While perhaps not having the most pleasant-sounding of names, “dirt strings” are a critical tool in financial crime investigations and open-source intelligence. Also referred to as “negative news strings”, dirt strings allow search engine users to screen a name of an individual or company against several different search terms simultaneously. Since these terms are ones associated with “digging up dirt” on a person or business, they are often referred to as “dirt strings”. By creating a feature that adds one-click capabilities for analysts to run dirt strings on entities of interest, Sigma just added yet another powerful tool in the investigative toolkit for its users.
Often, looking for something on major search engines have all been likened to searching for a needle in a haystack. And rightfully so. These search engines compile massive amounts of information on an entered term in a matter of milliseconds, but the individual going over the results may have a specific end in mind.
In order to narrow down the results of a particularly broad search, an investigator can add additional terms to see if an entity has any results associated with documented past crimes or negative news.
For example, let’s say an AML analyst at a bank has an alert come across their desk for suspicious financial transactions associated with a small Mexican grocery store in Virginia. First, the analyst must gather more information on the client to add crucial context and rule out potential false positives.
A preliminary search of the restaurant’s name - “Bella’s Tortilla & Meat Market” - gives directions, a link to the market’s Facebook page and some Yelp reviews.
However, if they add some terms to a dirt string that is appended to the name of the restaurant, a new picture is brought to the surface. By placing the restaurant name in quotations, adding “AND” and each search term separated by “OR”, the search engine will pick up and prioritize all results that contain any of these additional terms. These results immediately raise red flags in showing that the owner of Bella’s Market was sentenced on charges of laundering money for Mexican drug cartels just in February of this year. Whereas before we only saw surface information with the initial search, utilizing a dirt string takes a scattershot approach in reviewing search engine results to make sure nothing is missed. When no negative news arises, it can also add peace of mind in that steps were taken to make sure relevant results did not slip through the cracks.
Of course, the analyst may have likely found this information in a continued review of Google’s search results, but the time- and effort-saving benefits of dirt strings are immense.
Dirt strings are a simple, yet powerful method of OSINT that analysts use on a daily basis and Sigma is proud to provide this feature in its offerings. Even within the company, this feature is of great use to Sigma’s own analyst teams in conducting quality assurance and ensuring our internal news aggregators are catching important events across key domains. By leveraging OSINT tools like dirt strings, we can continue to provide our clients with the most up-to-date information on who they need to know, when they need to know it.