Computer Forensics covers a wide range of crime and subsequent investigations -law enforcement and legal personnel can use computer forensics for cases running from pornography to terrorism to fraud and other types of scamming.
Essentially, computer forensics is the investigation of computer equipment believed to be involved in any type of crime.
Typical forensic practices include copying the target computer’s hard drive to another in order for an examination to take place without compromising the original data.
This is often done because criminals are organised well enough to install measures to protect or destroy their data in the event of it’s capture.
A few common practices amongst the more savvy computer using criminals is to disguise files by making them appear to have the wrong file extensions, ie, camouflaging text documents as image files.
In order to protect their data they may employ methods such as linking the input / lack of input of data at certain places with a complete wipe of the hard drive, thereby destroying all possible evidence of their activities.
A computer forensic has the tools to recognise these possibilities and work around them.
In terms of scams, your average advance fee fraud perpetrator is, typically, not too bright.
Whilst they may be able to spoof email headers and create authentic looking pharming websites, their ability to secure their computers and networks is probably rather limited.
Of course computer forensics still has a role to play here – in breaking down and following email headers, finding the true origin when headers have been spoofed, etc.
In the more advanced cases of fraud, computer forensics can be applied to reconstitute records on a previously deleted hard drive, break encryption keys and even investigate packet data sent and received over various networks.
Finding emails, both sent and received, would be a simple task for the computer forensic.
As we all know, most scammers and fraudsters are from far away lands, such as Nigeria, but it is comforting to know that if one gets caught in the West then we have the technology to not only expose what they have been up to, but also that computer forensics is a recognised science that is admissible as evidence in court.