|
As private investigators become accustomed to a more
technological society,
we need to be aware of the challenges of Internet based investigations.
The
investigator must have the proper tools to do an online investigation
and
the ability to gather evidence and at the same time not jeopardize
the
integrity of his/her cases.
E-mail communications are widely used for networking with
other
professionals. The thing that we must keep in mind is that there
are risks
to sending sensitive information in standard e-mail messages.
A message can
be easily addressed improperly and end up in the wrong hands
as well as
intercepted before it gets to the intended recipient. Send only
information
that is required. I once did a case where there was some question
about my
experience so I sent a copy of my resume attached to e-mail.
I was rather
shocked as I sat on the witness stand as my resume was entered
into defense
evidence as "exhibit A" becoming a part of public record
forever.
Using encryption software such as:
PGP http://www.pgp.com
Norton Secret
Stuff http://www.symantec.com/region/uk/product/nss/fs_nss.html
and other savailable is a good idea but your e-mail and any
attachments containing
sensitive information are still only as secure as the person
you send them
to. The use of encryption alone only prevents someone from reading
your
mail and whatever attachments included in it if it happens to
get
intercepted.
As you would not go showing your case files to your friends
and neighbors,
you would not want to post personal information about your client
or your
subject such as Social Security Numbers, birth dates, license
plate numbers
and other identifying information in e-mail, public or private
forums, on
public or private mailing lists or on Web sites. Every subscriber
on a
mailing list receives a copy of everything that is sent and it
remains on
his/her hard drive until they decide to delete it. Many mailing
list host
sites such as:
e-Groups/Onelist http://www.onelist.com
archive the messages sent to mailing lists.
These can be viewed by current members as well as
future list members.
DejaNews http://www.deja.com
has newsgroup archivesclear back to 1996 and is now archiving
their discussion areas as well.These archives and discussion
areas are searchable by e-mail address of the
author, date and keyword. You may want to use one of the following
products
when sending e-mail to colleagues.
Disappearing, Inc. has a service that allows you to send e-mail
that will
literally self- destruct after a specified period of time. It
is eliminated from
the sender's PC, the recipient's PC, mail servers and even the
backup tapes that
are sitting on shelves. It works with the common e-mail clients
such as Eudora and
Microsoft Outlook.
For details on this product go to http://www.disappearing.com/
QvTech, Inc. offers e-mail service with features including
an expiration
date when the message will become unreadable, a read only feature
that disables the
recipient's ability to cut, copy, paste and print. For details
on this product go
to
http://www.qvtech.com/
1on1 Lite is so sure of the security of their e-mail product
that they are
offering $50,000 to anyone who can crack it. Features include
header
encryption,
http://www.1on1mail.com/
Be aware of US import/export laws regarding
this encryption software.
If you are sending e-mail to multiple recipients using the
"carbon copy"
feature of your e-mail client, remember that all the people that
you send a
message to have each other's addresses unless you suppress the
list of
e-mail addresses to your recipients. An easy way to do this is
to put your
address in the "To" section and but the rest of the
addresses in the "BCC"
or 'blind carbon copy" section.
I can't emphasize enough how important it is to keep backups
of all e-mail.
This includes both e-mail that you send and e-mail that you receive.
You
never know when you are going to be called upon to produce that
message
again. I'm always getting calls from either an investigator or
a law
enforcement officer that tells me that they need a message that
I've sent.
Some even say that they didn't't get the message. It makes things
go much
smoother when you can locate that message and resend it. I would
suggest
backing up the files that contain e-mail and storing them somewhere
other
than your hard drive. The ideal situation would be to back up
the e-mail and
store the disk at another location other than your home or office.
Here is
some information on what to backup:
Microsoft Outlook
There is one large file that contains all of the mail, calendar,
contacts, etc. The name of this file depends on your setup. To
find it, click on "Start", then
"Find", and select "Files and Folders". In
the top box where it says "Named" type in
"*.pst" and then click on "Find Now." Remember
not to use the quotes. If you are using
Microsoft
Exchange Server, your file will end in .ost instead of .pst.
For more details go to:
http://chkpt.zdnet.com/chkpt/xlinkhelp/http://www.zdnet.com/zdhelp/stories/m
ain/0,5594,903410,00.html
Eudora
Everything with the .mbx extension and the corresponding files
with
.toc extensions contain your e-mail. For more information visit
the Eudora Web Site at
http://www.eudora.com/techsupport/kb/1602hq.html
AOL
Your AOL e-mail is only saved for a certain length of time. You
can
save it for longer periods by saving it to the "Personal
Filing Cabinet (PFC)"
On the "My AOL" menu on the AOL toolbar, click "Preferences."
In the "Preferences" window, click "Mail".
Select one or both of the following:
To save outgoing mail, select the "Retain all mail I
send in my
Personal Filing Cabinet" check box.
To save incoming mail, select the "Retain all mail I
receive in my
Personal Filing Cabinet" check box. Click "OK."
Although most of the virus warnings that you may see in mailing
lists or
get from friends are hoaxes, there are some real ones. A virus
can pose a
threat to your entire system and depending on what virus you
are infected
with, it can wipe our your entire hard drive if you don't take
precautions
against them. Here are some simple rules that will help you avoid
getting a
virus:
NEVER configure your email program to execute attachments
automatically.
Configure your Web browser to launch Wordpad or Wordviewer when
it
encounters Microsoft Word templates. This will help you avoid
executing a macro virus.
Use a quality anti-virus program that scans files whenever they
are
accessed by your program or operating system. Keep the anti-virus
software updated. Even if you know the person real well that's
sending you an attachment, scan it with your anti-virus software.
Here are some resources for virus protection:
· McAfee Anti Virus http://www.mcafee.com/
· Norton Antivirus http://www.symantec.com/
· Admiral Virus Scanner http://www.yellowforest.com/
I hope that this article has been helpful and has helped you
see that with
just a few precautions, e-mail can be one of the most effective
communication tools available to the private investigator.
|
