> 00:04:36,610
So as you can see here again, it really just isolated down the search results, so instead of, well,
57
00:04:36,610 --> 00:04:39,940
see, we have two pages of Google results.
58
00:04:41,810 --> 00:04:49,430
So pretty, pretty short now versus if I did if I took this out of quotes, let's see how many hits
59
00:04:49,430 --> 00:04:50,000
we would get.
60
00:04:58,580 --> 00:05:01,910
OK, so this wasn't too bad, you came up with the same number of results.
61
00:05:02,750 --> 00:05:05,840
Two pages, 80 hits, so still pretty good.
62
00:05:07,010 --> 00:05:07,400
All right.
63
00:05:08,030 --> 00:05:12,020
So let me show you another another way to find email addresses.
64
00:05:13,070 --> 00:05:19,310
So if you want to see if that email address was used for certain social media sites like, say, Facebook,
65
00:05:19,550 --> 00:05:27,590
Twitter, LinkedIn, any of these sites, one way you could do it is you could say you forgot your account.
66
00:05:28,520 --> 00:05:33,680
A lot of times this will either allow you to open a phone number or email address or both to try to
67
00:05:33,680 --> 00:05:34,640
recover your account.
68
00:05:35,660 --> 00:05:41,150
So in this case, if we go on facebook.com and click for good account, it's going to come up with this
69
00:05:41,150 --> 00:05:41,720
page here.
70
00:05:42,620 --> 00:05:49,040
So I repopulate the email address and again, we can least for this example, we could actually open
71
00:05:49,040 --> 00:05:52,940
a phone number two if we had a phone number that we're searching for right now.
72
00:05:52,940 --> 00:05:54,140
We're talking about email.
73
00:05:54,530 --> 00:06:00,890
So in here I have dispo games at gmail.com and I'm going to click search.
74
00:06:02,970 --> 00:06:11,360
And it's going to go through, and lo and behold, it actually found a a Gmail account on Facebook servers,
75
00:06:11,370 --> 00:06:20,420
so going this route, I I verified that yes, this email account does in fact have a Facebook account,
76
00:06:20,910 --> 00:06:24,780
and I could see the Facebook username here and disposable GM.
77
00:06:25,080 --> 00:06:32,340
So now I could actually search sort of searching Facebook under spoke for disposable GM and actually
78
00:06:32,340 --> 00:06:34,290
find more information about my target.
79
00:06:36,390 --> 00:06:40,690
So another way we could find information out is we could do.
80
00:06:40,710 --> 00:06:41,640
Have I been pwned?
81
00:06:47,430 --> 00:06:50,580
OK, so if we go to have I been pone, don't go.
82
00:06:53,470 --> 00:06:58,360
We could type in an email address, Dispo games at Gmail dot com.
83
00:07:00,250 --> 00:07:08,440
And we click the phone button and here we go, so we can see if this was part of any data breach use
84
00:07:08,440 --> 00:07:14,560
and we could potentially find out what other sites say, how emails are linked to someone here.
85
00:07:14,920 --> 00:07:19,180
I see it was actually a link to a Dropbox account in an Adobe account.
86
00:07:19,660 --> 00:07:27,280
So again, this is great information, especially especially if they email if the or target's email
87
00:07:27,280 --> 00:07:29,080
address was used for a lot of other sites.
88
00:07:29,290 --> 00:07:33,100
Pastebin account or Instagram or LinkedIn account.
89
00:07:33,100 --> 00:07:39,490
Again, that'll just save us time from going to each site and doing a search on those email addresses.
90
00:07:40,450 --> 00:07:40,620
But.
91
00:07:42,610 --> 00:07:45,600
OK, there's one last one I want to show you, so I got.
92
00:07:46,140 --> 00:07:49,750
Oh ah, Bruce, good to VM running here.
93
00:07:49,880 --> 00:07:56,440
Let me log back in here and I fired up Maltego, which we could actually just run from this icon right
94
00:07:56,440 --> 00:07:56,740
here.
95
00:07:58,450 --> 00:08:05,980
Now, once he hit Maltego loaded up, then you start a new new graph by clicking this button here.
96
00:08:06,550 --> 00:08:09,910
I'm just going to drag this email address right over here.
97
00:08:11,060 --> 00:08:11,450
OK.
98
00:08:12,230 --> 00:08:17,510
And then I'm going to double click on this, and they cleared this one out, I'm going to step in Dispo
99
00:08:17,510 --> 00:08:18,140
games.
100
00:08:19,890 --> 00:08:21,450
At gmail.com.
101
00:08:23,180 --> 00:08:23,400
OK.
102
00:08:23,690 --> 00:08:24,500
Click OK.
103
00:08:27,520 --> 00:08:28,900
And we're going to right click this.
104
00:08:30,220 --> 00:08:37,120
And I'm going to run this a c t c, and I'm going to just run all the transforms.
105
00:08:40,290 --> 00:08:40,590
OK.
106
00:08:40,620 --> 00:08:42,960
Give it as a second wants running and.
107
00:08:44,030 --> 00:08:44,540
Here we go.
108
00:08:44,960 --> 00:08:45,500
So.
109
00:08:46,450 --> 00:08:48,820
It verify the email address does exist.
110
00:08:49,840 --> 00:08:57,130
It is a Gmail address, and it looks like this is one of the accounts tied to is Flickr.
111
00:08:59,270 --> 00:09:09,170
So going off hour, have I Been Pwned that found a Dropbox account, which Maltego didn't, however,
112
00:09:09,170 --> 00:09:15,080
have I been phoned, didn't find the Flickr account, so it's good to run multiple tools to help verify
113
00:09:15,080 --> 00:09:15,710
your data.
114
00:09:16,910 --> 00:09:23,180
So if I just run this, I could try to do Flickr and friends out, there's going to be a lot of information
115
00:09:23,180 --> 00:09:23,840
that comes up.
116
00:09:24,730 --> 00:09:25,660
You know, nothing.
117
00:09:26,950 --> 00:09:34,060
And if I just run a transform on the Gmail's, it's just going to find more Gmail stuff.
118
00:09:35,690 --> 00:09:36,140
So.
119
00:09:38,440 --> 00:09:44,620
Say, if this was a corporate email address or a private one, if they have a post on their own website,
120
00:09:44,740 --> 00:09:48,360
this would actually probably be a lot more informative to us.
121
00:09:48,370 --> 00:09:52,450
But in this case it's a it's just a generic Gmail address.
122
00:09:52,450 --> 00:09:52,870
It's coming.
123
00:09:54,550 --> 00:10:00,910
You know, we can actually just see a lot of the Google stuff in here, which is that's want to show
124
00:10:00,910 --> 00:10:01,600
you that real.
125
00:10:04,790 --> 00:10:05,330
So.
126
00:10:06,620 --> 00:10:13,220
Again, these are a lot of tools that you could use to help find reverse email searches.
127
00:10:14,580 --> 00:10:17,300
And as always, I encourage you to do.
128
00:10:18,690 --> 00:10:20,430
Don't just use one tool.
129
00:10:20,730 --> 00:10:27,570
Use multiple tools because, you know, as we saw here, Maltego found a Flickr account.
130
00:10:27,630 --> 00:10:28,650
Have I been phone found?
131
00:10:28,650 --> 00:10:29,880
The Dropbox account?
132
00:10:30,720 --> 00:10:37,470
The The People search sites found a little bit another piece of information.
133
00:10:37,470 --> 00:10:43,260
So all these different tools will help build a larger picture and also help verify your information
134
00:10:43,260 --> 00:10:47,280
that you're finding, because not all these things are going to be accurate.
135
00:10:49,140 --> 00:10:51,510
So again, this was reverse email searches.
136
00:10:51,690 --> 00:10:52,110
Thank you.
13086
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.