Connectivity
has boomed with technological revolution in information exchange, electronic
media storage, and communications. The world which appeared too large has
shrunk to a level where users have multiple benefits of connectivity in
business, personal, and industrial level. But technology has failed from
keeping it immune from the criminals who have taken full benefits of this
information age. Side effects of this immense technology as violated crimes
have also started showing its presence.
Email Investigations Computer Forensics
Crime investigators find it difficult to tackle such hurdles as electronic media evidences can be removed or deleted. Investigators try to find the evidences in emails and this study involves investigation of metadata, keyword, route of email, headers, etc. to trace the culprit. Various computer forensics email investigation tools and procedures are used for investigation to reduce time and efforts and get optimum results. The distinctive approaches of forensic examination, done on various email file formats are necessary for right investigation. Some of the most prominent tools for email investigation are;
EnCase Forensics:
This
application is a foremost program which basically provides image (copy) of
drive and preserves it to be used as forensics evidence with EnCase evidence
file format recognized worldwide in courts. It is presented as a complete suite
with advance techniques of bookmarking, analysis and reporting feature and
supports Internet and email investigation also. The email files supported by
this application involves majority of desktop email clients including MS
Outlook PST file, Exchange EDB mailboxes, Lotus Notes NSF files, MBOX files, DBX, etc.
eMailTrackerPro:
This
application is to analyze the headers of the email which in turn gives the IP
address of sender machine. So it becomes easy to trace the sender. Application
is capable to trace IP addresses of multiple emails at same time and also
traces out other information related to it like; city from where email came,
actual path of email, network provider, etc. The best thing is tool supports
various languages like Japanese, Chinese, Russian and English. And the major
feature is “abuse reporting” which reports the ISP of sender.
Email Forensic Tool:
Email forensic tool is another well-designed application. It is a complete suite of various
important modules. Software supports various email files (healthy and
corrupted); PST, EML, Cloud based Gmail data, Exchange EDB, OST, DBX, E01, etc.
Preview of email messages in various view modes like - MIME, HTML, Attachments,
HEX, Email Hop View, etc. is provided which allows tracing IP address. It also
involves advance search facilities and is perfect for managing multiple case
studies with features like open case, close case and team collaboration which
help various investigators work on same case.
EmailTracer:
This
application comes from RCCF India, a prominent name for forensics investigation
which has developed many other tools. Application helps to trace out IP address
and other information from the headers of emails. Thus it is easy to trace
where the email originates from, which path it followed, geo location, etc.
following generation of detailed report in HTML format. Added benefit is it has
keyword searching facilities providing more productive and detailed analysis.
Conclusion:
These
are few computer
forensics email investigation tools preferred by
various law enforcement agencies for the purpose of crime investigation. Some
prominent names have been only added here, some of which are free and others
are premium. These can be downloaded for testing their performances. One of the
premium tools email forensic is also available as demo version for evaluating its
working.
Forensics
is an integrated part for Crime Investigation and with the involvement of such
powerful tools investigators not only save their precious time, but also sniff
out the right culprit.
0 comments:
Post a Comment