Email Investigations PDF

Title Email Investigations
Author Alan Cieślar
Course Forensic IT
Institution De Montfort University
Pages 6
File Size 561.5 KB
File Type PDF
Total Downloads 16
Total Views 147
Preview
CLICK TO PREVIEW PDF
Summary

Summary on how emails may be investigated in criminal cases ...

Description

Email Investigations

SMTP: Simple Mail Transfer Protocol     

Receives emails from the sender Validates source and destination addresses Sends and Receives emails To and From other SMTP Server User/ Email Client/ Webmail use SMTP to SEND the intended email

1

POP: Post Office Protocol 

It is an incoming mail server that helps the user to RECEIVE the email residing in its emailbox



POP3 Server Deletes the email from its server once user's email client downloads the particular email

IMAP: Internet Message Access Protocol 

It is a standard email protocol that stores email messages on a mail server, but allows the end user to view and manipulate the messages as though they were stored locally on the end user's computing device(s) Examining email messages

 

 

 

Access victim’s computer to recover the evidence Using the victim’s e-mail client  Find and copy evidence in the e-mail  Access protected or encrypted material  Print e-mails Sometimes you will deal with deleted e-mails Copying an e-mail message  Before you start an e-mail investigation you need to copy and print the e-mail involved in the crime You might also want to forward the message as an attachment to another e-mail address With many GUI e-mail programs, you can copy an e-mail by dragging it to a storage medium or by saving it in a different location Viewing email headers



 

Learn how to find e-mail headers  GUI clients  Command-line clients  Web-based clients After you open e-mail headers, copy and paste them into a text document  So that you can read them with a text editor Headers contain useful information such as..  Unique identifying numbers, IP address of sending server, and sending time Examining E-mail Headers



Gather supporting evidence and track suspect  Return path  Recipient’s e-mail address  Type of sending e-mail service  IP address of sending server  Name of the e-mail server 2

 Unique message number  Date and time the e-mail was sent  Attachment files information

3

REMEMBER! •

Always ensure you have legal authorisation



Document every action and procedure during your investigation



Don’t forget to adhere to the FOUR ACPO Principles

Viewing and examining headers     

There are many ways of getting the email header, depending on mail system Hotmail – easy Outlook Express depends on host Find it and copy it to text editor See Email Tracker Pro headers tutorial …

4

5

CRITICAL ISSUES IN EMAIL INVESTIGATIONS Systems Administrators (that can be trusted!) Headers IP address Software support

6...

Similar Free PDFs
Email Investigations
  • 6 Pages
Email
  • 7 Pages
Investigations notes
  • 18 Pages
Email Writing
  • 1 Pages
Email assignment
  • 1 Pages
Esercizio email
  • 1 Pages
Email-database-list-USA-email-database-email-lists.pdf
  • 2 Pages
Alamat email
International Investigations- NGOs
  • 6 Pages
Inquiries, Investigations and Immersions Q1 SHS Applied
  • 47 Pages
Email - assignment
  • 1 Pages
ACCC\'s accountablility framework for investigations
  • 38 Pages
Criminal investigations ch 1
  • 8 Pages
GERD Investigations & DIfferentials
  • 2 Pages
Normas UECE Email
  • 8 Pages
Professional Email Assignment
  • 3 Pages
Popular Institutions