Open Source Tools for Phishing Investigations

J. Philip Craiger, Paul K. Burke, Chris S. Marberry, Philip Craiger

Research output: Contribution to journalArticlepeer-review

Abstract

With the steady rise of online fraud, responders have often had to rely on computer forensic tools to determine the exact nature of incidents. Several commercial digital forensics software suites are available for examining digital media related to computer crimes. Although these tools provide examiners with extensive capabilities for forensic examinations, they can have significant drawbacks in terms of training, initial costs of the tool, and yearly maintenance upgrades. Alternatively, there are free and open source software (FOSS) tools with equivalent functionally that examiners can use to perform most of the same tasks possible by commercial applications. This article describes some FOSS tools that are suited for general forensic examinations, with an emphasis on those capable of the primary forensic examination tasks relevant to phishing cases, including identifying malware, automated and manual recovery of deleted files, creating a timeline, and identifying Web browser trace evidence.
Original languageAmerican English
JournalJournal of Digital Forensic Practice
Volume1
DOIs
StatePublished - 2006

Keywords

  • digital forensics
  • phishing and fraud
  • forensic investigation
  • computer forensics
  • open source tools

Disciplines

  • Computer and Systems Architecture
  • Forensic Science and Technology

Cite this