Research Paper on "Threatening E-Mail"
Research Paper 6 pages (2058 words) Sources: 8
[EXCERPT] . . . .
Threatening EmailThe law enforcement response to electronic threats requires an investigation like any other type of crime (Technical Working Group for Electronic Crime Scene Investigation 2001). When it comes to threatening emails, the important fact an investigator must consider is that the crime is not the email but, rather, the underlying threat to hurt another human being. Whether this threat is face-to-face or via the Internet, it is a crime nonetheless. The Internet simply allows a different medium in which individuals can engage in illegal activity. Before the Internet, threats were made in different ways, which suggests that "the crimes that are being committed haven't changed, jus the manner in which they're being committed" (Wiles & Reyes 2007).
Evidence and intelligence are equally important with investigating a digital crime such as the topic of this paper: a high school principal receiving a threatening email. Intelligence is information that is analyzed and interpreted while the evidence is any information that may be used in a court to decide the guilt or innocence of the accused (if there is an accused, that is) (Bryant 2008). For a digital crime such as this, recovered parts of the email communication would perhaps constitute intelligence and evidence. There is a certain format for which this investigation should be performed as well as a legal process that must be followed. There are many questions that need to be considered and this paper will attempt to answer the following: Was a crime committed? Who has jurisdiction? What are the legal issues that will need to be discussed with a prosecutor?
During the interview with the high
download full paper ⤓
The email message from webcourier.com (192.168.43.12) by mail.springfieldhs.edu (172.30.245.3) -- from -- consisted of: Subject: "lead will fly." Content: "Watch your back. I have all of you in my sights." The investigator needs to acquire a copy of the email including all headers (information that can trace the email back to the person who sent it). Once the email address (- -- ), the IP address, and the originating IP address is identified, the investigator can decide which route he or she wants to take - for example, contacting the email provider.
In this case, contacting the email provide, Web Courier, is necessary in order to find out if there is a name attached to the address or any other information that may be saved on the person's information or profile page. The investigator should note that they are performing a criminal investigation into a threatening email (or emails). The email provider may be just the source of information the investigator needs since when an email account is first opened, there are several terms of use that a person must agree to and one of those terms pertains to threats and harassment via email. The email provider has the authority to then investigate further into the person's account when there is a valid complaint or concern.
The preliminary information that the investigator should retrieve from the email provider are names associated with the account and whether or not there is a given location. At this point in time, the investigator should not ask the email provider to do anything (such as contact the individual). All the email provider should do is examine the account and give the investigator any pertinent information pertaining to the account. If the email provider were to contact the individual or shut down the account, it could impede progress on the investigation.
The next step will be to figure out what the sender's Internet Protocol (IP) address is. This is not difficult to do with most email clients (Yahoo Mail, Gmail and Outlook, for example). For example, on an email client such as Gmail (Google's email) the investigator must open the email in question and then click on the arrow that's to the right of the Reply link. Then "show original" should be chosen from the list. Looking for the text that begins with "Received: from" (or by pressing Cntrl + F is another option) and then performing a search is required. Most likely there will be several "Received: froms" in the message header -- (because the message header contains the IP addresses of all the servers involved in routing the email to the high school principal). Simply looking at the "Received: from" that is the furthest down on the list will reveal who or what computer originally sent the email (Online Tech Tips 2007). In this case, the first, or originating email, is 10.0.34.112. In the case of a Yahoo email account as well as other types of email accounts, the investigator can simply click on "Full header" as opposed to "Compact header" in order to see where the email originated.
Once there is an originating IP address -- 10.0.32.112, the next step is to figure out where that is. An IP address lookup must be performed next. There are different IP address location websites (for example, GeoBytes IP Locator) where searches can be done. By typing in the data 10.0.32.112, the country code, region code, city code, city ID, latitude, capital city, nationality singular, nationality plural, CIA map reference, country, region, city, certainty, longitude, time zone, population, Is proxy, currency, and currency code will be given (GeoBytes 2010). Another route to take is to do a Who Is Database search. This will give similar information as an IP Address Locator website including information on who hosts the IP address as well as registration information.
Internet Service Providers (ISPs) may log the date, time, account user information, and Automatic Number Identification (ANI) or caller line identification at the time of the connection (Gonzales et al., 2007). There are not any general legal requirements for log preservation; some may be kept for a limited time depending on the established policy of the ISP. Some ISPs do not keep logs at all (2007). Because the location 10.0.32.112 was discovered as well as its belonging to ptomaine.net -- a local ISP (uncovered through an IP search as mentioned above), the next step is to contact ptomaine.net to try and find out a name that goes along with the IP address. In this case, ptomaine.net revealed that "ramble" is registered to Mr. James Westfall, a local resident who has three children that are school age. Reyes and Brittson (2007) break it down like this:
You're investigating an email-based criminal threatening case where you were able to determine the originating IP address of the illegal communication. You were able to determine which ISP controls the address space that includes the IP address in question. If ISPs use dynamic addressing, how are you going to be able to determine which subscriber account used that address if any of a thousand or more could have been assigned to the suspect's computer? In this case, it would be extremely important for you to also record and note the date and time of the originating communication. The date/time stamp can be matched against the logs for the DHCP server to determine which subscriber account was assigned the IP address in question at that time (Reyes & Brittson 2007).
Because Ptomaine.net informed the investigator that the session where the threatening email was sent was established via a dial-up connection, further investigating needs to be done before naming Westfall as the only suspect. When one is using dial-up, the person is live on the Internet only while connected. Dial-up connections are hard to hack, so this narrows the chances of Westfall's computer being hacked to send emails; however, this does not mean that it is impossible to hack into dial-up connections; it only means that dial-up connections are not hacked as much because they are, for the most part, connected to the Internet for shorter amounts of time. Still, this needs to be investigated and the only lead there is at this time is Mr. Westfall's name and location.
From here on, there will be legal issues that must be addressed in relation to pursuing this case. Because the suspect, Mr. James Westfall, is a local resident, there may not be any real challenging issues when it comes to jurisdiction. Suspects/defendants may be arrested, accused, and/or sued in the state in which they reside (Casey 2004), so in this case there won't be any need for "minimum contacts" (2004). The threat is the main issue of this case -- not the email. Evidence… READ MORE
Quoted Instructions for "Threatening E-Mail" Assignment:
The Situation
The local HS principal calls you to say that he has just received a threatening e-mail
Discuss what information you want from the principal and how you would begin the
investigation.
In response to your interview, the principal gives you the following e-mail message.
Received: from webcourier.com (192.168.43.12) by mail.springfieldhs.edu (172.30.245.3)
From: shooter@webcourier.com
To: principal@springfieldhs.edu
Subject: lead will fly
X-Originating-IP: 10.0.34.112
Watch your back. I have all of you in my sights.
Discuss how you would begin an investigation based on the above e-mail message.
If you decide to contact the e-mail provider, what is your reason to contact them and what
preliminary information would you want? Is there anything that you can ask them to do at this
point?
If you decide not to contact the e-mail provider, what was the reason for that decision?
What information (evidence) is contained in the above e-mail message?
If you identify any information, please discuss what the information is and where it would lead
you.
If you are following up on any information, what legal process, if any, would be required? What
information could you get in response?
Through your investigation you discover that address 10.0.34.112 belongs to ptomaine.net, a
local ISP. How did you discover this?
What information would you want to get from ptomaine.net and what legal process would be
required?
In response to your request, ptomaine.net tells you that *****ramble***** is registered to Mr. James
Westfall, a local resident with 3 school-age children. What can you do with this information
and what legal process, if any, would be required?
You learn from ptomaine.net that the above session was established via dial-up connection. If
this is important to know please discuss why. In addition, please discuss what further
information you could discover and what legal process you would need (in addition to whom
it should be addressed).
From whatever information you have received from your requests, how do you trace your target
Back to the Real World and what legal process is required to do so?
How do you have close in on who actually sent the email?
You have closed in on the sender, discuss what the requirements are and what legal process is
required to get into the sender*****s home and what evidence you would want to seize once there?
You have located the sender and would like to speak to him. Discuss what the potential
ramifications are from speaking to the sender and what the analysis would be if the interview
were the subject of some legal challenge.
How to Reference "Threatening E-Mail" Research Paper in a Bibliography
“Threatening E-Mail.” A1-TermPaper.com, 2010, https://www.a1-termpaper.com/topics/essay/threatening-email-law-enforcement/37120. Accessed 29 Jun 2024.
Related Research Papers:
Corporate Email Security Term Paper
![Paper Icon](https://www.a1-termpaper.com/images/term-paper-3.png)
Corporate Email Security
Poor Email Security and Its Impact to Business Operation
Today's high technology still doesn't make us free from threats that can cause damage to important information. This… read more
Term Paper 3 pages (1121 words) Sources: 1+ Topic: Computers / IT / Internet
Interoffice Memo Research Proposal
![Paper Icon](https://www.a1-termpaper.com/images/term-paper-3.png)
Interoffice Memo and Email
Phoenix Advertising
Interoffice Memorandum
Moe Frands, Managing Director; Sasha Larr, Planning Director; Jane Dresser, Creative Director
FROM: Janet Ribble, Vice President of Human Resources
Roanoke Branch… read more
Research Proposal 1 pages (339 words) Sources: 1+ Topic: Career / Labor / Human Resources
SPAM Filtering Term Paper
![Paper Icon](https://www.a1-termpaper.com/images/term-paper-3.png)
spam filtering solution available and tries to analyze and compare the best way to fight email spam and come up with new ideas and approaches to decrease the amount of… read more
Term Paper 35 pages (10063 words) Sources: 1+ Topic: Computers / IT / Internet
Internet Globalization Good or Bad Research Paper
![Paper Icon](https://www.a1-termpaper.com/images/term-paper-3.png)
Internet
The globalization of the Internet has spawned a rash of cyberattacks on the U.S. Department of Defense and a number of its contractors. One such example was the Poison… read more
Research Paper 6 pages (1813 words) Sources: 5 Topic: Computers / IT / Internet
Challenges to the Sustainability of the Tourism Industry in Thailand Research Proposal
![Paper Icon](https://www.a1-termpaper.com/images/term-paper-3.png)
Developing countries are extremely dependent upon the tourism industry for both the economic and social stability that the industry provides. From an economic standpoint tourism provides jobs and economic stability.… read more
Research Proposal 13 pages (4073 words) Sources: 40 Style: Harvard Topic: Recreation / Leisure / Tourism
Sat, Jun 29, 2024
If you don't see the paper you need, we will write it for you!
We can write a new, 100% unique paper!