Articles
Pages
Products
Research Papers
Search - Easy Blog Comment
Blogs
Search Engines
Events
Webinar, Seminar, Live Classes

[Source: This article was published in techcrunch.com By Catherine Shu - Uploaded by the Association Member: Clara Johnson]

When Facebook  Graph Search launched six years ago, it was meant to help users discover content across public posts on the platform. Since then, the feature stayed relatively low-profile for many users (its last major announcement was in 2014 when a mobile version was rolled out) but became a valuable tool for many online investigators who used it to collect evidence of human rights abuses, war crimes and human trafficking. Last week, however, many of them discovered that Graph Search features had suddenly been turned off, reports Vice.

Graph Search let users search in plain language (i.e. sentences written the way people talk, not just keywords), but more importantly, it also let them filter search results by very specific criteria. For example, users could find who had liked a page or photo, when someone had visited a city or if they had been in the same place at the same time with another person. Despite the obvious potential for privacy issues, Graph Search was also an important resource for organizations like Bellingcat, an investigative journalism website that used it to document Saudi-led airstrikes in Yemen for its Yemen Project.

Other investigators also used Graph Search to build tools like StalkScan, but the removal of Graph Search means they have had to suspend their services or offer them in a very limited capacity. For example, StalkScan’s website now has a notice that says:

“As of June 6th, you can scan only your own profile with this tool. After two years and 28M+ StalkScan sessions, Facebook decided to make the Graph Search less transparent. As usual, they did this without any communication or dialogue with activists and journalists that used it for legitimate purposes.The creepy graph search itself still exists, but is now less accessible and more difficult to use. Make sure to check yourself with this tool, since your data is still out there!”

Facebook may be trying to take a more cautious stance because it is still dealing with the fall out from several major security lapses, including the Cambridge Analytica data scandal, as well as the revelation earlier this year that it had stored hundreds of millions of passwords in plain text.

In a statement to Vice, a Facebook spokesperson said “The vast majority of people on Facebook search using keywords, a factor which led us to pause some aspects of graph search and focus more on improving keyword search. We are working closely with researchers to make sure they have the tools they need to use our platform.” But one of Vice’s sources, a current employee at Facebook, said within the company there is “lots of internal and external struggle between giving access to info so people can find friends or research things (like Bellingcat),  and protecting it.”

TechCrunch has contacted Facebook for more information.

Categorized in Internet Search

[Source: This article was published in globalnews.ca By Jessica Vomiero - Uploaded by the Association Member: Anna K. Sasaki]

Amid the frenzy of a cross-country RCMP manhunt for two young men who’ve been charged in one murder and are suspects in another double homicide a photo of an individual who looked like one of the suspects began circulating online.

Bryer Schmegelsky, 18, and Kam McLeod, 19, have been charged with the second-degree murder of Leonard Dyck and are suspects in the double homicide of Lucas Fowler and Chyna Deese. The two men are currently on the run and police have issued nationwide warrants for their arrest.

The search has focused on northern Manitoba, where the men were believed to have been sighted on Monday. The photo was sent to police on Thursday evening by civilians following an RCMP request that anyone with any information about the whereabouts of the suspects reports it to police.

It depicts a young man who strikingly resembles the photos police released of McLeod holding up a copy of the Winnipeg Sun paper featuring the two suspects on the front page.

RCMP say the man in the photo is not the suspect Kam McLeod. Experts say police always have to follow up on online rumours and pictures like this.
RCMP say the man in the photo is not the suspect Kam McLeod. Experts say police always have to follow up on online rumours and pictures like this.

Police eventually determined that the photo did not depict either of the suspects.

“It appears to be an instance where a photo was taken and then ended up unintentionally circulated on social media,” RCMP Cpl. Julie Courchaine said at a press conference on Friday.

She also warned against sharing or creating rumours online.

“The spreading of false information in communities across Manitoba has created fear and panic,” she said.

While this particular photo did not show a suspect, the RCMP confirmed to Global News that their investigators follow up on “any and all tips” to determine their validity. Experts note that this mandate may force the RCMP to pull resources away from the primary investigation.

“They have to assign investigators to take a look at the information and then to follow up,” explained Kim Watt-Senner, who served as an RCMP officer for almost 20 years and is now a Fraser Lake, B.C., city councillor. “They physically have to send members out to try and either debunk or to corroborate that yes, this is, in fact, a bona fide lead.”

After seeing the photo, she noted that a trained eye would be able to see some distinct differences in the eyes and the facial structure, but “if a person wasn’t trained to look for certain things, I can see why the general public would think that was the suspect.”

She added that while she believes getting public input through digital channels is largely a good thing, it can also be negative.

“There’s a whole wave that happens after the information is shared on social media and the sharing of the posts and everything else, then it goes viral and it can go viral before the RCMP or the police have a chance to authenticate that information.”

While she knows through her experience as a Mountie that people are trying to help, “it can also impede the investigation, too.”

Near the beginning of the investigation, the RCMP appealed to the public for any information they had about Schmegelsky and McLeod, or the victims. Kenneth Gray, a retired FBI agent and lecturer at the University of New Haven, explained that the internet has also changed the way police respond when receiving public tips.

“Whenever you asked the public for assistance on a case and you start receiving tips, every one of those tips has to be examined to determine whether or not it is useful to solve whatever case you’re working on and that takes time,” said Gray.

“In this particular case with the photograph, it had to be examined to determine whether this was actually the suspect or whether it was just a lookalike that took vital resources that could have been being devoted to actually finding this guy.“ 

He explained that if he’d gone about verifying or debunking the photo himself, he’d attempt to determine where the information came from and trace that back to the person in the photo. He suggested performing an electronic search on the image to ultimately determine who is in the photograph.

In addition, the internet has added a new layer of complexity to screening public leads. With the advent of social media, “you get inundated with information that is coming from all over the place.”

“At one point, you would put out local information and you’d only get back local-type tips. But now, with the advent of the internet, tips can come in from all over the world. It casts such a large net that you get information from everywhere,” he said.

“That gives you a lot more noise.”

The model that most departments have pursued to deal with this, he said, is one that requires investigators to pursue all leads while setting priorities to determine which ones should be given the most resources.

While the widened reach that the internet affords can complicate things, some experts suggest that this isn’t always a negative thing.

Paul McKenna, the former director of the Ontario Provincial Police Academy and a former policing consultant for the Nova Scotia Department of Justice, agrees.

“All leads are potentially useful for the police until they are proven otherwise,” he said in a statement. “Every lead may hold something of value and police always remind the public that even the most apparently inconsequential thing may turn out to have relevance.”

Social media has played a role in a number of high-profile arrests over the years, including that of Brock Turner, who in 2016 was convicted of four counts of felony sexual assault and allegedly took photos of the naked victim and posted them on social media, and Melvin Colon, a gang member who was arrested in New York after police were given access to his online posts.

In this particular case, Watt-Senner explained that a command centre would likely be set up close to where the RCMP are stationed in Manitoba. She said that all information will be choreographed out of that command centre, where a commander will decipher the leads that come through.

“Those commanders would be tasked and trained on how to obtain information, filter information, and disseminate information and to choreograph the investigative avenues of that information in real-time,” Watt-Senner said.

She notes that the RCMP would likely have used facial recognition software to determine for certain whether the man depicted in the photo was, in fact, the suspect, and the software would also be used as citizens began to report sightings of the suspects.

“This is really integral. This is a really important part of the investigation, especially when you start to get sightings from different areas. That information would be sent to people that are specifically trained in facial recognition.”

While the investigation may take longer because of the higher volume of leads being received through digital channels, all three experts conclude that the good that comes from social media outweighs the bad.

 

Categorized in Investigative Research

[Source: This article was published in thegroundtruthproject.org By Josh Coe - Uploaded by the Association Member: James Gill] 

Last week ProPublica uncovered a secret Facebook group for Customs and Border Patrol agents in which a culture of xenophobia and sexism seems to have thrived. The story was supported by several screenshots of offensive posts by “apparently legitimate Facebook profiles belonging to Border Patrol agents, including a supervisor based in El Paso, Texas, and an agent in Eagle Pass, Texas,” the report’s author A.C. Thompson wrote.

This is only the most recent example of the stories that can be found by digging into Facebook. Although Instagram is the new social media darling, Facebook, which also owns Instagram, still has twice the number of users and remains a popular place for conversations and interactions around specific topics. 

Although many groups are private and you might need an invitation or a source inside them to gain access, the world’s largest social network is a trove of publicly accessible information for reporters, you just need to know where to look. 

I reached out to Brooke Williams, an award-winning investigative reporter and Associate Professor of the Practice of Computational Journalism at Boston University and Henk van Ess, lead investigator for Bellingcat.com, whose fact-checking work using social media has earned a large online following, to talk about how they use Facebook to dig for sources and information for their investigations. Their answers were edited for length and clarity. 

1. Use visible community groups like a phonebook

 While it remains unclear how Thompson gained access to the Border Patrol group, Williams says you can start by looking at those groups that are public and the people that care about the issues you’re reporting. 

“I have quite a bit of success with finding sources in the community,” says Williams, “people on the ground who care about local issues, in particular, tend to form Facebook groups.” 

Williams uses Facebook groups as a phonebook of sorts when looking for sources.  For example, if a helicopter crashes in a neighborhood, she suggests searching for that specific neighborhood on Facebook, using specific keywords like the name of local streets or the particular district to find eyewitnesses. Her neighborhood in the Boston area, she recalls, has its own community page.

 Williams also recommends searching through Google Groups, where organizations often leave “breadcrumbs” in their message boards.

 “It’s not all of them,” she notes about these groups, “but it’s the ones that have their privacy settings that way.”

 After speaking with Williams, I spent a few hours poking around in Google Groups and discovered a surprising amount of local and regional organizations neglected their privacy settings. When looking through these group messages, I had a lot of success using keyword searches like “meeting minutes” or “schedule,” through which documents and contact information of “potential sources” were available. While you can’t necessarily see who the messages are being sent to, the sender’s email is often visible.

This is just one example of a group with available contacts

1 Search 22Southwest Baltimore22 Redacted

2 Search Meeting Minutes Redacted

3 Redacted 22Meeting Minutes22 Results

4 Meeting Minutes

2. Filter Facebook with free search tools created by journalists for journalists

Despite privacy settings, there’s plenty of low-hanging and fruitful information on social media sites from Facebook to Twitter to Instagram, as a 2013 investigation by New Orleans-based journalism organization The Lens shows. The nonprofit’s reporters used the “family members” section of a Charter School CEO’s Facebook page to expose her nepotistic hiring of six relatives.

 “But if you know how to filter stuff… you can do way more,” van Ess says.

  In 2017, van Ess helped dispel a hoax story about a rocket launcher found on the side of a road in Egypt using a combination of social media sleuthing, Google Earth and a free tool that creates panoramas from video to determine when the video clip of the launcher was originally shot. More recently, he used similar methods as well as Google Chrome plug-ins for Instagram and the help of more than 60 Twitter users to track down the Netherlands’ most wanted criminal

He says journalists often overlook Facebook as a resource because “99 percent” of the stuff on Facebook is “photos of cats, dogs, food or memes,” but there’s useful information if you can sort through the deluge of personal posts. That’s why he created online search tools graph.tips and whopostedwhat.com so that investigators like himself had a “quick method to filter social media.”

For those early-career journalists who’ve turned around quick breaking news blips or crime blotters for a paper’s city desk, might be familiar with the twitter tool TweetDeck (if not, get on it!), Who posted what? offers reporters a way to similarly search keywords and find the accounts posting about a topic or event. 

Here’s how it works: you can type in a keyword and choose a date range in the “Timerange” section to find all recent postings about that keyword. Clicking on a Facebook profile of interest, you can then copy and paste that Facebook account’s URL address into a search box on whopostedwhat.com to generate a “UID” number. This UID can then be used in the “Posts directly from/Posts associated with” section to search for instances when that profile mentioned that keyword. 

These tools are not foolproof. Often times, searches will yield nothing. Currently, some of its functions (like searching a specific day, month or year) don’t seem to work (more on that in the next section), but the payoff can be big.  

“It enables you essentially to directly search somebody’s timeline rather than scrolling and scrolling and scrolling and having it load,” says Williams of graph.tips, which she employs in her own investigations. “You can’t control the timeline, but you can see connections between people which is applicable, I found, in countries other than the States.”

 While she declined to provide specific examples of how she uses graph.tips—she is using van Ess’s tools in a current investigation—she offered generalized scenarios in which it could come in handy. 

For instance, journalists can search “restaurants visited by” and type in the name of two politicians. “Or you could, like, put in ‘photos tagged with’ and name a politician or a lobbyist,” she says. She says location tagging is especially popular with people outside the US. 

Facebook’s taken a lot of heat recently about privacy issues, so many OSINT tools have ceased to work, or, like graph.tips, have had to adapt. 

 3. Keep abreast of the changes to the platforms 

The trouble with these tools is their dependence on the social platform’s whim–or “ukase” as van Ess likes to call it. 

For example, on June 7, Facebook reduced the functionality of Graph Search, rendering van Ess’s graph.tips more difficult to use.

According to van Ess, Facebook blocked his attempts to fix graph.tips five times and it took another five days before he figured out a method to get around the new restrictions by problem-solving with the help of Twitter fans. The result is graph.tips/facebook.html, which he says takes longer than the original graph.tips, but allows you to search Facebook much in the same way as the original. 

Even though the site maintains the guarantee that it’s “completely free and open, as knowledge should be,” van Ess now requires first-time users to ask him directly to use the tool, in order to filter through the flood of requests he claims he has received. 

I have not yet been given access to the new graph.tips and can’t confirm his claims, but van Ess welcomes investigators interested in helping to improve its functionality. Much like his investigations, he crowdsources improvements to his search tools. Graph.tips users constantly iron out issues with the reworked tool on GitHub, which can be used like a subreddit for software developers.  

Ongoing user feedback, as well as instructions on how to use van Ess’s new Facebook tool, can be found here. A similar tool updated as recently as July 3 and created by the Czech OSINT company Intel X is available here, though information regarding this newer company is sparse. By contrast, all van Ess’s tools are supported by donations. 

The OSINT community has its own subreddit, where members share the latest tools of their trade. 

4. Use other social media tools to corroborate your findings

When it comes to social media investigations, van Ess says you need to combine tools with “strategy.” In other words, learn the language of the search tool–he shared this helpful blog post listing all of the advanced search operator codes a journalist would need while using Twitter’s advanced search feature.

Williams also had a Twitter recommendation: TwXplorer. Created by the Knight Lab this helpful tool allows reporters to filter Twitter for the 500 most recent uses of a word or phrase in 12 languages. The application will then list all the handles tweeting about that phrase as well as the most popular related hashtags.

Bonus: More search tools 

If you want even more open-source tools honed for journalistic purposes, Mike Reilley of The Society of Professional Journalists published this exhaustive and continuously updated list of online applications last month. Be warned though: not all of them are free to use.

Categorized in Investigative Research

[Source: This article was published in enca.com - Uploaded by the Association Member: Rene Meyer]

In this file illustration picture taken on July 10, 2019, the Google logo is seen on a computer in Washington, DC. 

SAN FRANCISCO - Original reporting will be highlighted in Google’s search results, the company said as it announced changes to its algorithm.

The world’s largest search engine has come under increasing criticism from media outlets, mainly because of its algorithms - a set of instructions followed by computers - that newspapers have often blamed for plumenting online traffic and the industry’s decline.

Explaining some of the changes in a blog post, Google's vice president of news Richard Gingras said stories that were critically important and labor intensive -- requiring experienced investigative skills, for example -- would be promoted.

Articles that demonstrated “original, in-depth and investigative reporting,” would be given the highest possible rating by reviewers, he wrote on Thursday.

These reviewers - roughly 10,000 people whose feedback contributes to Google’s algorithm - will also determine the publisher’s overall reputation for original reporting, promoting outlets that have been awarded Pulitzer Prizes, for example.

It remains to be seen how such changes will affect news outlets, especially smaller online sites and local newspapers, who have borne the brunt of the changing media landscape.

And as noted by the technology website TechCrunch, it is hard to define exactly what original reporting is: many online outlets build on ‘scoops’ or exclusives with their own original information, a complexity an algorithm may have a hard time picking through.

The Verge - another technology publication - wrote the emphasis on originality could exacerbate an already frenetic online news cycle by making it lucrative to get breaking news online even faster and without proper verification.

The change comes as Google continues to face criticism for its impact on the news media.

Many publishers say the tech giant’s algorithms - which remain a source of mysterious frustration for anyone outside Google -- reward clickbait and allow investigative and original stories to disappear online.

Categorized in Search Engine

[Source: This article was published in fbi.gov - Uploaded by the Association Member: Carol R. Venuti]

Operation SaboTor, a multi-agency law enforcement action between January and March 2019 that targeted opioid sales on the Darknet, included this search of a vehicle and a residence in California. The search was the result of an eight-month investigation that led to five arrests.

When Knoxville first responders found a man dead in his home, there was clear evidence on the scene of the heroin that caused his overdose. Also nearby were clues to how the deadly drugs had reached him. Investigators found a padded manila envelope with postage and markings that provided them another link back to the online drug sellers who have proliferated on the Darknet in recent years.

Drug traffickers are increasingly using anonymous online networks to sell narcotics, including potent synthetic opioids like fentanyl, to buyers who can order and receive the drugs without ever leaving home. What can appear to be a regular e-commerce transaction is one of the delivery channels fueling a deadly nationwide epidemic. The Centers for Disease Control and Prevention reports that drug overdose deaths have been on an upward climb for several years, across the United States and across all demographic groups. In 2017 alone, 70,237 people in this country died of a drug overdose; two-thirds of those deaths involved an opioid.

As part of a government-wide effort to address the epidemic, the Department of Justice created the Joint Criminal Opioid and Darknet Enforcement (J-CODE) team in 2018 to leverage the power of federal and international partnerships to combat the complex and deadly threat of online drug sales.

Now in its second year, J-CODE is delivering results through coordinated efforts and the commitment of the nation’s law enforcement agencies to address opioid sales on the Darknet. Building on the success of last year’s Operation Disarray, the J-CODE team led Operation SaboTor between January and March of this year. These concentrated operations in the United States and abroad led to 61 arrests and shut down 50 Darknet accounts used for illegal activity. Agents executed 65 search warrants, seizing more than 299 kilograms of drugs, 51 firearms, and more than $7 million ($4.504 million in cryptocurrency, $2.485 million in cash, and $40,000 in gold).

“This is a new and evolving threat, and we found that no one agency can do it alone.”

Maggie Blanton, special agent, FBI Hi-Tech Organized Crime Unit

J-CODE joins the efforts of the FBI with the Drug Enforcement Administration (DEA), United States Postal Inspection Service (USPIS), U.S. Immigration and Customs Enforcement Homeland Security Investigations (HSI), U.S. Customs and Border Protection (CBP), Department of Justice (DOJ), and the Department of Defense (DOD). As many of these markets cross borders, Europol is also an invaluable international partner in J-CODE’s efforts to make a global impact on Darknet drug trafficking.

“This is a new and evolving threat, and we found that no one agency can do it alone,” said FBI Special Agent Maggie Blanton of the Hi-Tech Organized Crime Unit at FBI Headquarters. “The FBI may get information from local law enforcement after an overdose or arrest. Through that tip, we can work with our federal partners with the Postal Inspection Service, because so often the drugs are moving through the mail. Our Customs and Border Protection partners are a great resource on understanding trends and preventing drugs from coming into the country from abroad, and our partnership with DEA is critical because of their experience and expertise with drug cases.”

The evidence gathered from that overdose death in Knoxville, for example, was shared with local law enforcement and then with USPIS, the FBI, and other partners. The eight-month investigation led to the arrest of five suspects in the Los Angeles area in March 2019 who are believed to be behind at least two online drug sites that shipped out an estimated 1,500 parcels each month. Search warrants carried out on a residence rented by the suspects and two of their vehicles uncovered drugs, a loaded gun, mailing supplies, computers, cell phones, and transaction receipts.

FBI Special Agent Nathan Cocklin said members of his Hi-Tech Organized Crime squad from the Los Angeles Field Office, along with USPIS inspectors, interviewed the suspects as they were brought into custody. He said the suspects claimed they were just running a business, making money, and not considering the impact of their online sales. “It’s a transaction only,” Cocklin said of the Darknet marketplaces. “They don’t even know each other’s real names.” He said the suspects never considered that a package dropped in a mailbox in Southern California could mean the loss of a life in eastern Tennessee.

Drugs uncovered in a March 2019 search in California of a residence and vehicle involved in a Darknet drug investigation by the Joint Criminal Opioid and Darknet Enforcement (J-CODE) team.
Members of the J-CODE team conduct a search of a residence and vehicle in California in March 2019, where drugs were among the items seized.

A Multi-Agency, Multi-Layered Approach

The Darknet is a part of the Internet accessed through a specialized browser called Tor. Tor allows users to better hide who they are, where they are, and what they are doing online. Darknet marketplaces offer illicit goods that range from hacked bank accounts and stolen credit card information to guns and drugs.

“It’s become easier to get onto the Darknet marketplaces—all you need is a smartphone or computer,” said Chris Oksala, a supervisory special agent with DEA. “There are multiple ways to pay for the drug—from cryptocurrencies to Western Union transfers—and there are multiple ways to shield your identity.”

But on the other side of the seeming ease and anonymity of buying and selling on the Darknet is the hard work being done by law enforcement, in concert, to combat the illegal activity occurring online—from targeting the marketplaces and the sellers to reaching out to those buying illegal wares online.

“These are very complex and time-consuming cases for one agency,” said Kyle Rau, USPIS program manager for Darkweb investigations. “The ‘one government’ approach allows us to tap into each agency’s strength and allows each agency to focus on a particular task.”

The FBI and its law enforcement partners in the United States and abroad have had tremendous success in recent years taking down some of the largest and most profitable Darknet marketplaces. In 2017, law enforcement seized the AlphaBay marketplace, believed to be the largest Darknet market at the time. That seizure was followed by a takedown of Hansa market, another major player.

“It is harder to get the infrastructure up,” stressed Cocklin. “To compare it to a normal drug organization, a dealer is easier to replace than the head of the organization. If you take out a marketplace, you have to rebuild. It takes money and time and undermines trust. Did taking out AlphaBay and Hansa stop everything? No. Did it make an impact? Absolutely.”

The next-level target is the Darknet drug trafficking organizations. The goal of Operation Disarray and Operation SaboTor, along with the ongoing work of J-CODE partners, is to identify and arrest those behind the online sales.

“It takes work, but the FBI, USPIS, DEA, and others are laser-focused on tackling the opioid epidemic on the web.”

Nathan Cocklin, special agent, FBI Los Angeles

The final prong of the J-CODE effort is educating the public on the dangers of opioids by contacting individuals who are known to have purchased drugs online. Sometimes the message arrives too late. In locating and contacting buyers, the J-CODE team often comes across death notices and obituaries. In some cases, agents learn from buyers that they had survived an overdose; in other cases, agents learn from family members that a buyer did not. Oksala stressed that many of the drugs being sold online carry the added danger of unknown, powerful chemicals. “People are making thousands of pills at a time, doing the formulation without any scientific training,” he said.

The agents arrive with information on addiction and treatment, and their very presence challenges the anonymous nature of the Darknet. “If they know someone is looking, people lose faith in the marketplace,” said Rich Sheehan, USPIS assistant inspector in charge. “We’ve proven time and time again that they are not anonymous.”

”We are able to identify people,” said Cocklin. “It takes work, but the FBI, USPIS, DEA, and others are laser-focused on tackling the opioid epidemic on the web.”

Categorized in Internet Privacy

[Source: This article was Published in zeenews.india.com - Uploaded by the Association Member: Dana W. Jimenez]

BBC based its investigation on three points – where exactly did it happen, when did it happen, and who is responsible for the atrocities.

A video emerged earlier this year, showing some armed men in uniform brutally killing a group of women and children, and triggered uproar across the globe. It was alleged that the video, released by Channel 4, showed the killing of civilians by Cameroon’s army over alleged links with dreaded terrorist group Boko Haram.

The Cameroon government denied the claim, saying that the video was not shot in the country and that the Army was being wrongly blamed for killing civilians. A statement was released by Cameroon Minister of Communication, Issa Tchiroma Bakary, to deny the claims.

“The video that is currently going around is nothing but an unfortunate attempt to distort actual facts and intoxicate the public. Its sincerity can be easily questioned,” Bakary had said in his statement. While the statement came in July 2018, the government a month later said that seven members of the military were facing investigation.

BBC, however, decided to carry out a fact check of the video and the claims and counterclaims around it. And the media group did so with the help of Google Earth. It based its investigation on three points – where exactly did it happen, when did it happen, and who is responsible for the atrocities. The BBC released its findings in a video titled ‘Cameroon: Anatomy of a killing’.

Where:

The first 40 seconds of the video captures a mountain range with a distinctive profile. BBC journalists spent hours to match the range with the topography of northern Cameroon, but it failed to give the desired result. After a tip-off from a source, they studied the topography of a particular region and discovered that the range was near a village named Krawa Mafa, few hundred meters away from the Nigerian border. Other details in the video, such as houses and dirt tracks, were matched with the topography of the village and found to be same.

When:

This was the trickiest part of the investigation done by BBC journalists. Several bits and pieces were put together to identify the range of period when the civilians were killed. A building was visible on the satellite imagery but only till 2016, which suggested that the killings took place before that period. Another building was spotted to have come up in March 2015. Then, a path was traced which appeared only between January and July. The journalists also analyzed the shadow of walking assailants on the basis of the concept of the sundial. After the whole analysis, it was confirmed that the killings took place between March 20 and April 5, 2015.

Who:

The statement released by Cameroonian Minister of Communication Issa Tchiroma Bakary was used for this purpose. For instance, the minister in his statement claimed that the weapons in the video were not the ones used by the Cameroonian Army, but BBC analysis showed that one of the guns used was Serbian made Zastava M21, which is used by some sections of the country’s military. The minister also claimed that the dress worn by the assailants was one used for operations in forests. Bakary claimed that the soldiers in the said area wore a desert-style uniform. But Cameroonian soldiers in the region in a Channel 4 video of 2015 were seen wearing forest-style camouflage, similar to those seen in the video.

The focus then shifted to a statement released by the government in August 2018, which named seven soldiers who were arrested and under investigation. The names mentioned in the video, such as Corporal Tchotcho, were matched with some Facebook profiles. A profile of Tchotcho Cyriaque Bityala, who was among the detainees named by the government. Two other soldiers, named in the government list, were identified in a similar manner.

The findings were shared by the BBC with the Cameroonian government. Responding to it, the Bakary said, “Seven soldiers were arrested, disarmed. They are under investigation right now. I can confirm that all seven of them are in prison.”

Categorized in Investigative Research

[Source: This article was Published in techcrunch.com By Catherine Shu - Uploaded by the Association Member: Jay Harris]

Earlier this week, music lyrics repository Genius accused Google of lifting lyrics and posting them on its search platform. Genius told the Wall Street Journal that this caused its site traffic to drop. Google, which initially denied wrongdoing but later said it was investigating the issue, addressed the controversy in a blog post today. The company said it will start including attribution to its third-party partners that provide lyrics in its information boxes.

When Google was first approached by the Wall Street Journal, it told the newspaper that the lyrics it displays are licensed by partners and not created by Google. But some of the lyrics (which are displayed in information boxes or cards called “Knowledge Panels” at the top of search results for songs) included Genius’ Morse code-based watermarking system. Genius said that over the past two years it repeatedly contacted Google about the issue. In one letter, sent in April, Genius told Google it was not only breaking the site’s terms of service but also violating antitrust law—a serious allegation at a time when Google and other big tech companies are facing antitrust investigations by government regulators.

After the WSJ article was first published, Google released a statement that said it was investigating the problem and would stop working with lyric providers who are “not upholding good practices.”

In today’s blog post, Satyajeet Salgar, a group product manager at Google Search, wrote that the company pays “music publishers for the right to display lyrics since they manage the rights to these lyrics on behalf of songwriters.” Because many music publishers license lyrics text from third-party lyric content providers, Google works with those companies.

“We do not crawl or scrape websites to source these lyrics. The lyrics you see in information boxes on Search come directly from lyrics content providers, and they are updated automatically as we receive new lyrics and corrections on a regular basis,” Salgar added.

These partners include LyricFind,  which Google has had an agreement with since 2016. LyricFind’s chief executive told the WSJ that it does not source lyrics from Genius.

While Salgar’s post did not name any companies, he addressed the controversy by writing “news reports this week suggested that one of our lyrics content providers is in a dispute with a lyrics site about where their written lyrics come from. We’ve asked our partner to investigate the issue to ensure that they’re following industry best practices in their approach.”

In the future, Google will start including attribution to the company that provided the lyrics in its search results. “We will continue to take an approach that respects and compensates rights-holders, and ensures that music publishers and songwriters are paid for their work,” Salgar wrote.

Genius, which launched as Rap Genius in 2009, has been at loggerheads with Google before. In 2013, a SEO trick Rap Genius used to place itself higher in search results ran afoul of Google’s web spam team. Google retaliated by burying Rap Genius links under pages of other search results. The conflict was resolved after less than two weeks, but during that time Rap Genius’ traffic plummeted dramatically.

Categorized in Search Engine

[Source: This article was Published in lifewire.com By Tim Fisher - Uploaded by the Association Member: Issac Avila]

Do research, check neighborhood safety, or report crimes using these sites

Find crime statistics, crime scene investigation information, police information, and more with these law enforcement search engines, sites, and communities. These websites are open to everyone, and the information they contain is free. 

 Family Watchdog: Sex Offender Registry

Family Watchdog Sex Offender Registry

What We Like

  • Sends free notifications when offenders move in or out of your area.

  • Also contains information on food and drug recalls.

  • Includes blog with entries on topics to keep your family safe.

What We Don't Like

  • Map legend needs clearer explanations of the icons.

  • You have to click on icons one at a time to pull up the offender's photo and information.

  • The site is ad heavy.

Family Watchdog provides a notification service. You register an account and are delighted to see that no sex offenders live in your neighborhood. However, that could change, and if it does, you'll receive an email or text message from Family Watchdog with information about the new neighbor. You can also opt to search the data base of offenders by state. 

What We Like

  • Includes registries for 50 states, D.C., five territories, and many Indian tribes.

  • The Education & Protection web page includes safety information for families.

  • No advertisements.

What We Don't Like

  • Each registry is maintained by its state, territory, or tribe.

  • Any requests for changes or additional information must go through the individual registry affected.

The National Sex Offender Registry from the U.S. Department of Justice is another free service you can use to identify registered sex offenders in your local area. Sex offender registries, a searchable database of sex offender information and statistics, and help for victims of sexual crimes are all available here. You can search by name, location, ZIP code, address, school, and daycare facility. This information is especially useful if you're planning a move and want to make sure that neighborhoods you are thinking of moving to are safe. 

FBI

FBI

What We Like

  • Features a Case of the Week each week.

  • Contains information on fugitives, terrorists, kidnapped and missing persons, and crime statistics.

  • Seeks names or information on unidentified persons shown in photos or sketches.

What We Don't Like

  • How and where to search for information is difficult to determine on this vast website.

  • Designed to seek help from the public, rather than to serve as a search engine.

An enormous amount of information is available on the FBI website, including lots of crime statistics and law enforcement information, reports and publications, a Top Ten Fugitive list, information on how to become an FBI agent. The site is home to a rotating set of featured stories regarding crime and law enforcement, crime statistics, victim assistance, warnings about current popular scams, criminal justice information services, and much more. This site is updated frequently, as FBI information tends to change often. 

Officer.com

Officercom

What We Like

  • Headlines and the forums are updated regularly.

  • A collection of current goings-on in the law enforcement communities.

What We Don't Like

  • Contains many advertisements.

  • The headlines link to stories on other sites. There is no original content.

  • Not useful as a search engine.

The Officer.com website is useful for law enforcement agency search, officer search, and crime sites search. Firearms information, tactical training, career information, and active forums are also available. Much of the information is aimed at police officers, but it is of potential interest to anyone who wants to learn more about the criminal justice system. 

 National Criminal Justice Reference Service

National Criminal Justice Reference Service

What We Like

  • Enormous collection of search topics relating to crime and law enforcement.

  • Hundreds of downloadable publications.

  • If you can't find an answer to a question on the site, you are encouraged to email it to a Specialist for an answer.

What We Don't Like

  • The site contains so much information, it is a little overwhelming.

  • No indication how long it takes for a live Specialist to respond to an emailed question.

The National Criminal Justice Reference Service is a free, federally funded organization and website that provides justice and drug-related information to support research, policy, and program development. Search through A-Z topics, learn about the courts, funding opportunities, and law enforcement. Many different organizations are represented here, including the Bureau of Justice Assistance, Office for Victims of Crime, Office of Juvenile Justice, and the Bureau of Justice Statistics. 

 FindLaw

FindLaw

What We Like

  • Searches yield the names of lawyers with a specified area of expertise in a specific location.

  • Frequent updates with articles on current topics.

  • Library of podcasts and blogs.

  • Legal forms for download.

What We Don't Like

  • FindLaw is predominantly a legal marketing firm.

  • Law firms pay to be listed in the FindLaw directory.

FindLaw is a legal directory on the web with consumer legal information, criminal law resources, and a ton more law enforcement topics. All sorts of legal topics, state law information, and help in finding a local attorney for any legal need you might have are also available here. If you have a bit of legal research that you'd like to do, this is also a useful site. It doesn't substitute for advice from a licensed attorney, but it's good for getting started. 

Department of Justice

Department of Justice

What We Like

  • Attractive, professional website.

  • Provides ways to find sales of seized properties, locate prison inmates, identify missing persons, and report crimes.

  • Updated regularly.

What We Don't Like

  • The website contains so much information, it is difficult to know where to look.

  • Lists job possibilities but doesn't give information on requirements needed to apply.

All sorts of interesting things are on the U.S. Department of Justice website including reporting a crime, finding a job, locating an inmate, finding help for crime victims, sales of seized property, even reporting waste and misconduct. Here are just a few of the topics you'll find at the Department of Justice: How to Combat Terrorism, Uphold Civil Rights & Liberties, End Violence Against Women, and much more. You can also sign up for email updates to keep track of the latest law and order news that affects the nation. The Department of Justice also has a presence on several of the major social media platforms.

SpotCrime

SpotCrime

What We Like

  • Displays icons for different types of crimes on an area map.

  • Sends text messages to registered users when new crimes occur in their areas.

  • Includes burglary, theft, identify theft, assault, and other types of crimes.

What We Don't Like

  • Information about an individual crime is limited to date, type of crime, and address.

  • Contains display ads.

  • User interface could use a makeover.

SpotCrime provides a map of crime hot spots for hundreds of different cities around the United States. Click on your state and find the city you're looking for or give the website permission to determine your location, and then read the map legend to figure out what kind of crimes are represented on the map. You're able to browse by state here, and you can submit crime information if you have it. 

 

Categorized in Internet Privacy

[This article is originally published in newyorker.com written By Ned Beauman - Uploaded by AIRS Member: Jennifer Levin]

An open-source investigation is a tool anybody can use; as it spreads, it will inevitably mingle with the sort of delirium and propaganda that Eliot Higgins has always meant it to cut through.

On a recent afternoon in central London, twelve people sat in a hotel conference room trying to figure out the exact latitude and longitude at which the actress Sharon Stone once posed for a photo in front of the Taj Mahal. Among them were two reporters, a human-rights lawyer, and researchers and analysts in the fields of international conflict, forensic science, online extremism, and computer security. They had each paid around twenty-four hundred dollars to join a five-day workshop led by Eliot Higgins, the founder of the open-source investigation Web site Bellingcat. Higgins had chosen this Sharon Stone photo because the photographer was standing on a raised terrace, which makes the angles confusing, and used a lens that makes Stone appear closer to the Taj than she actually was. The participants, working on laptops, compared the trees and paths visible in the photo to their correlates on Google Earth.

Stone’s location on that day—the northwest corner of the Great Gate—may not have been of grave historical importance, but the participants were employing the same techniques that have underlaid Bellingcat’s news-making investigations into subjects such as the downing of Malaysian Airlines Flight 17, over Ukraine, and the use of chemical weapons by the Syrian Army. When Higgins was profiled in The New Yorker, in 2013, he was still alone blogger calling himself Brown Moses, and the field of open-source investigation—the microscopic examination of publicly available material such as satellite images, social-media posts, YouTube videos, and online databases to uncover the truth about disputed events—was in its infancy. Today, it is firmly established. Last year, the International Criminal Court issued, for the first time, an arrest warrant based solely on video evidence from social media, and the recent report on gas attacks in Syria by the Organization for the Prohibition of Chemical Weapons leans heavily on images from Google Earth that are annotated in a Bellingcat style. Meanwhile, open-source investigation reached a new audience this spring when the research agency Forensic Architecture, which has often collaborated with Bellingcat, was the subject of a show at London’s Institute of Contemporary Arts. (It has since been shortlisted for the Turner Prize.)

Higgins, who lives in Leicester with his wife and two young children, is now fielding ever more interest from journalists, N.G.O.s, corporations, universities, and government agencies, eager for his expertise. One of the participants in the London workshop I attended, Christoph Reuter, is the Beirut-based Middle East correspondent for Der Spiegel, and has worked as a reporter for three decades; when I asked him about Higgins, he made a gesture of worshipfully bowing down. Higgins started Bellingcat with a Kickstarter campaign, in 2014, but today almost half of its funding comes from these paid workshops, which he has been running since last spring, with the first in the U.S.—in Washington, D.C., New York, and San Francisco—planned for later this year. Higgins is also developing a partnership with the Human Rights Center at the University of California, Berkeley, School of Law, and hopes to hire enough staff to expand Bellingcat’s coverage into Latin America.

Higgins’s work is animated by his leftist, anti-authoritarian politics. One of the workshop attendees, a Middle East analyst named Robert, didn’t want his full name used in this article because certain factions in the region may see any association with Bellingcat as suspicious. But an open-source investigation is a tool anybody can use; as it spreads, it will inevitably mingle with the sort of delirium and propaganda that Higgins has always meant it to cut through. Crowdsourced Reddit investigations into Pizzagate or QAnon often appear, at first glance, not so different from a Bellingcat report, full of marked-up screenshots from Google Maps or Facebook. Even on the mainstream-liberal side, a new conspiracy culture sees anti-Trump Twitter celebrating any amateur detective who can find a suspicious detail about Jared Kushner in a PDF.

At the same time, the Russian government, which has derided Bellingcat’s open-source investigations in the past, now issues satellite images of bombings in Syria, inviting members of the public to look closely and see for themselves; RT, the state-sponsored Russian news channel, has launched its own “digital verification” blog, seemingly modeled on Bellingcat. In ramping up both reporting and training, expanding Bellingcat into some combination of news magazine and academy, Higgins is working to, in his words, “formalize and structure a lot of the work we’ve been doing” at a moment when the methods he helped pioneer are more than ever threatened by distortion and misuse.

I asked Higgins whether he excludes anyone from these workshops. “We’re going to start explicitly saying that people from intelligence agencies aren’t allowed to apply,” he said. “They’re asking more and more. But we don’t really want to be training them, and it’s awkward for everybody in the room if there’s an M.I.5 person there.” I asked how he’d feel if a citizen journalist signed up with the intention of demonstrating that, say, many of the refugee children who apply for asylum in the U.S. are actually grizzled adult criminals. He said he’d let that person join. “If they want to use these techniques to do that reporting, and it’s an honest investigation, then the answers should be honest either way. They should find out they can’t prove their ideas. And maybe they’ll learn that their ideas aren’t as solid as they thought.” Ultimately, Higgins respects good detective work, no matter where it comes from. At one point in the workshop, he showed the group a video about 4chan users taking only thirty-seven hours to find and steal a flag emblazoned with “he will not divide us,” which Shia LaBeouf had erected in front of an Internet-connected camera in a secret location as a political art project. “4chan is terrible,” Higgins said. “But sometimes they do really amazing open-source investigations just to annoy people.”

After Sharon Stone, there were several more geolocation exercises, concluding, on Day Two, with a joint effort to piece together several dozen photos of the M2 Hospital, in Aleppo, after it was bombed by pro-government forces. The challenge was to use tiny details to figure out exactly how they connected together in three-dimensional space: to determine, for instance, whether two photos that showed very similar-looking chain-link barriers were actually of the same chain-link barrier from different angles. “Most of my pictures are of rubble, which is super-helpful,” Diane Cooke, a Ph.D. student at King’s College London’s Centre for Science and Security Studies, said.

Higgins mentioned that he had left out all the gory photos, but nevertheless this exercise was a war crime turned into a jigsaw puzzle. Earlier, he had paused a video projection on a frame of a nerve-gassed Syrian child’s constricted pupil, which stared down at us for an uncomfortably long time. “I am careful about that,” he told me when I asked him about his approach to such horrors. The example which most frequently upsets people, he said, is a Bellingcat investigation into a mass execution by the Libyan National Army, in 2017: fifteen dark blots are visible against the sand on a satellite image taken later the same day. “It’s horrible, but it’s such a good example,” Higgins said. “And if you’re geolocating bloodstains, you’ve got to show the bloodstains.”

Afterward, it was time for lunch outside in the sun. Robert, the Middle East analyst, complained that he had “geolocation vision”: after a few hours of these exercises, it is impossible to look around without noting the minute textures of the built environment, the cracks in the sidewalk and the soot on the walls.

Days Four and Five of a Bellingcat workshop give the participants a chance to practice the skills they’ve just learned by launching their own investigations. Earlier this year, when Christiaan Triebert, a Bellingcat investigator, was mugged by two men on mopeds while he was in London to teach a Bellingcat workshop, he recruited his workshop participants to help him investigate the city’s moped gangs. (“My adrenaline turned into that energy—like, ‘This is pretty interesting!’ ” he recalled. “We were basically analyzing the Instagram profiles, mapping out the networks, who is friends with whom and where are they operating.”) Triebert has also run workshops in several countries where reporters are under threat of death. In Iraq, for instance, he trained reporters from al-Ghad, a radio station broadcasting into isis-occupied Mosul. “Some of their friends and colleagues got slaughtered by isis militants, and there was the video of it—they were drowned in a cage in a swimming pool. They said, “We really want to know where this happened, so if Mosul ever gets recaptured we can visit, but also just to see where they murdered our friends.” We started mapping out Mosul swimming pools, and within an hour they found it.

In the London workshop, the participants split up into three teams: one was trying to geolocate a video showing a bombing by U.S. forces somewhere in Damascus; another was analyzing the connection between water shortages in Iraq and the filling of the Ilisu dam, in Turkey; a third was investigating the leaders of a recent rally in London protesting the jailing of the far-right activist Tommy Robinson. Space took on the atmosphere of a newsroom. By the afternoon, the Damascus team had divided its labor: Higgins and Reuter were pursuing a single electricity pylon in the background of the murky green night-vision footage, which they thought would be enough to geolocate the bombing; Marwan El Khoury, a forensic-science Ph.D. candidate at the University of Leicester, was trying to pick out Polaris from the constellations briefly visible in the sky, in the hopes of determining the orientation of the camera; and Beini Ye, a lawyer with the Open Society Justice Initiative, was combing through relevant news reports. “Nobody has ever been able to geolocate this video, so it’s a matter of pride,” Higgins said.

On the last day, pizza was ordered so the three teams could work through lunch. At the deadline of 2 p.m., Robert, representing the Ilisu team, got up first. “We haven’t found anything spectacularly new,” he said, “but we’ve discovered that a claim by the Iraqi Water Ministry might be more or less correct. That sounds really boring, but I think it’s important.”

The Tommy Robinson team was next. It had found out that “Danny Tommo,” one of the pseudonymous organizers of the pro-Tommy Robinson protest, was already known to the police under his real name. To some laughter, they displayed a headline from a Portsmouth newspaper reading “Bungling armed kidnappers jailed for ‘stupid’ attempt.”

Five minutes before the deadline, there had been a burst of excitement from the Damascus team: Higgins had remembered that a Russian news service had put GoPro cameras on the front of tanks when embedded with Syrian armed forces in 2015. In one YouTube video, the tank jolted from the recoil after firing its gun, and for a moment it was possible to see a pylon on the horizon—which was helpful, Higgins explained, but not quite enough. Still, that didn’t mean the crucial pylon would never be found: some photos from Bellingcat investigations have taken as long as two years to be geolocated. “It’s good that it was really hard,” Higgins told me later. “You have to rewire how people think about images. So they become really aware of how the world is constructed.”

Categorized in Investigative Research

[This article is originally published in bizjournals.com written by RSM US LLP - Uploaded by AIRS Member: Issac Avila]

Persons engaged in fraud and illegal activity have long used several methods to hide ill-gotten assets. Today, forensic investigators have powerful new technological tools to track and uncover these assets. Some specialized techniques may require digital forensic specialists; however, more basic options are also effective.

Whether the suspected fraudster is a business partner, an employee or some other related party, the process for uncovering hidden accounts tends to follow a similar path.

Let’s look at basic techniques first.

The first step is to build a financial profile for the person or entity in question. This process involves gathering and reviewing documents and records such as tax returns, bank statements, mobile payment account history, investment account statements, credit card statements, life insurance policies, paycheck stubs, real and personal property records, lien records and any other financial-related statements for the period of time during which questionable activity is suspected.

As these documents are being compiled, build a master list comprised of all accounts identified, including owner’s names, authorized users, associated addresses or other account profile information. It is also advisable to identify potential email addresses, social media accounts, and other web-based account information.

When analyzing these documents, keep the following tips in mind:

  • For financial accounts identified, get the electronic statements directly from the source when possible. This helps ensure the integrity of the information. Also, if possible, obtain the information in electronic format so it can be ingested into various search and analysis tools.
  • Tax returns provide information concerning wages, business income, and investment income. They can identify the existence of both real and personal property and the possibility of foreign accounts or trusts. As tax returns reveal sources of income, tie them to specific accounts. For example, if the interest income is listed on the return, but no account is identified, investigate to find an institution, account number, and the related statements.
  • If a business is uncovered, in addition to identifying all financial accounts related to that business, try to obtain the articles of organization and/or other ownership information for that business. This can help identify, among many things, parties involved in illegal activity and other businesses a suspect is associated with, and it can even help identify any hidden assets.
  • Investment accounts have long been a popular vehicle to transfer and/or launder illegal funds through the purchase and subsequent sale of financial products and commodities. 
  • Reviewing pay stubs from the relevant period cannot only identify multiple bank accounts, but it can also help identify and/or support any unusual spending behavior and other financial activity.
  • Mobile payments through providers such as PayPal and Venmo have become increasingly popular and provide another avenue to divert funds and hide assets. The transaction history for these accounts should be obtained not only for this reason but in addition, it provides a paper trail of both the origin and recipient of funds that could uncover hidden accounts or parties associated with fraud or illegal activity.
  • Depending on the jurisdiction (state, county, city) real property records including deeds, liens and other documents identifying ownership of assets are publicly available information. These records can be used to identify any assets not previously reported without the request of a subpoena.
  • If a recent credit report can be obtained, it can be a useful document to help identify a large portion of these items in a consolidated format.

With all information gathered, the next step is a funds-tracing exercise to analyze deposits to, and withdrawals from, each of the identified accounts. Funds tracing may reveal even more accounts for which statements should be obtained and funds traced. Update the account master list to reflect any new accounts discovered and to record all deposits, withdrawals and other activity for each account.

When conducting a funds tracing, remember the following:

  • Develop a thorough list of the suspect’s family members and acquaintances, including names, aliases, and addresses, and match those names against account statements and transactions to determine if any related parties received funds. Close attention should be paid to any financial transactions with the suspect’s parents, children, siblings, romantic partners and any of their respective businesses.
  • Any unusual transfers or expenditures deserve special attention, as well as recurring deposits from a bank or brokerage in any amount. This could uncover dividend-paying stocks or interest-paying bonds.
  • A review of canceled checks will not only tell to whom the checks were paid, but also to what account number and institution the check was deposited, which can lead to new hidden accounts. Again, pay special attention to checks to family members and acquaintances or for unusual activities or amounts.
  • An analysis of ATM withdrawals or credit card cash advances, including aggregate amounts and the locations made, may indicate areas where the suspect is spending a large amount of time and possibly working to hide assets in secret accounts. Ask for explanations for any large cash withdrawals, whether through an ATM or in person.

Digital forensic analysis is another powerful tool for tracking down hidden assets. Whether it’s a work computer, personal computer, tablet or smart phone, any activity performed on the device can leave a trail of evidence. More sophisticated suspects may use encryption, wiping programs and private or remote web-browsing sessions to hide this evidence, but such steps on their own can help indicate fraud.

Digital forensic efforts to uncover hidden accounts focus on a variety of areas, including:

  • Email contents— Investigators can conduct keyword searches using names of suspected co-conspirators, romantic partners, family members, business dealings, business names, known code words or any other word or words that might be of interest to the investigator. They can also search for key information, such as new account setup forms, details or confirmations related to wire transfers, mobile payments, details of new business ventures or other case-specific information.
  • Accounting or budgeting software programs—A suspect who is a business owner or key accounting employee may be keeping multiple sets of books. Even if deleted, these may be recovered via digital forensic analysis and lead to unknown accounts.
  • Spreadsheets and other files—Suspects often keep track of account numbers and other information in spreadsheets or other files. 
  • Browsing history—Most internet browsers log information pertaining to website visits, as well as other internet activities, such as the completion of web-based forms and temporary internet files. A digital forensic specialist may uncover visits to bank or brokerage websites that may lead to unidentified accounts. Internet activity can also show information relating to online purchasing and payment activity, which could be useful in identifying expenditures and other potential assets.
  • Metadata analysis—Artifacts contained within documents (Word, Excel, PDFs), such as created and modified times, username and company name, can also help uncover fraud.
  • Registry analysis—Certain artifacts stored in the registry, such as USB connection information, network, and login information also can help in an investigation.
  • Mobile devices—Forensic specialists can analyze call logs, SMS messaging, and in some cases, email and email attachments. In addition, users tend to use these devices to access and monitor various assets such as financial accounts, online payment, etc.
  • Online social media activity, including Facebook, LinkedIn, and other sites—An analysis of a suspect’s public profile and activity may uncover a hidden business or other interests, which may lead to other unknown accounts. In addition, people frequently post information and pictures of new assets (i.e., cars, boats, etc.) on social media sites. This can lead investigators to potential assets and also help with documenting large expenditures.

By forensically preserving the electronic evidence (computer hard drive, mobile device, etc.) a number of potential data sources might become available. Included in this forensically preserved data might be previously deleted files, multiple versions or iterations of files, indications of files and programs being accessed. All of these items could provide leads for additional sources of information or indications of the user accessing or deleting data.

While this is not exhaustive, it does provide a useful overview for tracking down hidden accounts. Keep in mind that accounts are not the only places where fraudulent gains can be hidden.

However, a thorough search for, and careful analysis of, hidden accounts should be a central part of any fraud investigation.

For more information about fraud investigations, contact Brad Koranda at This email address is being protected from spambots. You need JavaScript enabled to view it. or call 612-376-9387.

RSM’s purpose is to deliver the power of being understood to our clients, colleagues, and communities through world-class audit, tax and consulting services focused on middle market businesses. For more information, visit rsmus.com.

As a partner with RSM's Forensic and Valuation Services group, Brad Koranda provides strategic advisory and financial services to companies across a broad scope of industries, including business and professional services, real estate, manufacturing, distribution, technology, insurance, investment management, life sciences, health care, and financial services sectors.
Categorized in Investigative Research
Page 1 of 2

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Subscribe to Our Newsletter

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media