Forensic Accounting’s New Best FriendAccountants have been investigating fraudulent financial records and providing litigation support to the private and public sectors for many years. In spite of this, most Chartered Accountants have very little to do with this interesting area of their profession. Forensic Accounting, a process that involves the utilisation of accounting, auditing and investigative skills, can be used in a number of scenarios. These include investigation & analysis of financial evidence and assisting in legal proceedings by providing expert witness testimony. A fairly recent phenomenon that can greatly benefit the role of the Forensic Accountant is the development of computer forensics. With the ever increasing use of computer technology in most areas of daily life, new opportunities have been presented for Forensic Accountants. Enter the Computer GeeksComputer Forensics is an excellent complementary litigation support aid, as technical investigations can unearth much more than tracing the money trail through traditional methods. The trail of evidence in a well planned fraud can be difficult to investigate, but in the numerous cases I have witnessed, those with criminal intent nearly always make critical mistakes that lead to their downfall. Overconfidence often results in them becoming sloppy, as they convince themselves that they will get away with it. Armed with the suspect’s computer and/or mobile phone, however, much valuable evidence can be collected and analysed. Imagine the potential gold mine from the suspect’s PC; email communications, instant messenger conversations, web sites visited and electronic documents created. Ah, but surely they would have deleted those incriminating emails and files, you say! Possibly, but by utilising computer forensics such evidence may be recovered. Even if some documents can no longer be accessed directly via Windows, deleted data often remains on the disk in areas that can be recovered using specialist tools. Before rushing into an investigation, though, beware. Computer forensic investigators need to ensure that the actions they follow adhere to strict standards to maintain the admissibility of the evidence produced. It is essential that evidence contained on computers and computer related storage media is preserved, then recovered in such a way that it can be demonstrated to the courts that the actions of the investigator have not changed the evidence. Then there is the additional area of mobile phone investigation. Following similar principles, we can collect data about phone calls and text messages made and received. Phone call records can link certain parties involved in a fraud case, and incriminating received and sent text messages may prove invaluable. Following analysis in an investigation, strictly factual reporting of the information found is required, and this can often be presented by an expert witness in court. Bluetooth HackingDo you have a Bluetooth-enabled mobile phone? For those who don’t know, Bluetooth is a specification for wireless networks, commonly used to connect and exchange information between all sorts of devices such as mobile phones, computers and even printers via a short-range radio frequency. In 2003, security flaws were discovered on some Bluetooth-enabled mobile phones. Taking just a few seconds to run, attackers now have the ability to perform the following on vulnerable phones:
Some unscrupulous people set up their own premium rate lines, and then make victim phones call this line. It could be hours before the victim realises. Even though these Bluetooth security issues have been around for a long time, many phones remain vulnerable. How many mobile phone users would know how to update their phones with security patches from the likes of Nokia et al?
The good people at trifinite.org have released some free proof-of-concept software that allows you to ‘audit the phones of friends and employees’. Blooover can be installed onto a phone, and it sucks text messages from vulnerable nearby phones, downloads the phone book and even writes a new phonebook entry. Alan Phillips MBCS |
