Nowadays the criminal activities like spoofing, social engineering, distribution of pornographic contents, cyber bullying etc. through the email exchanges are increasing day by day. The free web base email services are mainly chosen as the platform for these activities. In such a situation analysis of email artifacts plays great role in Forensics email Investigation process. Among the all free web services AOL is one of the commonly using emailing service all around the world. This increase the need for AOL email & PFC forensics investigation for the extraction of evidence from AOL email data
AOL Mail is a free web service released by AOL (American Online) in 2005. Its simple nature and unlimited storage capability make it differ from other web mails. Also provides spam, virus protection and spell checking options to support and secure the user data. AOL Mail support the POP3, IMAP, SMTP protocols and allows to link email accounts from other service providers. Another feature of AOL webmail is, it will automatically disable the embedded links in the emails and that can only enabled by the email users.
When you think about AOL email forensic first question arise in your mind is how to recover the email data form the AOL Mail and analyze the evidences. This blog will help you to resolve all you doubts.
AOL Email Forensics with Forensic Investigation Tool
MailXaminer Email Examiner is the most recommended AOL Digital forensics software which help the investigator to effortlessly extract and analyze the evidence from the AOL Mail. Follow the below process to recover and analyze the email data during the AOL email forensics investigation.
1) Open/ create the case and Select Add New Evidence option from the forensic to recover AOL email data from the web mail service.
2) Choose the IMAP option from the Cloud email client section to and provide the details to directly access & perform AOL data forensics on web mail data.
Note:- Software also allows user to add user accounts in bulk with a CSV file.
- IMAP server URL: imap.aol.com
- Port Number: 993
3) To examine and analyze the email data, AOL digital forensics investigation tool provide the option to preview the email file in different views such as Message, Hex, Properties, Message Header, MIME, HTML, RTF, Attachments”
Download & Investigate AOL Desktop Email Accounts
The AOL Desktop application (also known as America Online) uses PFC (Personal File Cabinet) file format to store the email messages, stored contacts’ data and much more. Because of its humongous features, AOL Desktop has become one of the most widely used emailing applications around the globe. And this is the reason why Forensicators feel the need to investigate the complete set of email messages for which the locally stored PFC needs to be examined. Being used by most of the corporate and high profile users, it becomes a subject to illicit usage such as; sharing of obscene images, cyber attacks, etc.
AOL Desktop Application, by default allows the users to create a backup of PFC (Personal Filing Cabinet). This backup data can either be used for further investigation purposes or can also be restored back in AOL via Restore feature.
Steps to Backup & Download Email Data for AOL PFC Forensics Investigation:
To investigate the AOL email accounts, creation and download of available PFC format backup needs to be done.
STEP 1: To download the PFC data, it is required to traverse the AOL Desktop software in an offline mode. This can be done by selecting the Sign Off option available at the top.
STEP 2: With the offline mode enabled, go to the Settings option available under the main menu.
STEP 3: As soon as you will click on the settings, an AOL Settings pop up will appear on screen. To perform Aol PFC forensics backup operation of AOL email accounts, click on the Mail Settings option.
STEP 4: – The Mail Settings pop up window will appear on the screen. Click on the Manage Saved Email drop down option and select Backup. Proceed by clicking on the Save button.
Investigators can make use of this AOL email forensics backup feature only up to AOL Desktop 9.7. The later versions do not feature this option. But instead of creating backup, investigators can now create a folder of PFC file on the local machine.
Backup via “Saved on My PC” Folder PFC File
The best advantage of backing up the AOL data in Saved on My PC folder is that this folder is portable and can be easily transferred from one machine to another and AOL PFC forensics investigation can be conducted. This would help the investigators dig into the PFC data on the machine of their choice.
STEP 1: – Launch AOL. Go to Saved on My PC section. Right click and choose Save Folder As…
STEP 2: – From the opened Save Folder pop up window, choose the destination location and click on Save.
Now go to the location mentioned for saving the backup to view the saved PFC file.
This stored PFC file can then be used for further investigation and analysis purpose. The above mentioned Email Forensics Software excels in providing a suitable and detailed AOL email forensics platform.