The Latest in Computer Investigations


By now, most private investigators have a working knowledge of computers and email as they relate to crime.  Just as we began to get a handle on these menaces, we now have to deal with the thought email shredding.  “Virtual shredding,” as it is known, is changing the rules and will effect the way investigators handle computer-related cases.  Senders can destroy messages either remotely or automatically, without a recipient’s consent or cooperation.  This ability gives senders unprecedented control over what they distribute.  Fortunately, this is new technology that few are using.  However, an investigator can easily see the implication of this technology.  New record keeping methods will have to be sought, as well as how to preserve privacy without going to the extreme.  In addition to the shredding technology, the software will also be able to scramble messages and limit access unless you have the software and key required to decrypt the message.


Once your mind gets a grasp on shredding emails on both ends (sender and recipient), how about copies that exist elsewhere on email servers, in transit, copies sent to others, and backup tapes?  Then, there are those employees who may have checked their business email and forwarded the message to another personal account.  The need for systematic procedures to purge old messages thereby becomes an obvious.  Various software companies provide the ability to keep embarrassing or incriminating messages from surfacing later through email that “self-destructs” within a given time frame.  Some of these software packages also have the ability to “copyright” emails by restricting what a recipient does with the messages by preventing them from forwarding, copying, or printing.


Some of the companies worth researching for this include Authentica, Atabok, SafeMessage Americans and Omniva Policy Sytems.  A good investigator engaged in computer investigations should research the upcoming technology to work within the new framework.  Like most things, the industry will probably come up with other software to handle this dilemma, but for the time being, we may have to create mirror servers so that the information is kept on numerous servers and various accounts.  Ultimately, I feel certain that software will be developed to allow the restricted access of an email to be disarmed.  In the meantime, realize that just because a client can’t produce a copy of an email doesn’t mean that it didn’t really exist!


On a little different topic, many investigators are becoming involved in tracking email messages.  A great product for this can be found at  The software available through this site allows for the unique ability to identify the geographical location of routers, servers, and other IP devices. This is highly valuable information for security purposes as it aids in identifying the source of network intrusions and Internet abusers. The software also allows an e-mail address to be tracked to the server, providing a useful tool to troubleshoot email problems and to identify/report spammers.


Investigators also need to be aware of the major types of Internet threats and where they originate. ClearCommerce Corporation, a provider of payment processing and fraud protection software for e-commerce, studied 1,100 of its best online merchants to get a better understanding of online fraud. In doing so, they analyzed 6 million transactions from 40,000 customers who were collectively doing business with the company's merchants. The countries from where the most online fraud originate are:


1) Ukraine                                         6) Romania

2) Indonesia                                     7) Bulgaria

3) Yugoslavia                                   8) Turkey

4) Lithuania                                      9) Russia

5) Egypt                                             10) Pakistan


 The countries from where the least online fraud originate are:


1) Austria                                           8) South Africa

2) New Zealand                               9) Hong Kong

3) Taiwan                                          10) United Kingdom

4) Norway                                          11) France

5) Spain                                             12) Australia

6) Japan                                            13) United States

7) Switzerland


In the United States, the most Internet fraud per state were found to be:


1) California - 21%                          6) Illinois - 3.9%

2) Florida - 10.1%                            7) New Jersey - 3.7%

3) New York - 8.3%                         8) Michigan - 2.8%

4) Texas - 6.0%                                9) North Car. - 2.6%

5) Penn. - 4.5%                                10) Virginia - 2.5%


 The types of fraud and the average amount of loss is reported to be:


Online Auctions                               63%                $478

General Merchandise Sales         11%                $845

Nigerian Money Offers                    9%               $6,542

Internet Access Services                3%               $568

Information Adult Services              3%               $234 

Computer Equipment/Soft.              2%               $1,102

 Work-At-Home                                2%               $120


Advance Fee Loans                       1%               No Data

Credit Card Issuing                       .6%               No Data


A software product called GeoLocator gives, in real time, the country of origin of a consumer's IP address. With this information, the merchant can filter orders for review if they come from a country known for fraudulent online purchases. Additionally, this allows you to know if the order is being shipped to a different address than where their IP address shows they are located. Infosplit's Netlocator is software designed to track down a person on the Internet.  The company touts their accuracy of the person you are trying to find will be, according to the company, 99.5% for the country, 96.5% for the state or region, and 85% for the exact city.