Saturday, August 1, 2009

High Tech Crime Detection

by Jean Henry Mead

White collar crime is on the rise and made easier through the internet. Few people are now taken in by Nigerian email promising millions of dollars if only you will help them transfer money to the U.S.

But phishing is a relatively new crime that involves criminals who send email requesting the recipient’s passwords and account numbers for various bank accounts and other financial institutions. It may be a fraudulent credit card offer or various merchandise with a legitimate appearing logo implanted in the email. However, the links they provide go directly to the crooks' computers. If the unsuspecting victim provides a credit card number or checking account number, within hours large purchases will no doubt be charged to the account. And the victim will spend years trying to clear his corrupted credit.

Highly trained investigators are taught the laws of search and seizure and are well acquainted with computer fraud. They know how data is stored and how to recover deleted files, examine hard drives, break passwords, detect computer viruses and how to discover devises that can destroy a computer's inner workings, according to Lee Lofland in his book Police Procedure and Investigation.

Cyber criminals have devised ways to prevent investigators from discovering their illegal activities by drilling holes in their hard drives or smashing them with sledge hammers. They’ve also submerged the hard drives in acid, the only effective way to destroy the data. Forensic computers are normally used to scan computers seized in raids on illegal operations and the hardware write blocker or HWD is a necessary tool in high-tech crime detection. The forensic computer operates by extracting information from the criminal’s computer and storing it for future investigation and evidence collection.

Lofland says the ”HWD functions much like the foot valve in a water line that’s connected to a pump and well system. The valve opens when the pump (HWD) pulls water (information) toward a house (forensic computer) but closes tightly when the pumping stops so the leftover water in the lines can’t return to the well (suspect’s computer). The one-way action of the HWD is designed to prevent cross-contamination of evidence."

It also prevents any evidence of the HWD probe in the suspect’s computer, which an attorney could use as defense. Lofland added: “It could be compared to planting evidence, such as a bloody knife or glove at a homicide scene.”


F. M. Meredith, author said...

I get so many of those people wanting to send me money or telling me my account needs tending etc. I worry about the more gullible people on line who make think all this stuff is for real.


Lee Lofland said...

Thanks for mentioning my book. You can also find out more about high-tech crimes on my blog, The Graveyard Shift. Sergeant Josh Moulin, the commander of the Oregon High-Tech Crimes Task Force, is a regular contributor to the site and he's very writer-friendly. He'd be more than happy to answer your questions.

Here's the link to one of Josh's posts. It's called Handling Digital Evidence.

Ben Small said...

Jean, I learned something new today, thanks to you. Great article!

Morgan Mandel said...

It's a different world we live in now, that's for sure. People have to worry about crooks breaking into computers now besides breaking into homes. Then the other day, Marilyn Meredith was posting about bears climbing into houses through windows.

I guess nobody is safe. (g)

Morgan Mandel