by Alain Filotto | Oct 10, 2024 | Uncategorized
Ep 13 – AI and Cybercrime: The New Frontier in Digital Forensics
Join me as I dive into the world of digital forensics with Alain Filotto, a seasoned Digital Evidence Specialist from ALPHAFOX Forensics Ltd.
In this episode, discover how cybercriminals are leveraging generative AI, the ethical dilemmas facing law enforcement, and the cutting-edge technologies shaping the future of digital investigations. Alain offers insights on protecting yourself from AI-enabled cybercrimes and discusses the critical balance between thorough digital investigations and privacy concerns.
Whether you’re a cybersecurity professional, law enforcement officer, or simply interested in the intersection of technology and crime, this episode provides a look at the challenges and opportunities in modern digital forensics.
Full episode:
Spotify : https://lnkd.in/e-wUpH5S
Youtube: https://lnkd.in/dRaVcYP5
Apple Podcast: https://lnkd.in/ev3eMYC6
Amazon Music: https://lnkd.in/evszxUWS
by Alain Filotto | Sep 26, 2024 | Cybersecurity, General Topic
Yes I finally got scammed! I wanted to. I’ve been wanting to see how these scams work and obviously wanted to make a blog about it. So I decided to answer one of those annoying text messages we all get. Below is what happened over last weekend.
First of all I get this text message, now I got a lot of crap messages, but this one was addressed to me. They knew my first name so I was curious about that. It came in on the telegram application which I don’t use a lot but as far as I knew, they can’t tell what your name is. I thought they were just sending messages to random numbers.
Now obviously there’s a problem with this account because “Claire Wilson” says her name is Zelmira… there’s your first clue that it’s a scam. Let’s continue…
She says she got my name from my profile but I’m not sure that’s true. Actually my name and phone number are all over my website so there’s probably some tools that they have which made the connection. Whatever. She continues by basically saying that if I follow certain Instagram pages they will pay me. I’ve heard that this actually is possible so I wasn’t 100% sure it was a scam at that point. I’ve had people contact me asking me if I want to pay to promote my business and have people follow my Instagram page. So it is possible. She asks me to follow Tim Hortons on Instagram. I can’t imagine Tim Hortons would pay people to have them follow their account but let’s see where this goes.
I follow TH and that makes her happy! Then she puts me in touch with someone else, the “receptionist”.
The receptionist named “Safira” asks me to follow another page and send her a screenshot, which I do.
Then she asks me to create an account with “Newton Crypto Wallet”. I have never heard of them so I looked it up and it’s a real online wallet. Now I’m really curious how they’re gonna scam me!
She says they’re going to send me $15 U.S. dollars for following 2 pages. I was quite certain it was bullshit and there’s no way they’re gonna send me money. But they did! $20 Canadian. I really was surprised. But considering how much money they make from scams, that is a small amount for them.
So long story short they send me an invite to a group chat where they will post “missions” every day. You have to do 25 missions and you have to do them in order to get your money. If you do all the missions you will get $500 US everyday which is not bad for following Instagram pages. Well that’s what I thought it was. Obviously there’s a scam there otherwise i wouldn’t be writing a blog about it! So on the next day I start with the first mission which is to follow a page on Instagram. Easy enough. Now the second mission is more complicated…
I was kinda glad that the scam starts at mission 2 because I was worried about having to follow a bunch of pages all day. I mean if there’s 25 missions in 12 hours that means you have to check the group chat every half hour or so. Booooring! Again long story short, they want me to send money to “prop up” the crypto market and then I will make money back with a Commission. Basically if I send $80 they will send me $120 back and I make $40. As a side-note, manipulating markets is illegal. So they are asking me to break the law.
There’s no way I’m sending any money but I figured I could send them the $15 they sent me and then I don’t lose anything. But of course the minimum is 80… And finally, the scam is revealed! It’s possible they would have sent me the $120 with commission to keep me interested. And later get me to send more money. I say some people in the chat sending $500 or more. Those were probably all in on the scam. After I told her who I really was and that I was planning to write a blog about the scam she removed me from the group chat. LOL
In the end I was happy with myself. I got $15 from the scammers! But… the final kick in the pants is that I tried to transfer the $15 US they sent me to my Coinsquare account (where I do have some crypto). They wanted to charge me $12 to transfer! I would only get $3… WTF? Anyway I did learn a lot and I am sharing. Be careful out there and do not trust anyone who randomly contacts you. Remember, there is no easy money on the internet.
by Alain Filotto | Aug 23, 2024 | Uncategorized
Dash cameras have become an indispensable tool for capturing unbiased footage on the road, used extensively by drivers, truckers and law enforcement alike. These devices often play a pivotal role in investigations related to traffic incidents and crimes. However, when police need to seize a dash camera, they must approach the task with care, especially given that some cameras have the capability to automatically start recording when they detect motion.
The Motion-Detection Feature in Dash Cameras
Many modern dash cameras are equipped with motion-detection features that allow them to begin recording whenever they sense movement in front of the vehicle. The main function is to capture impending collisions, but it is also useful for monitoring activity even when the car is parked, ensuring that no important event goes unnoticed. However, this same feature can present challenges during a police seizure, as improper handling might inadvertently trigger the camera to record, which could alter or compromise crucial evidence.
The Risks of Mishandling
When police officers seize a dash camera with motion-detection capabilities, there are several risks to consider:
1. Accidental Activation: If the camera detects motion during the seizure, it could start recording, potentially overwriting critical footage. This could result in the loss of important evidence that might be essential for understanding the incident being investigated.
2. Concerns About Evidence Integrity: If the camera records after being seized, it may raise concerns about the integrity of the evidence. In court, the defense could argue that the footage was tampered with or manipulated, leading to doubts about its authenticity.
3. Legal and Ethical Challenges: Mishandling a camera in a way that triggers recording could result in the evidence being considered inadmissible. This could jeopardize the case, creating legal challenges and potentially hindering the pursuit of justice.
Advice for Lawyers: Handle with Care
Lawyers who come into possession of a dash camera, whether during discovery or as part of evidence gathering, must also be extremely cautious. Due to the motion-detection feature in some dash cameras, handling the device improperly could cause it to start recording. This could overwrite existing footage or create new recordings that complicate the case.
If a lawyer suspects that a dash camera may contain valuable evidence, the best course of action is not to power it on or attempt to review the footage themselves. Doing so could risk losing critical evidence or raising questions about the chain of custody and the integrity of the data.
Best Practices for Police and Legal Professionals
To mitigate these risks, both law enforcement officers and legal professionals should follow best practices when dealing with dash cameras, particularly those with motion-detection features:
– Minimize Movement Around the Camera**: Be mindful of movements that could trigger the motion sensor when approaching or handling the camera. Slow and deliberate actions can prevent accidental activation. Stay to the side of the camera or behind it.
– Secure the Camera Immediately: Whether in police custody or legal possession, the camera should be powered down or shielded to prevent further motion detection. This ensures that no additional footage is recorded, preserving the original data intact.
– Thorough Documentation: The seizure or handling of the camera should be meticulously documented, noting the condition of the camera and any steps taken to secure it. This documentation is crucial for maintaining the chain of custody and ensuring the integrity of the evidence.
– Consult a Digital Forensics Expert: Lawyers and law enforcement should enlist the services of a trained digital forensics expert to handle the camera. These professionals have the expertise to extract and preserve data without risking damage or data loss. This ensures that any evidence gathered from the camera can be confidently presented in court.
Conclusion
Dash cameras with motion-detection features are invaluable tools for recording events on the road, but they require careful handling by both law enforcement and legal professionals. To ensure the integrity of the evidence, the best approach is to minimize direct interaction with the device and seek the assistance of a digital forensics expert. By adhering to these practices, all parties can ensure that the evidence remains reliable and uncontaminated, supporting the pursuit of justice in legal proceedings.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
https://www.linkedin.com/in/alain-filotto
by Alain Filotto | Jun 5, 2024 | Uncategorized
by Alain Filotto | Apr 11, 2024 | Forensics, General Topic
In today’s digital age, mobile devices have become an integral part of our lives, storing a treasure trove of information that can be crucial in legal proceedings. From text messages to emails, photos, and app data, mobile devices often hold the key to unravelling complex cases. As a digital forensics expert, I often find myself at the forefront of acquiring and analyzing this vital evidence. In this blog post, we’ll explore the three types of acquisitionsâlogical, file system, and physicalâand delve into the intricacies of recovering deleted data from both Apple and Android devices.
Logical Acquisition
Logical acquisition involves extracting data that is accessible through the device’s operating system. This method is non-intrusive and typically yields a comprehensive snapshot of the device’s current state. Legal professionals often opt for logical acquisitions when seeking recent communications, call logs, and app data. However, it’s essential to note that logical acquisitions may not capture deleted or hidden data.
File System Acquisition
File system acquisition goes one step further by directly accessing the device’s file structure. This method provides a more comprehensive view of the device’s storage including metadata. File system acquisitions are particularly valuable in cases where more evidence is needed than a simple logical acquisition. For legal professionals, this means a deeper dive into messages, images, and documents that could make or break a case.
Physical Acquisition
Physical acquisition is the most comprehensive method, involving a bit-by-bit copy of the device’s storage. This approach captures every byte of data, including hidden and deleted files, making it the gold standard for mobile forensic examinations. While physical acquisitions provide unparalleled insight, they also require specialized tools and may be subject to legal constraints. Nevertheless, for legal professionals seeking irrefutable evidence, physical acquisitions offer a comprehensive solution. The good news is that we have access to VeraKey which allows us to obtain physical acquisitions for most mobile devices!
Recovering Deleted Data
Both Apple and Android devices pose unique challenges when it comes to recovering deleted data. Apple’s iOS employs stringent security measures, making it difficult to access deleted information without specialized tools and expertise. However, with the right techniques, forensic experts can often recover deleted messages, photos, and app data from iCloud backups or device backups stored on computers.
On the other hand, Android devices offer a more varied landscape, with a multitude of manufacturers and operating system versions. While some Android devices may offer easier access to deleted data, others may pose significant hurdles. Forensic experts leverage a combination of techniques, including manual analysis and specialized software, to recover deleted data from Android devices.
Conclusion
In the realm of digital forensics, the acquisition and analysis of mobile devices play a pivotal role in legal proceedings. By understanding the nuances of logical, file system, and physical acquisitions, legal professionals can better navigate the complexities of digital evidence. Furthermore, with the ability to recover deleted data from both Apple and Android devices, forensic experts provide a valuable resource in building robust cases.
In summary, whether it’s uncovering incriminating text messages or retrieving deleted photos, mobile forensic acquisitions offer a wealth of opportunities for legal professionals seeking to present compelling evidence in court. By partnering with experienced digital forensics experts, lawyers can ensure that no digital stone is left unturned in their pursuit of justice.
If you have any questions or want to book a free consultation, contact me on LinkedIn. It is the best place to reach me.
https://www.linkedin.com/in/alain-filotto