Emails are one of the preferred communication medium used by both small-scale and large-scale organization. Throughout these years, there has been a rapid increase in different email applications, which are developed to meet the different needs of diverse users.
EarthLink emerged as one of the email services providing completely a different webmail experience. EarthLink stores email files in its proprietary (DAT) file format. Moreover, these files can be exported from EarthLink Mailbox to CSV format. However, the CSV file will not include attachments and image files, if any. EarthLink webmail is also vulnerable to various email attacks. Here in this blog, we will discuss EarthLink forensics in an elaborated way.
EarthLink is a webmail-client, which is not so typical and has an interface that resembles the UI of a desktop email client. It offers a basic emailing service with remarkable additional options.
Working with EarthLink is an experience no different from browsing the web. However, it doesn’t carry out even a single action without having to refresh the webpage completely. As it is quite a disturbing act especially during login as it may lead to loss of information. Following are some of the features incorporated in EarthLink webmail.
EarthLink has been involved in eDiscovery cases both as a victim client and as a culprit in an act. A detailed study of the web service reveals that EarthLink can be used to conduct cybercrime for financial gain, etc. Below mentioned are some upgraded set of features as well as shortcomings of the EarthLink webmail service. It proves to be responsible for conducting suspicious acts via email communication.
EarthLink as the Victim
Technology may be powerful but is not perfect. The proof of it is its shortcomings and failure in fulfilling certain user requirements.
EarthLink is no exception and has been in the news several times for cases related to the compromise of security.
Reason: The webmail service does not use “TLS level encryption” during the login procedure on the POP3 services. Therefore, its privacy can be easily attacked by intercepting the wireless connection in use.
EarthLink as the Culprit
EarthLink is utilized not only for good purposes but also it can be used for illegal purposes. EarthLink is also involved in cybercriminal acts as the culprit too.
Following is an account of the features responsible for such consequences and misuse of the webmail service.
From the above-described reasons, it can be understood that the anonymous emailing option indirectly promotes spamming and has the potential to be used for illegal purposes. Secondly, the allotment of multiple profiles to a single user account can again be used for spamming, email bombing & various other email attacks.
It is possible to encrypt the login in EarthLink via IMAP configuration or through its default web interface. Nevertheless, it is not enabled by default yet can be customized into usage by user preference.
If the account has recovered after being hacked once, always ensure that the email settings have not been manipulated. The hacker can receive all your emails via email forwarding that may have been set during the period of hacking. Post recovery of a compromised account, make sure to check all the settings. Also, apply a stronger password along with session encryption enabled besides just login encryption.
Following are some major challenges often faced by the investigating officers while performing EarthLink forensics.
MailXaminer is one of the proficient Email Forensics Software that lets investigators to deeply analyze the email files. The software is designed with powerful features such as advanced search options, various analytics options, geolocation mapping, etc. Moreover, it is efficient enough to support 20+ email file formats from both web-based and desktop-based email applications.
EarthLink Forensics emerges as a complicated platform to examine from a certain investigative point of view due to session encryption, web access, and multiple account correlation. However, MailXaminer helps surpass the challenges with the help of its key features enabling the investigators to swiftly examine the email data files.