Crimewall Tips: Investigating Illegal Activities on Telegram
Telegram is a great resource, but like with almost any technology, it can be used for negative things as well as good. With illegal content and activities having a continual and significant presence on the platform, we want to quickly touch on some go-to techniques demonstrating how SL Crimewall can be used for a number of Telegram-based investigations.
In this post, we focus on two specific examples—drug trafficking and terrorist groups—but these same approaches can be applied for a range of cases. Let’s take a look…
Anti-Drug Trafficking
The Telegram ecosystem contains a significant number of chats with illegal content. These chats are frequently deleted and new ones appear, making them difficult to access and monitor. However, for investigations, it is critically important to know how to find them. One of the most effective approaches for doing this is as follows:
Step 1: Run Geolocation Search. Many Telegram groups are linked to specific locations, for example, for drug deals that are to be conducted locally.
Step 2: Identify Group Admins. The accounts of admins will be visible even when the group members are hidden.
Step 3: Find Other Groups Admins Belong To. This is easy to do using archived data from similar chats.
Step 4: Analyze Messages and Members. Study related groups to determine a wider structure around your group of focus, and identify the active members. And don’t forget that reactions to messages may also be a useful source of information!
Step 5: Extract Phone Numbers. Reveal the real identifiers of those involved in illegal activities.
While steps 1, 2, and 4 are usually pretty straightforward, steps 3 and 5 may require additional tools providing information from databases of chats, accounts, and phone numbers, such as @tgscan_clone_robot, @ChatSearchRobot, @tgdb_bot, and @SangMata_beta_bot.
Counter-Terrorism
Open Telegram channels and chats of this type are relatively quickly removed. Nevertheless, such groups are constantly appearing and when they do, they need to be monitored. In addition to common infiltration practices, here are a few tips that can even help identify group members, when the channels don’t disclose their subscribers by definition.
Step 1: Study Channel Comments. The presence of comments means that there is a chat connected to the channel in question. These interactions can then be accessed and studied using Telegram’s standard functionality.
Step 2: Analyze Messages and Members in the Discussion Chat. Logically, contributors to such chats are often subscribers of the channel. However, it’s important to note that members can post in the chat separately, so their messages might not appear in the comments. By studying the chat members and their messages, you can gather much more information than you would from the comments.
Step 3: Identify Group Admins. Again, the accounts of admins will be visible even when group members are hidden. This can be used to identify other chats that need to be monitored.
Step 4: Find Other Groups Or Other Channels. Remember that for open channels, Telegram allows you to find similar channels with common subscribers. This can be extremely useful for studying the group’s broader structure.
Step 5: Extract Phone Numbers. The next task is to reveal the real identifiers of those involved in illegal activities. Again, this step can be challenging, but depending on your region of interest, there are various tools and apporaches—such as pivots in social networks through various SOCMINT techniques—that can help you obtain this information.
We hope this mini guide has given you some new approaches in your work. Keep these simple instructions up your sleeve then try applying them next time you are conducting an investigation through Telegram, and see what they produce!
If you’d like to learn more about how SL Crimewall can transform investigations into illegal online activities, get in touch. Simply follow the link below and we’ll arrange a personalized demo with one of our specialists.
