Email Collection and Analysis
Email Collection Types
The methods of email collection vary depending on the type of email account. Our team of digital forensics examiners have the ability to preserve email accounts using industry-standard tools and collection methods.
Locally stored email
Locally stored email is often captured when Sensei images the device it is stored on. Local email generally resides in email clients such as Microsoft Outlook or Mac Mail.
Webmail accounts
Another common mail type is webmail (e.g. Gmail and Yahoo), which is generally accessed using a web browser like Google Chrome, Mozilla Firefox, or Microsoft Edge. Sensei can remotely collect data from most webmail sources if the client can provide us with the username and password to their account(s). In some cases, the client will have to assist us with accessing the account if Multi-factor Authentication (MFA) is on for the account.
Email Analysis Methods
The forensic analysis of email is something that we perform using industry-standard digital forensics software. Email analysis includes tasks like searching for specific messages using criteria, such as:
- Keywords
- Subject titles
- Attachment types
- Other email addresses
- Date and time
- IP address information