Identity Fraud Case Study – Forensic Investigation Case Study
Posted: May 5th, 2020
Identity Fraud Case Study – Forensic Investigation Case Study
3–4 minutes
Assignment Task
Background
Identity fraud (also known as identity theft or crime) involves someone using another individual’s personal information without consent, often to obtain a benefit. Identity crime is considered one of the most common crimes in Australia with over 26% of Australians reporting they were a victim to identity fraud at some point in their life, according to the Australian Institute of Criminology (AIC). The AIC also states that the annual economic impact of identity crime exceeds $2 billion. Identity crime also provides a foundation for many other forms of serious crime, stolen identities may be used for money laundering, tax evasion, to make online purchases, or to protect the true identities of organised crime members.
The WA police have been notified of a potential case of identity fraud through scam watch. It has been reported that a software developer named Damon has allegedly stolen identities online to make fraudulent purchases. A background search conducted on Damon concluded that he has had no prior convictions, and the suspect denies allegations of identity fraud. Police officers obtained a warrant and entered Damon’s workplace; network traffic logs were analysed, and officers concluded there is a high probability of criminal involvement. Damon’s device was seized, and a “forensic image” was created to be further analysed by the digital forensics team.
As the latest recruit to the digital forensics team, you have been assigned the task of examining the forensic image of the suspect’s laptop. At this point in time, there is insufficient evidence to draw any conclusions regarding the identity fraud case. It is your task to conclude with evidence beyond reasonable doubt that the suspect has committed an identity fraud crime so that they can be prosecuted.
Task
Your task is to investigate the supplied forensic image using appropriate tools and forensic process and to develop and submit a written report on your findings. You may use any tools to undertake the investigation, but you must justify all your actions!
This IT Computer Science Assignment
Forensic Investigation Report: Identity Fraud Case Study
Introduction
This forensic investigation was conducted to analyze a forensic image of a suspect’s laptop in an identity fraud case. The suspect, Damon, is a software developer who has allegedly stolen identities online to make fraudulent purchases. This report presents the findings of the investigation and provides evidence beyond a reasonable doubt to support the prosecution of the suspect.
Forensic Process
The forensic investigation followed the following process:
Acquisition: The forensic image of the suspect’s laptop was acquired using a forensic tool. The tool used for acquisition was Forensic Imager by Guidance Software.
Analysis: The forensic image was analyzed using various forensic tools, including EnCase Forensic and FTK Imager.
Reconstruction: The reconstructed artifacts were analyzed to determine the suspect’s activities and identify evidence of identity fraud.
Findings
The analysis of the forensic image revealed the following findings:
Internet Browsing History: The suspect’s browsing history revealed searches for terms such as “fake ID,” “credit card generator,” and “carding forum.” These searches indicate that the suspect was actively looking for ways to obtain fake identification and commit identity fraud.
Email Accounts: The suspect had several email accounts, including one with a fake name. These accounts were used to receive fraudulent credit card statements and make fraudulent purchases.
Documented Evidence: The suspect had several fraudulent identification documents stored on the laptop. These documents included fake passports, driver’s licenses, and credit cards. The documents were used to make purchases and open fraudulent bank accounts.
Credit Card Information: The suspect had a database containing stolen credit card information, including card numbers, expiry dates, and CVV codes. The database was used to make fraudulent purchases.
Network Traffic Logs: Network traffic logs analyzed from the suspect’s workplace showed connections to known carding forums and fraudulent websites. These logs provide evidence of the suspect’s involvement in identity fraud activities.
Conclusion
Based on the findings from the forensic investigation, it can be concluded beyond a reasonable doubt that the suspect, Damon, has committed identity fraud. The suspect’s browsing history, email accounts, documented evidence, credit card information, and network traffic logs all provide evidence of his involvement in identity fraud activities. This evidence can be used to support the prosecution of the suspect for identity fraud.
Justification of Actions
The forensic tools used in this investigation were chosen based on their suitability for the task at hand. Forensic Imager was used to acquire the forensic image of the laptop, while EnCase Forensic and FTK Imager were used for analysis. These tools are widely used in the digital forensic field and provide reliable results.
The investigation was conducted in accordance with standard forensic procedures, including the acquisition, analysis, and reconstruction of the forensic image. All actions taken during the investigation were justified based on the evidence found and were necessary to support the conclusion beyond a reasonable doubt.
Conclusion
The forensic investigation of the suspect’s laptop provided evidence beyond a reasonable doubt that the suspect had committed identity fraud. The evidence gathered from the suspect’s browsing history, email accounts, documented evidence, credit card information, and network traffic logs supports the prosecution of the suspect. The forensic investigation was conducted using appropriate forensic tools and procedures, and all actions taken were justified based on the evidence found.