Logo image
Back
Pandora's email box? An exploratory study of Web-based email forgery detection and validation
Journal article   Open access   Peer reviewed

Pandora's email box? An exploratory study of Web-based email forgery detection and validation

R. Boddington, G. Boxall and J. Ardley
Journal of Digital Forensics, Security and Law, Vol.7(1), pp.29-54
2012
DOI: https://doi.org/10.15394/jdfsl.2012.1111
pdf
pandoras_email_box.pdf1.05 MBDownloadView
Published (Version of Record) Open Access
url
Free to Read *No subscription requiredView

Abstract

Web based email systems may be a source of pristine digital evidence because of the perceived difficulty of client tampering with messages stored inside the email account. We demonstrate that such assumption is wrong in the case of Windows Live Hotmail®1. Windows Live Mail®1 synchronises message on client-side computers with the Hotmail® server, benefiting users wishing to synchronise their email accounts and personal devices. However, this synchronisation opens an exploit for wrongdoers to tamper with existing email messages and attachments as well as facilitating the insertion of fabricated messages. The exploit process enables persistent storage of tampered and fabricated messages on the Hotmail®1 server. The exploitation favours both account owners and wrongdoers who gain unauthorised access of others’ accounts. Even if tampering were suspected, we anticipate some difficulties in validating messages to determine their reliability and relevance. We predict, with trepidation, that the exploit process will become commonplace and pose greater challenges to the cyber forensics examiner and legal practitioner during investigations and legal proceedings. Regrettably, the exploit complements the existing arsenal of tools for email forgery. More ominously, it provides opportunity for traceless injection of illicit material/malware onto any machine synchronised with the Hotmail® account.

Details

Metrics

161 File views/ downloads
93 Record Views
Logo image