Entity Extraction Helps Detect Terrorist Fundraising Activity on Social Media

Entity Extraction, Homeland Security, Intelligence Analysis, Social Media Analysis

Entity Extraction helps detect terrorist fundraising on social media

Terrorists are Using Social Media to Raise Funds

Terrorist groups have long understood the usefulness of social media in recruiting members, spreading propaganda, and, of course, fundraising. In 2017 CNBC reported on one terrorist financier, Hajjaj Fahd al-Ajmi, who had a very interesting career. He was a Kuwaiti citizen, supposedly with ties to Al-Qaeda, and he discovered a new way to raise funds online for terrorism. He developed a very active presence on both Twitter/X (250,000 followers) and Instagram (1.3 million followers) and used them to issue calls for financing. Both sites were eventually shut down.

Unfortunately, cases like Al-Ajmi’s are still not uncommon. Terrorists are exploiting social media platforms more and more to secure financial support. Social media, as is well known, offer unique opportunities for anonymity and massive outreach. In addition, the rise of cryptocurrencies, along with weak governmental regulation, has made the transfer of funds much easier and harder to trace.

A common tactic when someone responds to a call for a donation is to send them to a platform such as Facebook or Twitter/X  where the arrangement for the transaction can be made. A more protected method is to encourage donors to make use of encrypted mobile applications. One such popular app, Telegram, is frequently employed for communications concerning the transfer of funds.  In both of these cases, the actual funds reach the terrorists through wire transfers or social media platforms.

Terrorists Frequently Claim the Funding is Going to Charities

One insidious feature of these communications is that donors are frequently deceived into believing that the funds will be used for charitable purposes such as refugee relief. In December 2022, Canadian authorities arrested a man who started online campaigns disguised as humanitarian efforts to raise funds for ISIS. He created multiple GoFundMe campaigns for humanitarian causes and used the resulting contributions to send US$20,347 to a cryptocurrency address tied to the terrorist group.

Terrorist groups will also even set up fake charities supporting relief efforts in war-torn areas of the Middle East and elsewhere as part of the scam.

One hopeful sign is that online fund raising using open platforms allows law enforcement and intelligence agencies better opportunities to track these activities. However, given their enormous growth, false identities, and ambiguous language, advanced technologies are needed to detect them so they can be terminated. One AI technology, Entity Extraction, is particularly powerful.

Entity Extraction Finds Key Concepts in Unstructured Text

Entity Extraction is an advanced A.I. technology that automatically identifies semantic concepts in unstructured text data such as names of people and organizations. It doesn’t rely on long lists of names. It uses a technique of dynamic recognition that analyzes the linguistic context surrounding the names to identify clues that a name is present. Using dynamic recognition, Extraction not only identifies persons or organizations previously known to be of a terrorist nature. It also identifies previously unknown names that, for example, occur in the same text as a known terrorist person or organization or are associated with those in some way.

Entity Extraction even goes beyond just extracting names. It also extracts relationships and events. Relationships are links between different entities, such as the location of a person. Events are more complex, involving an activity and possibly multiple participants, such as a person making a request for funding. The key contribution of Entity Extraction is that it gives a predictable, normalized format to the information that can be output in standard formats such as RDF, JSON, or XML.

Entity Extraction Detects Signs of Extremist Activity Online

To give a real-life example of how Entity Extraction works, one recent report cites the following donation request that appeared on Instagram and was apparently posted from a refugee camp in Syria noted for holding ISIS members:


In this donation request, Entity Extraction identifies multiple relationships and events. It extracts the phrase “TWO SISTERS” as an instance of persons and “CAMP AL HOL” as a location. It also recognizes that the persons are in that location. The output template looks like this:

  • Person_Location Relationship
    • Person: TWO SISTERS
    • Location: CAMP AL HOL

Entity Extraction also extracts the events in the posting. The phrase “WE COLLECTED 13,000$” is transformed into:

  • Raise_Money_Event
    • Recipient: TWO SISTERS
    • Amount: 13,000$

This example shows the true power of Entity Extraction. It recognizes that the low-information pronoun “WE” actually refers to the previous phrase “TWO SISTERS” and makes the substitution in the output template. A similar process would be applied to generate a Request­_Money_Event event for the phrase “WE NEED 3000$.”

Entity Extraction also has the capability to identify the veiled language that terrorists often use. In the above example, the word UMMAH is a term that in Islam refers to all believers but is also popular with extremist groups as shown in the above message. It’s easy to add such terms to Entity Extraction and they can be used to identify posts of particular interest to terrorism investigators.

Even though identifying coordinated large-scale efforts to solicit donations may be still a needle in a haystack challenge, Entity Extraction has the ability to analyze Big Data-sized texts across the entire Web in a timely fashion.

In sum, Entity Extraction provides sophisticated AI techniques to help identify terrorist fundraising efforts online. It is an invaluable tool for intelligence and law enforcement agencies.