Global Digital Forensics - Experts in Computer Forensics and Electronic Discovery

New York Boston Washington, DC

San Francisco Los Angeles Las Vegas

Chicago Denver Albany Los Angeles

Europe Asia South America    

Computer Forensics Electronic Discovery Security Auditing
    Home | Contact | Site Map

 

COMPUTER FORENSICS Forensic Services

Email Forensics

INCIDENT RESPONSE

TRAINING
CORPORATE SERVICES
ATTORNEYS

PRIVATE INVESTIGATORS

COMPUTER FORENSIC FAQ

COMMON MISTAKES

QUICK ANALYSIS PLAN

FORENSIC PROCESS

CASE STUDIES

CORPORATE CV

REQUEST A QUOTE

FORENSIC LINKS

 

ELECTRONIC DISCOVERY
E-DISCOVERY SERVICES

DISCOVERY CONSULTING

EXPERT WITNESSES
CASE STUDIES

EVOLUTION OF DISCOVERY

STATE OF THE LAW

E-DISCOVERY LAW

E-DISCOVERY LIBRARY

SPOLIATION CASE LAW

E-DISCOVERY NEWS

REQUEST INFORMATION

CORPORATE CV

 

DATA SECURITY
MAINFRAME SECURITY
APPLICATION SECURITY

NETWORK SECURITY

SECURITY ALERTS

END USER TIPS

SECURITY LINKS

 

SOFTWARE
MaxPatrol

KEY FEATURES

ACCURACY

SCAN QUALITY

PERFORMANCE

RELIABILITY

COMPARISONS

CASE STUDIES

DATABASE

UPDATE SYSTEM

DOWNLOAD

 

RESOURCES
CONTACT INFO
COMPUTER FORENSICS
ELECTRONIC DISCOVERY
PARTNERS
PRIVACY POLICY

TERMS OF USE

 

 

Download

Information Sheets

 

 

New MaxPatrol Demo Available!
New Demo version includes new intelligent algorithms for detection of blind SQL-injection vulnerabilities in ANY (including custom) web-applications.

 

Go to Demo Download page

 

 

 

Email Forensics - Email Discovery      1-800-868-8189

We use email more often than we talk on our telephones or put things to paper - combined!

 

Winning Formula for Email Forensics

 

With GDF in the equation, Email + Social Networking + Texting + Tweeting = Evidence!  Call now for a free consultation (800) 868-8189.

 

 

Email is one of the most common ways people communicate.  From internal meeting requests, distribution of documents and general conversation one would be had pressed to find an organization of any size that does not rely on email.  Studies have shown that more email is generated every day than phone conversations and paper documents combined. Forensic Analysis of email clients and servers has been in the spotlight of civil and criminal cases worldwide and no examination of Document Discovery is complete without requesting, searching and organizing email.

 

Global Digital Forensics has the skill set, experience and tools to ease the burden of analyzing email, from one users mailbox to hundreds of custodians throughout a massive Microsoft Exchange or Lotus Notes organization. GDF has assisted clients in the forensic extraction and analysis of email, contacts and calendars in many cases.

 

Email and Social Networking ForensicsIdentification and Extraction

 

The first step in an email examination is to identify the sources of email and how the email servers and clients are used in an organization.  More than just a way of sending messages email clients and servers have expanded into full databases, document repositories, contact managers, time mangers, calendars and many other applications.  For instance, we have seen Microsoft Exchange customized to be used as a complete Customer Relationship Manager (CRM) and it is certainly not uncommon for the powerful database features of Lotus Notes and Domino Server to be exploited far beyond an email system.  Organizations use these powerful, database enabled email and messaging servers to manage cases, track clients and share data.  A skilled Forensic Examiner must know how to identify how these powerful business tools are being used far beyond email.

 

Many users store their personal calendars, contacts and even synchronize their  email clients with their Personal Digital Assistants (PDA).  Organizations use features like the Free/Busy Connector in MS Exchange to track availability of employees and utilize shared calendars to track appointments and meetings. Forensic analysis of the email server and the clients on users systems often yield an amazing amount of information on the user and the organization itself.  GDF can assist in properly asking for and analyzing email and organizational tools in a forensically sound manner.  Email forensics is more than looking at email messages and the examiner must be aware of the advanced features and forensic possibilities of   each type of email system.

 

Deleted Email 

 

Many user believe that once they delete email from their client that the the mail is unrecoverable.  Nothing could be farther from the truth, many times emails can forensically extracted even after deletion.  Many users also do not grasp the concept that email has a sender AND a recipient or multiple recipients.  Emails may reside on servers unbeknown to the user, or on backup tapes that were created during the normal course of business.  Of course they may also be extracted from the hard disk of the client or the server.  GDF has used forensic techniques and common sense to recover deleted email, calendars and more from users email clients and email servers.

 

 

Web Mail or Web Based Email

 

It is completely possible to forensically recover email that was created or received by web based email systems and from free web based email services such as Hotmail, Gmail (Google Mail) and Yahoo Mail.  These types of mail systems use a browser to interface with the email server, the browser inherently caches information to the disk drive in the system used to retrieve or generate the email thereby effectively saving a copy to the disk. A skilled forensic examiner can extract the HTML based Email from disk drive of the system used to create or retrieve the email messages.  many organizations also have a web based system for users to retrieve their email while out if the office, for instance OWA or Outlook Web Access used with Microsoft Exchange Servers.  These Browser Based Web Mail clients also cache messages to the disk.

 

Many Web Based or Web mail services, including Yahoo and Hotmail have shared calendaring services, personal calendars and contact managers as as email.  Anytime these services are accessed they may be cached to the disk as well.  GDF had an many instances where important contact information, such as email, for additional subjects was found because of careful analysis of all the web email and web based services was conducted.

 

 

Correlating Email Messages

 

 

If properly conducted and managed the forensic analysis of email yields documents that can be easily correlated by date, subject, recipient or sender and yield a highly understandable and easy to follow map of events and entities.  Global Digital Forensics takes great pride in the ability to correlate large amounts of data into understandable and easy to follow presentations.  While maintaining the highest standards of forensic soundness GDF uses specialized tools to link entities, dates, times and events ensuring that our clients, and their clients achieve the highest level of  efficiency and the highest quality work product when they choose GDF to conduct their email forensics or email discovery tasks.

 

 

Services Include:

 

bullet

Email Extraction
bullet

Discovery Consulting
bullet

Link Analysis

bullet

Acquiring Mail Servers (Notes, Exchange, Imail, Etc.)
bullet

Email Redaction
bullet

Web Services Forensics (Calendars, Document Management Systems, CRM, Etc.)

bullet

Instant Messaging Forensics
bullet

Acquiring and Analyzing Specialized Systems (SAS, PeopleSoft, etc.)

bullet

Expert Witness Services

 


Please contact Bill Harvanr for additional information.  Fred can be reached at

1-800-868-8189 or E-Mail info@evestigate.com


New York ° Washington, DC ° Tampa ° Los Angeles ° Chicago

Boston ° Miami ° Denver ° Albany ° San Francisco ° Los Angeles

Phone (800) 868-8189
Int Phone (212) 561-5860

FAX (727) 287-6011
Copyright 2000-2011 Global Digital Forensics, Inc.