Straight Talk About Cyberstalking

Cyberstalking includes (repeatedly) sending threats or false accusations via email or mobile phone, making threatening or false posts on websites, stealing a person’s identity or data or spying and monitoring a person’s computer and internet use. Sometimes the threats can escalate into physical spaces.

There are just as many predators on the internet as there are in real life. Anyone can be stalked online but the majority of victims as in life offline are female. Stalking estimates show that 80% of stalking victims are women.

And the perpetrators are not just strangers. They can also be former, estranged or current partners, boyfriends or husbands. Domestic violence victims are one of the most vulnerable groups to traditional stalking so it’s no surprise they are vulnerable to cyberstalking as well.

As in other types of violence against women, cyberstalking is about power relations, intimidation and establishing control. If you are being stalked, know first and foremost that you did NOT “provoke” this harassment.

How can I prevent someone from stalking me online?

- Be careful what personal information you share online including in email, on social networking sites like Facebook, Twitter, Instagram, etc. It is very easy to glean information about where you live, the places you love to go to in your area and the people you care about from posts and pictures.

- Create a different email account for registering in social networking sites and other online spaces. It will help avoid spam and your personal email won´t be revealed if the online service doesn’t have a good privacy practice.

- Do not feel obligated to fill out all fields when registering online or provide identifying information such as birthdates and place in required fields.

- In your online user profile, use a photo that doesn’t identify you or your location, so you can’t be recognised.

- Consider using a name that is not your real name or a nickname as your email name, screen name or user ID. And try not to use common dates such as your birthday as the digits in your email name or password. Instead, pick a name that is gender- and age-neutral. Treat your email and/or internet account like you would your credit card, ID or passport number – very carefully.

- If you are breaking up with an intimate partner – especially if they are abusive, troubled, angry or difficult – reset every single password on all of your accounts, from email and social networking accounts to bank accounts, to something they cannot guess.

- Services such as Facebook change their privacy policy all the time, so it is a good idea to check your privacy settings to make sure you are sharing the information you want to share with people you trust and not the general internet public. Some sites have options for you to test how your profile is being viewed by others – test and make sure you only reveal what is absolutely necessary.

- What information are family and friends posting about you? Let them know your concerns about privacy and help them learn better privacy settings.

- Do an internet search of your name regularly and monitor where you appear online. If you find unauthorised info about yourself online, contact the website moderator to request its removal.

- Make sure that your internet service provider (ISP), cell phone service, instant messenger (called internet relay chat, or IRC in some terms of service) network and other services you use has an acceptable privacy policy that prohibits cyberstalking. If they have none, suggest they create one and/or switch to a provider that is more responsive to user privacy concerns and complaints.

Digital forensics takes much more than an average knowledge of all things digital, it requires a thorough understanding of investigative process, the law of evidence and of naturally the appropriate background to criminal and civil investigations.

Contact DLA today and let us follow the digital trail to find the evidence you need!

When should you consider using computer forensics?

If any form of digital information is even remotely involved in a case or legal situation, a computer forensic examination will be required. Digital information has invaded virtually every aspect of our day-to-day existence, having become a basic component of our lives, from computers, to smartphones, to social networking, digital information plays a crucial role in almost every case.

Computer forensics differs from data recovery, which is, recovery of data after an event affecting the physical data, such as a hard drive crash. Computer forensics goes much further. Computer forensics is a complete computer examination with intricate analysis of digital information being the ultimate goal.

For a successful forensics examination, you must have all the information relevant to a matter, not only to construct effective legal strategies, but also to focus your expectations and efficiently budget your services. There is nothing more difficult to address than a case which has become complicated by new facts, where you once expected the matter to proceed smoothly and without significant cost. Knowing all the facts early in a matter, allows you to better prepare for those cases that will require significant legal expertise to manage.

In response to pending litigation, analysing your relevant ESI is an excellent way to discharge your duties to preserve evidence and avoid spoliation, while also acquiring all relevant information essential to your legal theories and strategies. Similarly, as part of critical business decisions, forensically analysing relevant computers and devices can provide essential information. For example, analysing the computers of corporate officers or employees as part of the termination process can alert you to possible litigation issues such as violation of non-compete agreements, improper copying of intellectual property, etc.

To prepare for litigation, an attorney ought to determine whether a Request for Production of Documents will obtain all relevant evidence. A simple question to ask is whether you want to discover part of the relevant information (i.e. visible by your opponent’s operating system) or all of it (deleted, hidden, orphaned data, etc). It is not unrealistic to anticipate that information contained on a computer system which is helpful to a matter would be saved, while that which is harmful would be deleted, hidden, or rendered invisible. For example, in sexual harassment cases, it is not unusual to discover deleted emails and other data invisible to the operating system that significantly impacts the case. Computer forensic analysis extracts all the emails, memos, and other data that can be viewed with the operating system, as well as all invisible data. In many cases, the invisible data completely changes the nature of a claim or defense, often leading to early settlement and avoiding surprises during litigation.

In any situation in which one or more computers may have been used in an inappropriate manner, it is essential to call a forensic expert. Only a computer forensic analyst will be able to preserve, extract, and analyze the vital data that records the “tracks” left behind by inappropriate use. Taking the wrong steps in these circumstances can irrevocably destroy the vestiges of wrongful use that may result in litigation or criminal prosecution.

Digital, computer and mobile forensics requires much more than what you may think. At DLA, our seasoned investigators use a special set of skills and tools to recover or find the digital data that you need!

How Computer Forensics Works - Standards of Evidence

If the investigators believe the computer system is only acting as a storage device, they usually aren't allowed to seize the hardware itself. This limits any evidence investigation to the field. On the other hand, if the investigators believe the hardware itself is evidence, they can seize the hardware and bring it to another location. For example, if the computer is stolen property, then the investigators could seize the hardware.

In order to use evidence from a computer system in court, the prosecution must authenticate the evidence. That is, the prosecution must be able to prove that the information presented as evidence came from the suspect's computer and that it remains unaltered.

Although it's generally acknowledged that tampering with computer data is both possible and relatively simple to do, the courts so far haven't discounted computer evidence completely. Rather, the courts require proof or evidence of tampering before dismissing computer evidence.

Another consideration the courts take into account with computer evidence is hearsay. Hearsay is a term referring to statements made outside of a court of law. In most cases, courts can't allow hearsay as evidence. The courts have determined that information on a computer does not constitute hearsay in most cases, and is therefore admissible.

If the computer records include human-generated statements like e-mail messages, the court must determine if the statements can be considered trustworthy before allowing them as evidence. Courts determine this on a case-by-case basis.

DLA is based in Cape Town and combines the experience of two seasoned investigators with both criminal and civil backgrounds with the latest technologies to follow the electronic trail and find the digital evidence you need!

How Computer Forensics Works - Phases of a Computer Forensics Investigation

The experts at DLA listed the following steps every digital forensic investigators should follow to retrieve digital evidence:

1. Secure the computer system to ensure that the equipment and data are safe. This means the detectives must make sure that no unauthorized individual can access the computers or storage devices involved in the search. If the computer system connects to the Internet, detectives must sever the connection.

2. Find every file on the computer system, including files that are encrypted, protected by passwords, hidden or deleted, but not yet overwritten. Investigators should make a copy of all the files on the system. This includes files on the computer's hard drive or in other storage devices. Since accessing a file can alter it, it's important that investigators only work from copies of files while searching for evidence. The original system should remain preserved and intact.

3. Recover as much deleted information as possible using applications that can detect and retrieve deleted data.

4. Reveal the contents of all hidden files with programs designed to detect the presence of hidden data.

5. Decrypt and access protected files.

6. Analyse special areas of the computer's disks, including parts that are normally inaccessible. (In computer terms, unused space on a computer's drive is called unallocated space. That space could contain files or parts of files that are relevant to the case.)

7. Document every step of the procedure. It's important for detectives to provide proof that their investigations preserved all the information on the computer system without changing or damaging it. Years can pass between an investigation and a trial, and without proper documentation, evidence may not be admissible.

8. Be prepared to testify in court as an expert witness in computer forensics. Even when an investigation is complete, the detectives' job may not be done.

All of these steps are important, but the first step is critical. If investigators can't prove that they secured the computer system, the evidence they find may not be admissible. It's also a big job. In the early days of computing, the system might have included a PC and a few floppy disks. Today, it could include multiple computers, disks, thumb drives, external drives, peripherals and Web servers.

Computer Forensics Basics – How it works

The purpose of computer forensics techniques is to search, preserve and analyze information on computer systems to find potential evidence. Many of the techniques detectives use in crime scene investigations have digital counterparts, but there are also some unique aspects to computer investigations.

For example, just opening a computer file changes the file -- the computer records the time and date it was accessed on the file itself. If detectives seize a computer and then start opening files, there's no way to tell for sure that they didn't change anything. Lawyers can contest the validity of the evidence when the case goes to court.

Some people say that using digital information as evidence is a bad idea. If it's easy to change computer data, how can it be used as reliable evidence? Many countries allow computer evidence in trials, but that could change if digital evidence proves untrustworthy in future cases.

Computers are getting more powerful, so the field of computer forensics must constantly evolve. In the early days of computers, it was possible for a single detective to sort through files because storage capacity was so low. Today, with hard drives capable of holding gigabytes and even terabytes of data, that's a daunting task. Detectives must discover new ways to search for evidence without dedicating too many resources to the process.

What are the basics of computer forensics? What can investigators look for, and where do they look? Find out when the digital forensic experts from DLA discuss the steps in collecting evidence from a computer?

Four ways to protect your PC data

A modern PC leads a kind of dual life. On the one hand, it serves as an entertainment centre, offering access to games, online videos, and the entire Internet. On the other hand, it acts as a tool for collecting, creating, and storing important information of all kinds.

If your computer is lost, broken, or stolen, switching to a new one has little effect on the entertainment side. But unless you've properly protected the personal data on that system, a theft or loss could become a data disaster.

The digital forensic experts at DLA use state-of-the-art techniques and software to recover your precious data, whether it was accidentally deleted or even stolen.

But, how can you head off such a disaster? Here are some hot ideas:

1. Hide Your Valuables
If a burglar breaks into your house, will she find your valuables lying around in plain sight? Or have you hidden them away safely? By the same token, even though your security suite or antivirus really should fend off data-stealing Trojans, protecting your personal data on the chance one might get through is just common sense. Having your data locked down will also help if that burglar makes off with your laptop.

2. Skip the Recycle Bin
When you need to dispose of papers that contain private information, you don't toss them in the recycling bin with the newspapers. Rather, you put them through the shredder. When deleting sensitive files, you should likewise avoid Windows's Recycle Bin.

3. Encrypt It!
A data-stealing Trojan will grab what it can get easily. Unless you're the target of a personally directed hack attack, you can figure that even simple encryption will defeat the Trojan. Got a sensitive file you need to keep, rather than shred? At the very least, copy it into an encrypted ZIP file and then shred the original.

4. Keep It Offsite
PCs break down, laptops get stolen, files get lost. A backup copy is the ultimate security for your data, but if you keep the backup with the computer a single disaster can take out both at once. A hosted online backup service encrypts your data and keeps it in a safe location far, far away.

Unless your PC functions as nothing but an entertainment centre, its loss or theft will have an impact far beyond the cost of a replacement. By taking steps to protect the important data on the PC you can keep that impact to a minimum.

Hide personal data, securely delete outdated sensitive files, and encrypt sensitive files that you're still using. That will keep a thief from stealing both your PC and your identity. Maintaining an offsite backup copy will ensure you don't lose access to the data files you really need to keep. A little effort now can save a huge headache later.

How to protect the private data on your phone

Your mobile phone carries all sorts of details that could damage you in the wrong hands. Here's how you can protect it from prying eyes.

• Register your IMEI number

The International Mobile Equipment Identity is used by police to trace a lost phone. Network providers use it to block a stolen phone. It's usually found under the battery, or via the phone's settings. Register it at a site such as immobilise.com.

• Remotely wipe all data

If you have lost your phone, you can clear the data before thieves download it. Android devices can use Google Sync along with Google Apps Device Policy to clear data remotely. Have you cleared your data and you want to get it back? Contact the digital experts at DLA and you can get your precious data back quickly and easily!

• Get antivirus protection

Now is the time to protect against malware and viruses, particularly on Android phones. There are subtle ways for developers and fraudsters to get to your data. Most computer antivirus-software companies provide apps to keep out malware and viruses that grab data.

• Download a phone-Finder app

Most smartphones now have GPS tracking -- which you can use to locate a lost phone. Apple's Find My iPhone app has been free since the introduction of iOS 4.2. Android users should try Theft Aware.