The major difference between a regular internet user and a hacker is that a hacker knows where to look for the most reliable information. In today's world, there is more data available on the internet than ever before. OSINT helps the hacker to gain small but very critical details of a person/organization, such as the location of their office, current job openings, the employee working at the office, their names, address, Social Security number and so forth. There are plenty of tools available in the OSINT Framework to achieve this task.
OSINT helps hackers to search available data for a person- or organization-specific data that is exposed on the internet. Some of the sites included might require registration or offer more data for money, but you should be able to get at least a portion of the available information for no cost. The OSINT framework is focused on gathering information from free tools or resources, and the intention is to help people find free OSINT resources. OSINT stands for open-source intelligence. Nowadays, a hacker with a good understanding of the Dark Web could easily get their hands on this dump and access millions of stolen accounts, whereas a regular internet user may not even know what the dark web is. The hacking group ShinyHunters have offered for sale what they claim is the stolen account information of millions of online daters who have used the popular app. Zoosk is a dating app which suffered a massive data breach recently.
The Dark Web is a protected place to buy/sell such sensitive details on the internet without being caught because it provides complete anonymity for anyone who uses it. While these details don't include passwords and other such credentials, they can still be used by the hacker to impersonate/steal a user's identity with which they could conduct a spamming and/or phishing attack with great realism. The data consist of user's account details, such as names, user IDs, and phone numbers. It’s been found that the details of over 267 million Facebook accounts are available on the dark web for a mere 500 Euros. A hacker is very much aware of onion routing and how to access Dark Web. The best part about onion routing for hackers is that it is not indexed by google and not accessible via the standard internet. The Dark Web uses onion routing, which is only accessible via TOR VPN. The Dark Web is web content that exists on darknets, overlay networks that use the internet but require specific software, configurations or authorization to access. One nefarious way that a hacker can find the exposed data of an organization online is on the Dark Web or Deep Web. You could access their iCloud/Gmail/Yahoo with all their photos, email accounts, Facebook and Instagram - all of them vulnerable to hacking once you have this database.
If they have not changed their password and used the same password on other sites, you can hack into many places where they do their work. 012BTC you can attempt to access anyone's LinkedIn user account. Of course, this is all available, and for. More than 159 million pieces of data were found available on Pastebin in an “email: password” format. In August of 2019, LinkedIn suffered a massive dump of data exposed online.