Digital evidence analysis is the process of examine the structure of collected digital evidences such as audio, video, images, emails etc. through different views to obtaining the related information during the Digital Forensic Investigation.
Th development in the field of technology also pave the way to increase the crime through the digital ways. The digital crimes varies from hacking, social engineering to child pornography. The collection and analysis of evidences from the digital devices is the difficult task for the investigators during the crime Investigation. With the help Digital evidence analysis tool the can be easily handle & examine thousands of digital data. Which helps the investigators to perform the analysis in evidence investigation process faster with accurate results.
Digital evidences are the information transmitted or stored in the digital devices in binary forms. The common forms of digital evidences are audio, videos, digital images, emails etc. it can be found on computer, External hard drive, Mobiles, CD/ DVD, Servers etc. The Digital evidences are commonly associated with digital or electronic crimes so they are normally collected during the data or the devices are secured for investigation purposes. In this modern era computers or the electronic ways are used for committing crimes hence analysis of digital evidence always help to acquire important information that are valuable during the investigation and court procedures.
Due to the exponential growth in the digital crimes the extraction of the evidences from the digital devices gain importance in the modern world. Variants in the forms of the digital evidences and the storage devices make difference in the extraction process. The during the digital forensic investigation extracted data from the digital device is primary source of evidences. The digital evidence analysis process help the investigators examine and detect the crucial information related to the crime.
The fraudulent tactics used to manipulate people so as to get confidential information from them is a cyber crime known as social engineering. Emails like "You Won a Prize" or "You are a Lottery Winner" or Statements urging immediate actions like update your visa info, are some of the fraud schemes that aims at getting account details of bank or to have access over your computer. It is strictly suggested no to respond to these emails. The specialities of these emails are that they written in very unprofessional manner through which user can recognize them easily. Some other symptoms are also shown in the image. During the Forensic investigation of social engineering crimes analysis of digital evidence such as emails,text messages are always help full to to obtain the related information.
Social engineering attacks are not a direct attacks, that are normally happens or taken place in one or more steps. At first the attacker gather the background information of the victim to find the weak points in security levels to get an entry to the victim. Then next they will try to gain the trust of the victim through false statements or promises. At last through the trust gained from the victim they will take the actions that can lead to the breaking of security practices such as gaining the sensitive informations or granting access to critical resources.
This is the common technique that target to gain the trust of greedy or curious victim’s through providing false promises. This will make users into trap and steal their personal information or infect the system by malware.
In this mode of attack the attacker will give false virus attack or danger indicators to the user and make them to install some software that have no benefits. Through that they will gain the access to the user system.
Attacker obtain the sensitive information by gaining the trust through impersonate as co-worker, police, bank or any other person have the write to know the information.
Gain the victims information either through the email and text message campaigns aimed at creating a sense of urgency, curiosity or through opening the sites or attachments having malicious content.
Performing email evidence analysis process manually is a very difficult task during the Forensic investigation. Because during the each forensics investigation there will be a hundreds of email evidences to analyse. So examnine each one seperatly to extract the data will be very time consuming and also the accuracy of the result will be very low. In such situations depending on the email evidence analysis software will be best option.
During the Digital Forensic Investigation, the collection and analysis of digital evidence is the primary task performed by the investigators to obtain the related data that reside inside the evidence. MailXaminer is a dependable email evidence analysis software that helps investigators to extract the hidden informations from the email files. The tool allows examining the email evidences & its attachments in different views such as "Mail, Hex Property, Message header, MIME, RTF, Attachments, Email hops". Each view in the digital forensic evidence examination conveys different information about the email evidence. After the analysis in evidence dashboard of the MailXaminer provides the visual representation of the mail details, attachment categories, list of duplicate mail & mail timeline
For understanding steps involving steps involved in retrieval and analysis of digital evidence Click here.