Friday, January 30, 2009

High Tech Crime Detection

by Jean Henry Mead

White collar crime is on the rise and made easier through the internet. Few people are now taken in by Nigerian email promising millions of dollars if only you will help them transfer money to the U.S.

But phishing is a relatively new crime that involves criminals who send email requesting the recipient’s passwords and account numbers for various bank accounts and other financial institutions. It may be a fraudulent credit card offer or various merchandise with a legitimate appearing logo implanted in the email. However, the links they provide go directly to the crooks' computers. If the unsuspecting victim provides a credit card number or checking account number, within hours large purchases will no doubt be charged to the account. And the victim will spend years trying to clear his corrupted credit.

Highly trained investigators are taught the laws of search and seizure and are well acquainted with computer fraud. They know how data is stored and how to recover deleted files, examine hard drives, break passwords, detect computer viruses and how to discover devises that can destroy a computer's inner workings, according to Lee Lofland in his book Police Procedure and Investigation.

Cyber criminals have devised ways to prevent investigators from discovering their illegal activities by drilling holes in their hard drives or smashing them with sledge hammers. They’ve also submerged the hard drives in acid, the only effective way to destroy the data. Forensic computers are normally used to scan computers seized in raids on illegal operations and the hardware write blocker or HWD is a necessary tool in high-tech crime detection. The forensic computer operates by extracting information from the criminal’s computer and storing it for future investigation and evidence collection.

Lofland says the ”HWD functions much like the foot valve in a water line that’s connected to a pump and well system. The valve opens when the pump (HWD) pulls water (information) toward a house (forensic computer) but closes tightly when the pumping stops so the leftover water in the lines can’t return to the well (suspect’s computer). The one-way action of the HWD is designed to prevent cross-contamination of evidence."

It also prevents any evidence of the HWD probe in the suspect’s computer, which an attorney could use as defense. Lofland added: “It could be compared to planting evidence, such as a bloody knife or glove at a homicide scene.”

4 comments:

Anonymous said...

If anyone has questions regarding high tech crime investigations, please feel free to contact me and I'll connect you with one of the leading experts in the field, Sgt. Josh Moulin.

Josh is the commander of the Southern Oregon High-Tech Crimes Task Force, and he's a regular contributor to my blog. And, Josh is very writer friendly.

Chester Campbell said...

I can't believe people still fall for the "help me get my money to the U.S." scheme, but I get at least one a day. The phishers are even more active, and once in awhile they'll hit on a bank you actually do business with. When you check the messager source, it usually comes from Rumania or some other East European country. For one I received yesterday, the sender was "nobody@vps.clixwear.com."

Jean Henry Mead said...

Thank you, Lee. Your book is an excellent research source for crime and mystery writers as well as the general public.

Helen Ginger said...

Less nefarious are the schemers who do things like send authors an email asking for signed books for their sick child, then sell the books on ebay. I've been hearing a lot about that one. Or I recently got a suspicious email from someone whose name I didn't recognize saying they had had problems with their email and were requesting I email them back in case we had trading links. I didn't respond.

Helen Ginger
http://straightfromhel.blogspot.com