OMA054-6: Email Forensics and Incident Response Investigation
VerifiedAdded on 2020/06/05
|26
|7956
|375
Report
AI Summary
This report delves into the methods, procedures, and tools employed by digital forensics companies in the UK to investigate crimes involving electronic emails. It begins with an abstract highlighting the increasing rate of email-related crimes and the need for effective investigation techniques. The introduction provides background information on the evolution of technology and the rise of cybercrime, particularly through emails. The report defines the aim and objectives, including identifying email-related crimes, determining investigation procedures, understanding the tools and methods used, and recommending ways to reduce email crime rates. It covers various email-related crimes like spoofing, phishing, and bogus offers. The report examines the procedures followed by digital forensic companies, discussing challenges, legal considerations, and the importance of protecting client information. The methodology section outlines the research approach, including interviews with forensic experts. The results and discussion analyze the findings, highlighting the lack of knowledge as a major factor contributing to email crime and the need for forensic firms to stay updated with technological advancements. The conclusion summarizes the key findings and emphasizes the importance of forensic investigations in addressing email-related crimes. References and appendices, including questionnaires from forensic experts, are included to support the research.
Forensics and Incident
Response (Electronic emails)
Response (Electronic emails)
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
ABSTRACT
Advancement in technology is effective enough to protect people from the type of
criminal activities that take place. However, it is identified that individuals get in trap of the
people who are wan to harm or get money. The present research is conducted to determine the
methods, procedure and tools for investigation applied by forensic companies for electronic
email. This is an area in which the research is carried as the rate of crime is increasing
tremendously. So as to conduct the research, there are both primary and secondary methods that
are applied so that information with respect to the topic can be identified. More specifically, the
researcher has made use of interview from 5 of the exports of Forensic persons. They are
selected as they have proper understanding about the research topic. From the research
conducted, it is identified that the lack of knowledge is the main cause due to which people get in
trouble or become the part of criminal case. In addition to this, forensic firms need to be frequent
advancement made towards technology so that they are able to identify the people behind the
crime conducted through email.
Advancement in technology is effective enough to protect people from the type of
criminal activities that take place. However, it is identified that individuals get in trap of the
people who are wan to harm or get money. The present research is conducted to determine the
methods, procedure and tools for investigation applied by forensic companies for electronic
email. This is an area in which the research is carried as the rate of crime is increasing
tremendously. So as to conduct the research, there are both primary and secondary methods that
are applied so that information with respect to the topic can be identified. More specifically, the
researcher has made use of interview from 5 of the exports of Forensic persons. They are
selected as they have proper understanding about the research topic. From the research
conducted, it is identified that the lack of knowledge is the main cause due to which people get in
trouble or become the part of criminal case. In addition to this, forensic firms need to be frequent
advancement made towards technology so that they are able to identify the people behind the
crime conducted through email.
Contents
ABSTRACT....................................................................................................................................2
INTRODUCTION...........................................................................................................................1
Background......................................................................................................................................2
The crime that take place through electronic emails...................................................................3
Procedures that are followed by digital forensic companies for investigating on crimes caused
through electronic emails.............................................................................................................4
Methods and tools that are used for Electronic emails by digital forensics company in UK......5
Methodology....................................................................................................................................7
Result and discussion.....................................................................................................................11
Conclusion.....................................................................................................................................14
REFERENCES..............................................................................................................................15
APPENDIX 1.................................................................................................................................17
APPENDIX 2.................................................................................................................................23
Questionnaire from Forensic Experts........................................................................................23
ABSTRACT....................................................................................................................................2
INTRODUCTION...........................................................................................................................1
Background......................................................................................................................................2
The crime that take place through electronic emails...................................................................3
Procedures that are followed by digital forensic companies for investigating on crimes caused
through electronic emails.............................................................................................................4
Methods and tools that are used for Electronic emails by digital forensics company in UK......5
Methodology....................................................................................................................................7
Result and discussion.....................................................................................................................11
Conclusion.....................................................................................................................................14
REFERENCES..............................................................................................................................15
APPENDIX 1.................................................................................................................................17
APPENDIX 2.................................................................................................................................23
Questionnaire from Forensic Experts........................................................................................23
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
INTRODUCTION
With time there are different type of changes that has taken place with regard to
technology. There are many firms that have come up so that people can be protected from any
type of crime. With advancement in technology, it has also given raise to crime with the help of
different type of electronic sources (Casey, 2011). In order to be better, firms make frequent
changes in their services and the type of technologies that are being used. Present research is
focused on forensic investigation in which analysis and gathering for the crime that are related
with physical evidence. This is done so that appropriate conclusion is determined through which
the suspect can be found. There are different areas in which the investigators will look, it
includes fingerprints, hard drives, residue, computer or any other type of electronic technologies
that are found at the crime scene. There are various type of tools that are used so that clues can
be found out and the suspect can be caught (Chung, Park and Kang, 2012). There are forensic
scientists who collect analyse and preserve the evidence that are found during the investigation
and are some of the scientists who travel to crime scenes and collect evidence themselves. Both
civil and criminal cases are testified and they have the privilege to work defence or prosecution.
When taking about ancient world, the rate of standardized forensic practices. Confessions took
place so as to make the crimes done by people and they were punished (Nelson, Phillips and
Steuart, 2014). However, with changes in time, there are many experts who aim at understanding
the case and focus on findings out clues that can help to catch the suspect.
In the year 1248, there was first account of making use of entomology and medicine were
used so as to criminal cases. Later on there are many different type of advancement in
technology that formed many organization that work towards solving cases so that true person
involved can be punished as their part in the crime (Hoog, 2011). Many different form of crime
take place and these areas are studied by different departments in forensic team. The present
research is focused conducting the research. People made use of tools that are helpful enough to
connect with other so that they are able to convey information. In this context, Email has become
a primary sources or means for connecting with others. Further, these are considered to be the
easy source of forged. Many crimes has been reported that are done with the help of emails. In
business world, firms have develop their own email addresses so that they are able to track down
that interactions that are taken place between employees (Bryman and Bell, 2015). Further, there
are other emails like Yahoo, gmail, etc. in which there are many crimes that take place and it
1
With time there are different type of changes that has taken place with regard to
technology. There are many firms that have come up so that people can be protected from any
type of crime. With advancement in technology, it has also given raise to crime with the help of
different type of electronic sources (Casey, 2011). In order to be better, firms make frequent
changes in their services and the type of technologies that are being used. Present research is
focused on forensic investigation in which analysis and gathering for the crime that are related
with physical evidence. This is done so that appropriate conclusion is determined through which
the suspect can be found. There are different areas in which the investigators will look, it
includes fingerprints, hard drives, residue, computer or any other type of electronic technologies
that are found at the crime scene. There are various type of tools that are used so that clues can
be found out and the suspect can be caught (Chung, Park and Kang, 2012). There are forensic
scientists who collect analyse and preserve the evidence that are found during the investigation
and are some of the scientists who travel to crime scenes and collect evidence themselves. Both
civil and criminal cases are testified and they have the privilege to work defence or prosecution.
When taking about ancient world, the rate of standardized forensic practices. Confessions took
place so as to make the crimes done by people and they were punished (Nelson, Phillips and
Steuart, 2014). However, with changes in time, there are many experts who aim at understanding
the case and focus on findings out clues that can help to catch the suspect.
In the year 1248, there was first account of making use of entomology and medicine were
used so as to criminal cases. Later on there are many different type of advancement in
technology that formed many organization that work towards solving cases so that true person
involved can be punished as their part in the crime (Hoog, 2011). Many different form of crime
take place and these areas are studied by different departments in forensic team. The present
research is focused conducting the research. People made use of tools that are helpful enough to
connect with other so that they are able to convey information. In this context, Email has become
a primary sources or means for connecting with others. Further, these are considered to be the
easy source of forged. Many crimes has been reported that are done with the help of emails. In
business world, firms have develop their own email addresses so that they are able to track down
that interactions that are taken place between employees (Bryman and Bell, 2015). Further, there
are other emails like Yahoo, gmail, etc. in which there are many crimes that take place and it
1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
requires to have forensic team that can identify the crime that has taken place. To carry out the
research in effective manner below given are the aim objectives:
Aim:
To investigate over recent method, procedures and tools used for Electronic emails by digital
forensics company in UK.
Objectives:
To identify the crime that take place through electronic emails.
To determine the procedures that are followed by digital forensic companies for
investigating on crimes caused through electronic emails.
To understand the methods and tools that are used for Electronic emails by digital
forensics company in UK.
To recommend way to reduce the rate of crime that take place through Electronic emails
at UK.
Background
Electronic emails can be determined as sources that are used by people to connect with
others. All the crime that are performed by this sources fall under computer related crime or
cyber-crime. As per cybercrimes, it can be defined as type of offences which are undertaken
against groups or individuals who have criminal motive due to which people get affected
negatively. People in this modern world, aim at gaining money by any means (Garfinkel, 2010).
For this process, it take different type of strategies so that people can be manipulated and tricked
to get money. Further, there are cases in which the link that are send by the criminals which
when clicked, then their private information gets leaked. The fraud for email is the intentional
deception that are made by a person to damage others or for personal gain. When the rate of
email users increased, then it became means of defraud people. Further, this can also be taken as
a form of scam or con game (Salehi and Alipour, 2010). Further, there are different forms of
strategies that are applied by people in which they get to earn money. In this context, below
given are the some of the forms of crime that are conducted through emails:
Spoofing: This is a type of process in which a person will pretend to be someone else,
then it is known to be spoofing. As per Oliveira and Martins, (2011) there are number of ways
through which spoofing take place. Among all these one of the common one is when actual
2
research in effective manner below given are the aim objectives:
Aim:
To investigate over recent method, procedures and tools used for Electronic emails by digital
forensics company in UK.
Objectives:
To identify the crime that take place through electronic emails.
To determine the procedures that are followed by digital forensic companies for
investigating on crimes caused through electronic emails.
To understand the methods and tools that are used for Electronic emails by digital
forensics company in UK.
To recommend way to reduce the rate of crime that take place through Electronic emails
at UK.
Background
Electronic emails can be determined as sources that are used by people to connect with
others. All the crime that are performed by this sources fall under computer related crime or
cyber-crime. As per cybercrimes, it can be defined as type of offences which are undertaken
against groups or individuals who have criminal motive due to which people get affected
negatively. People in this modern world, aim at gaining money by any means (Garfinkel, 2010).
For this process, it take different type of strategies so that people can be manipulated and tricked
to get money. Further, there are cases in which the link that are send by the criminals which
when clicked, then their private information gets leaked. The fraud for email is the intentional
deception that are made by a person to damage others or for personal gain. When the rate of
email users increased, then it became means of defraud people. Further, this can also be taken as
a form of scam or con game (Salehi and Alipour, 2010). Further, there are different forms of
strategies that are applied by people in which they get to earn money. In this context, below
given are the some of the forms of crime that are conducted through emails:
Spoofing: This is a type of process in which a person will pretend to be someone else,
then it is known to be spoofing. As per Oliveira and Martins, (2011) there are number of ways
through which spoofing take place. Among all these one of the common one is when actual
2
sender’s origin of the message and the name are masked or concealed from the recipient. One of
the type of spoofing is as follows:
Phishing for data: There are some of the spoof that purport to be from existing companies
or from the firms that are already known to the victim (Rose, Hair and Clark, 2011). The main is
send in form that asks for information from client in which it includes bank details that has to be
confirmed. This also includes development of new account or sharing of password.
Bogus offers: This is a type of email solicitation is an attempted fraud in which interest
among people are developed by giving the offer of services or goods (Turvey, 2011). The prices
of the product or services are reduced or there are additional gifts that are given which enables to
develop interest among people.
Request for help: In this type of email fraud, there are emotional mails are send in which
the reader develops sympathy. People tent to send these people money. For example, people will
ask money for operation in order to cure cancer, etc. When there are emotional touch included,
then it make clients to send some money so that they can overcome their problems.
Where criminal activities that take place, then helps is taken from digital forensic
companies so that they will be able to help to get back the money or to punish the person behind
all these activities (Men and Tsai, 2012).
The crime that take place through electronic emails.
According to Wirtz, Schilke and Ullrich, (2010), online fraud and criminal activities are
spreading like viral and interrupting the stability of societies across the globe. The online frauds
are classified among internet banking mobile banking, emails, cyber attack etc. the most
increasing criminal activities are via emails which need to secured as the fraud in leading to
mislead of confidential information (See-To and Ho, 2014). Further, it is turning important to
spread awareness among society about emails which will help them to never respond to requests
for personal details. Some email frauds/scams are extremely convincing which promotes the
internet criminal activities. Moreover, the hacking activities are increasing because it is quite
easy access over information when the individual have cheat codes to break the passwords
(Siponen, Pahnila and Mahmood, 2010). Besides, almost every person uses Microsoft software
which is open to abuse and this the reason that the criminals have developed hacking a program
called “The Backdoor” which enables them access over all Microsoft systems. According to
Scholar, organisational systems are difficult to hack because the management protect the
3
the type of spoofing is as follows:
Phishing for data: There are some of the spoof that purport to be from existing companies
or from the firms that are already known to the victim (Rose, Hair and Clark, 2011). The main is
send in form that asks for information from client in which it includes bank details that has to be
confirmed. This also includes development of new account or sharing of password.
Bogus offers: This is a type of email solicitation is an attempted fraud in which interest
among people are developed by giving the offer of services or goods (Turvey, 2011). The prices
of the product or services are reduced or there are additional gifts that are given which enables to
develop interest among people.
Request for help: In this type of email fraud, there are emotional mails are send in which
the reader develops sympathy. People tent to send these people money. For example, people will
ask money for operation in order to cure cancer, etc. When there are emotional touch included,
then it make clients to send some money so that they can overcome their problems.
Where criminal activities that take place, then helps is taken from digital forensic
companies so that they will be able to help to get back the money or to punish the person behind
all these activities (Men and Tsai, 2012).
The crime that take place through electronic emails.
According to Wirtz, Schilke and Ullrich, (2010), online fraud and criminal activities are
spreading like viral and interrupting the stability of societies across the globe. The online frauds
are classified among internet banking mobile banking, emails, cyber attack etc. the most
increasing criminal activities are via emails which need to secured as the fraud in leading to
mislead of confidential information (See-To and Ho, 2014). Further, it is turning important to
spread awareness among society about emails which will help them to never respond to requests
for personal details. Some email frauds/scams are extremely convincing which promotes the
internet criminal activities. Moreover, the hacking activities are increasing because it is quite
easy access over information when the individual have cheat codes to break the passwords
(Siponen, Pahnila and Mahmood, 2010). Besides, almost every person uses Microsoft software
which is open to abuse and this the reason that the criminals have developed hacking a program
called “The Backdoor” which enables them access over all Microsoft systems. According to
Scholar, organisational systems are difficult to hack because the management protect the
3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
information and data by establishing security measures. However, in contrary Margaryan,
Littlejohn and Vojt, (2011), as stated that crime that take place through electronic emails is the
situation of ethical dilemma because there are various motives of accessing over others
information. For instance, when some expertise and legal person access over confidential
information of other tan it defined under protection of individual wile when this is done by some
hack or illegal authority than it is considered under crime activities But the science of
confidential and personal information states that no one can access over the private email of
anyone (Trepte, Reinecke and Juechems, 2012). Apart from this there are various situations
under which it turns important for the person to go through emails of others like, unusual death,
suicide, major injury to someone because these days the justice system is advance and make use
of every advanced technology which can provide easy access personal information to track the
record and data of criminal activities which can be protected. In contrast, the crime through
email is increasing and the people are not even aware about this and therefore share their
personal details through email which leads to misleading and misinterpretation of personal
information (Gloe and Böhme, 2010). For instance, under this the information is accessed when
there is no clue of evidence to prove the crime than it becomes necessary for the individual to
check ones emails. The email criminal activities are increasing by sending information on the
name of some fake company and fake character in which the victim is asked share about his or
her information as according to their tactics the individual is some price winner which motivates
the society and there are people who share their confidential information like, name, personal
number, bank details by which the criminal succeed in its crime (Hargittai, 2010).
Procedures that are followed by digital forensic companies for investigating on crimes caused
through electronic emails.
Apart from this, there is specific procedure followed by digital forensic companies for
investigating on crimes caused through electronic emails. Chung, Park and Kang, (2012), has
argued that there are various challenges faced individual to success over others email ids which
are, determining whether law enforcement is needed in the process of investigation. Further, the
legal individual is liable to obtain written permission to conduct the forensic investigation for the
specific incident. Then the individual need to discuss the investigation process with the legal
advisors to analyse and evaluate the potential issues (Nelson, Phillips and Steuart, 2014). Lastly
4
Littlejohn and Vojt, (2011), as stated that crime that take place through electronic emails is the
situation of ethical dilemma because there are various motives of accessing over others
information. For instance, when some expertise and legal person access over confidential
information of other tan it defined under protection of individual wile when this is done by some
hack or illegal authority than it is considered under crime activities But the science of
confidential and personal information states that no one can access over the private email of
anyone (Trepte, Reinecke and Juechems, 2012). Apart from this there are various situations
under which it turns important for the person to go through emails of others like, unusual death,
suicide, major injury to someone because these days the justice system is advance and make use
of every advanced technology which can provide easy access personal information to track the
record and data of criminal activities which can be protected. In contrast, the crime through
email is increasing and the people are not even aware about this and therefore share their
personal details through email which leads to misleading and misinterpretation of personal
information (Gloe and Böhme, 2010). For instance, under this the information is accessed when
there is no clue of evidence to prove the crime than it becomes necessary for the individual to
check ones emails. The email criminal activities are increasing by sending information on the
name of some fake company and fake character in which the victim is asked share about his or
her information as according to their tactics the individual is some price winner which motivates
the society and there are people who share their confidential information like, name, personal
number, bank details by which the criminal succeed in its crime (Hargittai, 2010).
Procedures that are followed by digital forensic companies for investigating on crimes caused
through electronic emails.
Apart from this, there is specific procedure followed by digital forensic companies for
investigating on crimes caused through electronic emails. Chung, Park and Kang, (2012), has
argued that there are various challenges faced individual to success over others email ids which
are, determining whether law enforcement is needed in the process of investigation. Further, the
legal individual is liable to obtain written permission to conduct the forensic investigation for the
specific incident. Then the individual need to discuss the investigation process with the legal
advisors to analyse and evaluate the potential issues (Nelson, Phillips and Steuart, 2014). Lastly
4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
the person is bound to ensuring that the information of clients is safe and confidential and limited
to the process. Computer Forensics is a developing field and but there is standardization and
relevancy in the justice system and electronic industry”. In addition to this every forensic model
is based on specific area of investigation like, law enforcement or analysing electronic evidence.
In contrast, according to Bryman and Bell, (2015), there is no single digital forensic investigation
model which has been universally accepted by any legal authorities but have been accepted and
implemented under digital forensic model framework which provides flexibility in collecting
evidence and analysing incident.
In accordance to the model, it as been determined that The “Preserve and Document
Evidence” arrow indicates the perseverance and documentation of all collected evidences from
investigation. The evidence will only be opened by the judge to make progress and process of
criminal activities (Casey, 2011Chung, Park and Kang, 2012). The process of investigation
involves, Gathering of easily available information by analysing the information and site of
incident, evaluating the influence of the investigation on the business or victim which can be,
loss of revenue, and loss of confidential information. Further, the model aims at collection of
information of the networks and devices which were involved in the case like, router, switches,
hub, computers, servers, network diagram and firewall (Nelson, Phillips and Steuart, 2014).
Moreover, the system aims at identifying the external storage devices such as pen drive, flash
drive, external hard disk, memory cards which can be a strong evidence to prove the and identify
the root cause of incident. The system will further evaluate the forensic tools which can assist the
investigation process. The forensic team also captures live network traffic in case there is a
suspicious activity found during investigation (Bryman and Bell, 2015). Lastly, the system make
appropriate record and Documentation of all the activities and information gathered during the
investigation which can assist the court to verify the actions. In accordance, Salehi and Alipour,
(2010) digital forensics company in UK it is important for the organisation to work under
defined procedure of investigation in order to gather appropriate information and evidence to
prove crime. Moreover, it is done to ensure safe practices over accessing someone personal and
confidential information.
Methods and tools that are used for Electronic emails by digital forensics company in UK.
Oliveira and Martins, (2011), has stated that implementing the use of methods and tools
of which are been used for Electronic emails by digital forensics company in UK, make the
5
to the process. Computer Forensics is a developing field and but there is standardization and
relevancy in the justice system and electronic industry”. In addition to this every forensic model
is based on specific area of investigation like, law enforcement or analysing electronic evidence.
In contrast, according to Bryman and Bell, (2015), there is no single digital forensic investigation
model which has been universally accepted by any legal authorities but have been accepted and
implemented under digital forensic model framework which provides flexibility in collecting
evidence and analysing incident.
In accordance to the model, it as been determined that The “Preserve and Document
Evidence” arrow indicates the perseverance and documentation of all collected evidences from
investigation. The evidence will only be opened by the judge to make progress and process of
criminal activities (Casey, 2011Chung, Park and Kang, 2012). The process of investigation
involves, Gathering of easily available information by analysing the information and site of
incident, evaluating the influence of the investigation on the business or victim which can be,
loss of revenue, and loss of confidential information. Further, the model aims at collection of
information of the networks and devices which were involved in the case like, router, switches,
hub, computers, servers, network diagram and firewall (Nelson, Phillips and Steuart, 2014).
Moreover, the system aims at identifying the external storage devices such as pen drive, flash
drive, external hard disk, memory cards which can be a strong evidence to prove the and identify
the root cause of incident. The system will further evaluate the forensic tools which can assist the
investigation process. The forensic team also captures live network traffic in case there is a
suspicious activity found during investigation (Bryman and Bell, 2015). Lastly, the system make
appropriate record and Documentation of all the activities and information gathered during the
investigation which can assist the court to verify the actions. In accordance, Salehi and Alipour,
(2010) digital forensics company in UK it is important for the organisation to work under
defined procedure of investigation in order to gather appropriate information and evidence to
prove crime. Moreover, it is done to ensure safe practices over accessing someone personal and
confidential information.
Methods and tools that are used for Electronic emails by digital forensics company in UK.
Oliveira and Martins, (2011), has stated that implementing the use of methods and tools
of which are been used for Electronic emails by digital forensics company in UK, make the
5
investigation process easier and helps the company in collecting appropriate evidence during the
process. There are various techniques which can assist the system like Email header analysis in
which the investigation is done in order to extract data of the email sender and also analyzing the
path or the place from where the email has been sent (Rose, Hair and Clark, 2011). Basically, the
metadata of emails is saved in the headers but sometimes the headers can be tampered in which
the motive of sender is to hide its identity. Besides, there is Bait Tactic in which the investigator
tracks the IP address of sender. In this, the mail is composed of http: “$lt;img src>” tag which is
sent to the mail address from which the mail has been received by the victim of the case. In this
when the criminal opens the mail the investigator is able to track the IP address which makes
further process of investigation easier (Men and Tsai, 2012). However, in contrary, as per the
views of Wirtz, Schilke and Ullrich, (2010), Extraction from Server is the best technique to
identify and evaluate the information of sender. Under this technique, Server inquiry becomes
accessible when the emails domicile on the sender and receiver ends have been tracked
permanently. In this the investigator analyses the record of server as it maintain a log of the sent
and received emails. Moreover, the logs provides the information of the source from which the
emails have been sent (See-To and Ho, 2014). Apart from this, Mail Examiner is an advanced
investigation tool which aims at supporting more than 20 email formats and around 750
MIME formats. The tool comprises advanced features like, In advance search for
keywords, connected analysis of emails, Peel tone analysis, and Live Exchange Mailbox
investigation. In contrary, Siponen, Pahnila and Mahmood, (2010) stated that the
Investigation of Network Source technique is used by investigator in case when server
logs fail to generate the appropriate information. Further, in this the Internet Service
Providers do not provide access to the server. The logs generated by network like, hubs,
routers, firewalls, etc. Provides adequate information about the domicile of the email.
Hence, there are various methods and tools which can be beneficial in investigating and
reporting the information regarding incident (Margaryan, Littlejohn and Vojt, 2011). The
purpose of a computer forensic examination is to recover data from computers seized as
evidence in criminal investigations. Experts use a systematic approach to examine
evidence that could be presented in court during proceedings. The involvement of
forensic experts needs to investigate incident on early stage as it is beneficial in properly
6
process. There are various techniques which can assist the system like Email header analysis in
which the investigation is done in order to extract data of the email sender and also analyzing the
path or the place from where the email has been sent (Rose, Hair and Clark, 2011). Basically, the
metadata of emails is saved in the headers but sometimes the headers can be tampered in which
the motive of sender is to hide its identity. Besides, there is Bait Tactic in which the investigator
tracks the IP address of sender. In this, the mail is composed of http: “$lt;img src>” tag which is
sent to the mail address from which the mail has been received by the victim of the case. In this
when the criminal opens the mail the investigator is able to track the IP address which makes
further process of investigation easier (Men and Tsai, 2012). However, in contrary, as per the
views of Wirtz, Schilke and Ullrich, (2010), Extraction from Server is the best technique to
identify and evaluate the information of sender. Under this technique, Server inquiry becomes
accessible when the emails domicile on the sender and receiver ends have been tracked
permanently. In this the investigator analyses the record of server as it maintain a log of the sent
and received emails. Moreover, the logs provides the information of the source from which the
emails have been sent (See-To and Ho, 2014). Apart from this, Mail Examiner is an advanced
investigation tool which aims at supporting more than 20 email formats and around 750
MIME formats. The tool comprises advanced features like, In advance search for
keywords, connected analysis of emails, Peel tone analysis, and Live Exchange Mailbox
investigation. In contrary, Siponen, Pahnila and Mahmood, (2010) stated that the
Investigation of Network Source technique is used by investigator in case when server
logs fail to generate the appropriate information. Further, in this the Internet Service
Providers do not provide access to the server. The logs generated by network like, hubs,
routers, firewalls, etc. Provides adequate information about the domicile of the email.
Hence, there are various methods and tools which can be beneficial in investigating and
reporting the information regarding incident (Margaryan, Littlejohn and Vojt, 2011). The
purpose of a computer forensic examination is to recover data from computers seized as
evidence in criminal investigations. Experts use a systematic approach to examine
evidence that could be presented in court during proceedings. The involvement of
forensic experts needs to investigate incident on early stage as it is beneficial in properly
6
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
collecting technical information, data and material to report the incident. Forensic
investigation system of UK, comprises efforts like, Collection through search and grasping of
digital evidence, and acquiring data, Examination of situation by applying techniques to
recognize and collect data, analyzing the data and resources evident the incident and reporting
the collected information (Trepte, Reinecke and Juechems, 2012). Henceforth, the forensics
process used by Forensic Company of UK comprises report writing in which Computer forensic
examiners prepares reports for the attorney to evaluate facts and evidence. Thus, evidence for
testimony plays a vital role in supporting the witness and evidence in the court.
Methodology
This is an important part of the research as it helps to conduct the research in effective
manner. There are different type of tools, methods or techniques that are included and these are
used so that with proper structure that data is collected and research is carried out. Below given
are the methodologies that are followed by the researcher:
Research philosophy: This can be determined to be the values, belief and assumptions
that are carried out the researcher for the topic (Mackey and Gass, 2015). There are mainly two
different type of research philosophies which are positivism and interpretivism. In accordance
with interpretivism, it can be stated that it reflects single fact that is followed by the numerous
facts. On the other hand, positivism is depend upon certain facts and figures that are related with
particular aspects (Taylor, Bogdan and DeVault, 2015). In accordance with the type of research
topic that is selected, the type of philosophy that is selected.
The research has made use of positivism as it enables to focus on the real facts and
figures that are important for the research. This way, it becomes helpful to develop in depth
understanding for the research topic in effective manner.
Research strategy: It is important for the research to determine appropriate way so that
the research can be carried out in effective manner (Flick, 2015). There are two different ways
that are helpful to conduct the research. In this context, it includes quantitative and qualitative
strategies. With this respect, qualitative is a type of research strategy that focus on theoretical
aspects and this is highly effective to develop in depth understanding for the research topic.
There are many research that are already conducted by other researchers on similar topic. The
data gathered from their part is effective to develop knowledge about the topic (Smith, 2015). On
7
investigation system of UK, comprises efforts like, Collection through search and grasping of
digital evidence, and acquiring data, Examination of situation by applying techniques to
recognize and collect data, analyzing the data and resources evident the incident and reporting
the collected information (Trepte, Reinecke and Juechems, 2012). Henceforth, the forensics
process used by Forensic Company of UK comprises report writing in which Computer forensic
examiners prepares reports for the attorney to evaluate facts and evidence. Thus, evidence for
testimony plays a vital role in supporting the witness and evidence in the court.
Methodology
This is an important part of the research as it helps to conduct the research in effective
manner. There are different type of tools, methods or techniques that are included and these are
used so that with proper structure that data is collected and research is carried out. Below given
are the methodologies that are followed by the researcher:
Research philosophy: This can be determined to be the values, belief and assumptions
that are carried out the researcher for the topic (Mackey and Gass, 2015). There are mainly two
different type of research philosophies which are positivism and interpretivism. In accordance
with interpretivism, it can be stated that it reflects single fact that is followed by the numerous
facts. On the other hand, positivism is depend upon certain facts and figures that are related with
particular aspects (Taylor, Bogdan and DeVault, 2015). In accordance with the type of research
topic that is selected, the type of philosophy that is selected.
The research has made use of positivism as it enables to focus on the real facts and
figures that are important for the research. This way, it becomes helpful to develop in depth
understanding for the research topic in effective manner.
Research strategy: It is important for the research to determine appropriate way so that
the research can be carried out in effective manner (Flick, 2015). There are two different ways
that are helpful to conduct the research. In this context, it includes quantitative and qualitative
strategies. With this respect, qualitative is a type of research strategy that focus on theoretical
aspects and this is highly effective to develop in depth understanding for the research topic.
There are many research that are already conducted by other researchers on similar topic. The
data gathered from their part is effective to develop knowledge about the topic (Smith, 2015). On
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
the other hand, quantitative research is a type of strategy in which statistical methods are applied
like standard deviation, regression, etc. This is helpful enough to present the relationship
between variables. Among these two research strategies, qualitative research is selected as it will
be help to focus on the develop in depth understanding for the methods, procedure and tools that
are applied to make proper investigation for emails by digital forensic companies. Further, it is
also important that proper outcome can be determined from the research conducted and with the
help of quantitative research, the investigator are able to provide appropriate outcome from the
research.
Research approach: This is an important aspect in research as it focus on the type of
pattern that are applied by the business to gather information (Cammarota and Fine, 2010). The
data that are provided can be presented two different ways. First one is from general to specific
and other one is specific to general. Both have their own set of importance and this is selected
based on the type of research that has to be conducted. There are two different type of research
approaches which are inductive and deductive approaches. Inductive approach is a type in which
the topic is generally explained and then specific topic are explained. In other there are
consideration made for the theoretical aspects that are helpful enough to raise understand for the
topic (Miller, Birch and Jessop, 2012). On the other hand, deductive approach focus on gathering
data that are specific and then generalized content is presented. In other words, more emphasis is
put on new theories and this is done by making proper evaluation of the aspects and facts.
Among these two the researcher has made use of inductive approach in which the
information is provided generally and then specific information is presented. This is approach is
selected as it enables to provided proper understanding of topic and then then particular to the
research can be focused.
Research design: This is determined to be the blue print in which step by step process is
presented. Further, it is the process in which the findings are presented of the information
gathered (Mackey and Gass, 2015). These are of three types which are exploratory, explanatory
and descriptive. Among these, descriptive is a type of research design that focus on describing
the characteristics of the population that are selected. Further, explanatory focus on the type of
issues that are faced and appropriate outcomes that are determined. This is mainly focused on the
aim and objectives that are set by the researcher. Lastly, exploratory is used to find out problems
or the issues that are not been discussed till know (Taylor, Bogdan and DeVault, 2015). Among
8
like standard deviation, regression, etc. This is helpful enough to present the relationship
between variables. Among these two research strategies, qualitative research is selected as it will
be help to focus on the develop in depth understanding for the methods, procedure and tools that
are applied to make proper investigation for emails by digital forensic companies. Further, it is
also important that proper outcome can be determined from the research conducted and with the
help of quantitative research, the investigator are able to provide appropriate outcome from the
research.
Research approach: This is an important aspect in research as it focus on the type of
pattern that are applied by the business to gather information (Cammarota and Fine, 2010). The
data that are provided can be presented two different ways. First one is from general to specific
and other one is specific to general. Both have their own set of importance and this is selected
based on the type of research that has to be conducted. There are two different type of research
approaches which are inductive and deductive approaches. Inductive approach is a type in which
the topic is generally explained and then specific topic are explained. In other there are
consideration made for the theoretical aspects that are helpful enough to raise understand for the
topic (Miller, Birch and Jessop, 2012). On the other hand, deductive approach focus on gathering
data that are specific and then generalized content is presented. In other words, more emphasis is
put on new theories and this is done by making proper evaluation of the aspects and facts.
Among these two the researcher has made use of inductive approach in which the
information is provided generally and then specific information is presented. This is approach is
selected as it enables to provided proper understanding of topic and then then particular to the
research can be focused.
Research design: This is determined to be the blue print in which step by step process is
presented. Further, it is the process in which the findings are presented of the information
gathered (Mackey and Gass, 2015). These are of three types which are exploratory, explanatory
and descriptive. Among these, descriptive is a type of research design that focus on describing
the characteristics of the population that are selected. Further, explanatory focus on the type of
issues that are faced and appropriate outcomes that are determined. This is mainly focused on the
aim and objectives that are set by the researcher. Lastly, exploratory is used to find out problems
or the issues that are not been discussed till know (Taylor, Bogdan and DeVault, 2015). Among
8
all these, the researcher has made use of descriptive design is applied as it enables to focus on the
aim and objectives that are set. Main reason for selecting this design is that, it enables to present
the main issues that are faced by the forensic companies to find out the people who perform
criminal activities through electronic email. Characteristics of the population is analysed as it
enables to focus on developing in depth understanding.
Data Collection: This is the ways through which information is gathered in accordance
with the research topic. There are different type of methods that can be applied so that the
adequate data can be gathered (Flick, 2015). In this context, it includes primary and secondary
method. Both are highly effective in order to provide relevant information. Primary method is the
data that are collected for the first time. There are different type of tools that are available which
are interview questionnaire, observation and focus groups. On the other hand, secondary
methods are those data that are already gathered by some other researchers. Tools that are helpful
to collect these type of information includes books, journals, online sources, etc. Among these
two, the researcher has made use of both these methods that is primary and secondary. More
specifically, to gather primary information the investigator has made use of interview (Smith,
2015). On the other hand, to gather secondary information, books, journals, online sources, etc.
are used. There are open ended questions that are asked by the researcher in which all the
objectives are covered. Through this methods, the data that is required to carry out the research is
collected through primary and secondary methods.
Sampling: It is not possible for the researcher to focus on the population that can provide
adequate data as per the research topic. In this context, it is important that particular population is
selected who can support for carrying out the research (Cammarota and Fine, 2010). There are
two different method of sampling which are probabilistic and non probabilistic sampling
methods. Probabilistic is a type of sampling method in which the research randomly select from
the population all the sample in from the population have equal chance of being selected. On the
other hand, non probabilistic is a type of method in which the researcher ha proper understanding
of the samples that has to be selected. The investigator will chose from the population as per
his/her preferences. Among these two, the researcher has made use of probabilistic sampling
method. This is selected as the research focus on the overall organization that provide services
related with forensics (Miller, Birch and Jessop, 2012). In this context, probabilistic sampling is
selected from the large population. Further, it can be stated that the researcher has conducted
9
aim and objectives that are set. Main reason for selecting this design is that, it enables to present
the main issues that are faced by the forensic companies to find out the people who perform
criminal activities through electronic email. Characteristics of the population is analysed as it
enables to focus on developing in depth understanding.
Data Collection: This is the ways through which information is gathered in accordance
with the research topic. There are different type of methods that can be applied so that the
adequate data can be gathered (Flick, 2015). In this context, it includes primary and secondary
method. Both are highly effective in order to provide relevant information. Primary method is the
data that are collected for the first time. There are different type of tools that are available which
are interview questionnaire, observation and focus groups. On the other hand, secondary
methods are those data that are already gathered by some other researchers. Tools that are helpful
to collect these type of information includes books, journals, online sources, etc. Among these
two, the researcher has made use of both these methods that is primary and secondary. More
specifically, to gather primary information the investigator has made use of interview (Smith,
2015). On the other hand, to gather secondary information, books, journals, online sources, etc.
are used. There are open ended questions that are asked by the researcher in which all the
objectives are covered. Through this methods, the data that is required to carry out the research is
collected through primary and secondary methods.
Sampling: It is not possible for the researcher to focus on the population that can provide
adequate data as per the research topic. In this context, it is important that particular population is
selected who can support for carrying out the research (Cammarota and Fine, 2010). There are
two different method of sampling which are probabilistic and non probabilistic sampling
methods. Probabilistic is a type of sampling method in which the research randomly select from
the population all the sample in from the population have equal chance of being selected. On the
other hand, non probabilistic is a type of method in which the researcher ha proper understanding
of the samples that has to be selected. The investigator will chose from the population as per
his/her preferences. Among these two, the researcher has made use of probabilistic sampling
method. This is selected as the research focus on the overall organization that provide services
related with forensics (Miller, Birch and Jessop, 2012). In this context, probabilistic sampling is
selected from the large population. Further, it can be stated that the researcher has conducted
9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 26
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.