All investigators, when tackling rogue traders, fraudsters or errant employees, need to make use of the Internet as an investigatory tool. Unfortunately there is a lack of knowledge of Internet investigation techniques amongst investigators especially those working in the public sector. The Internet can reveal a treasure trove of free information, which can even lead to the perpetrators’ door (literally).
Do you have a smartphone and therefore an on-line account for managing email, contacts and messages? Do you use it for accessing applications such Instagram, Flickr (for storing photographs online) and Facebook?
If these applications are used, without properly controlled account settings, then available on-line (for all to see) is your private information, your photographs and other personal data. Even information that you yourself have not uploaded or stored can be mined for more personal information. You might have had photographs taken by a professional, for example for the sale of a home, or at events or weddings, or even by friends and family. These images are then posted on web sites and/or stored on-line (perhaps on Instagram, and Flickr ) often without your knowledge. The images will retain tagging and geo data used by the photographer to catalogue their albums. This might be your postcode, email address, name, or other identifying information. Someone who knows what to look for and where to look can discover a lot about you!
Worrying! But also very useful if you are investigating an individual for criminal or civil offences (or just disciplinary matters). Here are a few examples where such information was used by investigators to find out about individuals clearly “up to no good.”
Case Study 1 – The Malicious Blogger
A Chief Executive of a public sector organisation received an email containing particularly threatening and abusive language and menacing comments. Enquiries about the routing of the email revealed it had been sent from an Internet café.
Just twenty-five minutes of open source research produced a result. The advanced search facilities within Google, and a couple of search facilities specific to social networking sites, identified the full details of the sender. Step one was to search the email address, which revealed a posting on a blog, which in turn revealed a publicly listed unique user name. This was searched and the user was found on a couple of unpleasant blogs linking with others. This in turn led to another user name which was very close to the individual’s real name. This in turn led to his Facebook account, tagged images, and other unpleasant on-line postings. A few minutes later the home address of the perpetrator together with very current photographs were discovered. He was found to be a professional working for a public authority!
Case Study 2 – The Rogue Employee
An employee was suspected of working on his own business whilst off sick from work. Resource intensive and potentially controversial covert surveillance was one of many options considered. However, from just a mobile number this individual was traced to an EBay account using the EBay advanced search facility. As well as identifying the goods for sale through this business venture, the username for this EBay account was linked to a website with a Twitter account. Tweets by this person revealed the exact times and dates when he was working on his own business. Much of what he was doing was taking place when he was at work. A web of business networking and LinkedIn activity was also unravelled detailing far more than what the investigators had imagined.
These are just a couple of examples of investigations where auditors/investigators benefitted from having a thorough knowledge of online investigation techniques. It doesn’t always work this easily but my new course explains the most effective techniques. I also provide practical guidance on how to capture online evidence to accepted national standards.
Any form of surveillance of individuals raises a lot of legal issues (see Ibrahim Hasan’s recent article on the law of employee surveillance). There are pitfalls especially relating to privacy, Data Protection and RIPA to name a few. This course will also give delegates an opportunity to network with others who face the same challenges.
Steve Morris is an ex police officer and one of our expert RIPA course trainers. Steve’s new E Crime and Social Networking Course is proving very popular amongst auditors and investigators wanting to know how to make best use of the Internet when conducting investigations.