eVestigator Blog is Simon Smith's personal blog of some of his real life testimony of his Computer Forensic Expert and cyber forensic private investigator experiences and opinions. Often these are de-identified, demonstrating real life cyber-forensic life situations that have occurred and provides tips, suggestions and a depth of the life of a Computer Forensics Expert and Computer Hacking Forensics Investigator and Ethical Hacker, and Master Programmer - as well as his work as a Forensic Expert Witness for the courts. This is not CSI Folks, this is real life.Join Today FOR FREE EMAIL CYBER-BLOG UPDATES Learn more
These are a few outstanding hand-picked blogs by eVestigator
13 April 2016 - eVestigator® - "Around 7:30 am this morning a story ran on Channel 9's Today show about the security of contact-less credit cards. It was a good balanced story however I am not of the opinion that criminals can generate the CVV or a derivative of it via a mathematical algorithm and magstrip data. Needless to say, the number and expiry date could book you a nice week at the Hilton Hotel or anywhere MOTO (Mail Order Telephone Order) is accepted, as it is not a merchant requirement to request the CVV for non contact sales."
"And of course it featured the eVestigator® himself, Simon Smith!! I was happy to help with the story and taping went well. It was really good to see the finished story and somewhat ironic and funny in a way with the placement of the MasterCard statement! I would have liked to have seen it live but television scheduling can be hectic and the decision to use it was probably last minute, so there was no warning to anyone involved with the story. I am just happy to help shed some light on the possible risks of using this technology. It is an interesting subject and worth looking into further."
"The fact that 'Mythbusters' were banned from investigating and/or doing a story related to this technology is disturbing but also understandable to an extent. Methods of stealing and copying credit card information shouldn't be advertised and made publicly available without proper countermeasures as readily available."
"However, if the technology is as secure and unhackable as they say, why wouldn't they be confident enough to allow people to publicly test it? It would reassure the public if all attempts are unsuccessful. A copy of the exclusive is available here, or see below."
20 June 2016 - eVestigator® - "In a complex case of cyber stalking, cyber harassment and cyber bullying, where both parties are in a contentious situation, Simon Smith (eVestigator) has been appointed by the parties to an intriguing legal battle between 3 parties to where there has been a case of stalking and mental harm as defined in the Personal Safety Intervention Orders Act 2010 but by whom? I am completely independent in all cases and only report on facts so provided parties cooperate, it will be one of my many interesting cases." "Simon has succeeded in many of these, including recently a reverse stalking case that ended up in finding 7 identities relating back to the one sole entity with no IP address whatsoever. Cyber email skip-tracing is something that is eVestigator's specialty and it is not easy without the ability to perform a summons or have police help when stalking is performed by means of a 'FREE' webmail account in an overseas jurisdiction with hidden IP headers and absolutely no technical or legal means of getting those details from the source." Having succeeded in other cases, this case poses a very different perspective. The reason for his appointment demonstrates a rather large whole in the system. To be fair, Cyber Forensic Investigators are not Lawyers and Lawyers' are not Cyber Forensic Investigators. In some ways this action may be at the wrong time in the proceedings. It is not a question of law, rather, it is a question of investigation." "There could be several outcomes. Both parties could have nothing to do with the conduct. Either party may. My findings are to the court and I have to do whatever I need to do to ensure my findings are independent and in my training of lawyers as mediators - this is not something that lawyers typically like doing!" "However at the end of the day I look for the quickest path to get to the best solution for a result as long as those paths are not distorted or tampered with. I always find alternative methods and it relies on working cooperatively with all the parties, because litigation and wondering is worse than knowing both for the victim and the stalker (whoever that may be). Update: As it turned out - as I was restricted to one chance at gaining evidence, I asked for a very high threshold of evidence under summons as I leave no stone unturned. I was shortly notified that the parties settled by voluntary undertaking."
25 June 2016 - eVestigator - "In an utmost unbelievable series
of non-traceable emails, of an enormous abusive nature - to the
point of potentially one of the worst cases of impersonation and
fraud I have seen to date, eVestigator succeeded in catching
7 stalkers in 1."
"Although in instinct, it was known in 5 minutes, in evidence it took about 8-10 hours to get the evidence. IP Tracing as you know from Hotmail or Gmail is not possible. eVestigator has to use other techniques in order to get a positive match on both the stalker, combined with investigative techniques to match it to a suspect."
"It was determined that this particular stalker was sending emails to himself in the third person and then forwarding them to his ex, purporting that they were received from the partner of his ex in an attempt to defame the partner of his ex, along with 6 other identities aimed at the workplace of the partner of the ex, false testimonies from both sides and it was a major case."
"The results of this case are still pending as the remedies are multi-jurisdictional. It is unknown what the victim will do in this situation. He and his partner both were surprised of the outcome. To me, it seemed to fit like a jigsaw - yet it is something beyond somebody's normal conscious understanding to comprehend. Since catching many cyber-stalkers it surprises me with the blanket of strength the internet places over them. People have to understand - it is still a very serious crime."
These are made from true life events. They are not in any way intended as legal advice or advice in any way.
Amateur Sleuthing - new technology - good or bad? Simon Smith talks to the media- 15 June 2018 - eVestigator® - "Simon Smith is interviewed by the Courier Mail and ABC Radio's 'Richelle Hunt' afternoon show regarding 'Amateur Sleuthing' and the emergence of technology, the dangers, potential of stalking and more. This arose from the infamous 'poo jogger' incident where a series of community members setup a scenario to catch a person who was 'defecating' on the lawns of their houses on a regular basis while jogging. Quoted in the Courier Mail... "Cyber investigator Simon Smith said amateur sleuthing was a growing trend thanks to advances in technology and plummeting prices".
"The average person is a little bit more savvy and they kind of investigate things themselves", he said.
"It's actually getting justice for a lot of people. From a crime perspective, it has helped".
"If you see an incident it's well worth recording it because there are situations where the truth is not always said in court".
Brisbane's 'poo jogger' was caught defecating on a pathway at a Greenslopes apartment complex on Logan Rd.
That was exactly what Greenslopes resident Steve was thinking when he teamed up with a neighbour to catch the poo jogger.
After "wildly guessing" at the timing of the dirty deeds the duo bought a wireless night-vision camera with motion sensors designed to capture elusive wildlife.
The technology would have cost thousands of dollars a decade ago, but can now be sourced for less than $200 online.
The blurry images gave them a timeline.
The dawn detectives then hopped in their cars and parked at various locations around Greenslopes to keep tabs on the runner.
To read the article click here.
To hear the radio interview click here."
Simon Smith of eVestigator helps expose Travelalot, an alleged fraud travel agent- 15 May 2018 - eVestigator® - "Simon Smith of eVestigator helps expose Travelalot an alleged fraud travel agent on A Current Affair.
Travelalot is an online booking site to book holidays at a very cheap rate, including in most cases, accomodation and airfares. After being advised by ACA that there is a very large amount of customers complaining about this business (and its other similar business) I opened up communication with the owner to validate the facts.
Booking online holiday 'travel vouchers' has led to a major investigation and alleged loss for Australian Consumers. Simon Smith #eVestigator appears on 'A Current Affair'.
Be careful when #booking online #holidays (or vouchers thereof) - a very elaborate alleged fraud in Australia's own back yard has been exposed on National TV. https://travelalot.com.au is an online booking site offering very cheap prices by way of 'vouchers' promising to be redeemed for holidays and in most cases, this includes #accomodation and #airfares with no particular formality.
After being advised by #ACA that there was a large amount of #consumers complaining about this business (and its other similar business) I opened up communication with the owner to validate the facts. The owner shortly stopped communication when the facts did not turn his way and sadly, the more cases that came to me, the more #evidence I saw confirming allegations! I strongly advise anybody that believes they may be affected by this alleged fraud to contact https://www.scamwatch.gov.au and lodge a report to the #ACCC, as they are the true regulators in this industry.
It honestly shocked me to learn how long many people had been waiting for, and all of this in #Australia! At first instance, I thought, as the business looked legitimate, I may be dealing with a #phishing case, however I learnt that every case I examined actually did experience the problems conveyed to me, in the very minimum, unnecessary delays and promises of refunds in such delays. I make no comment as to the business and its conduct.
The nine news report is below:
The video footage is also below:
My part was purely factual. Anyone affected, it is vital to direct the complaint to the right authority to invoke a proper investigation - and that is SCAMWatch.gov.au.
Thank you to all consumers and advocates that helped out during the investigation and that were so passionate about raising the bar for Australian consumers. Now it is time for the regulator to take action."
ABC Interview talking Consumer Privacy, Hackers and Social Media- 27 April 2018 - eVestigator® - "In this interview, the ABC morning breakfast show wanted to know some of the very basics about how they can protect themselves online in the wake of the 'Facebook realisation', where essentially people now understand - there data is really everywhere.
I gave some useful tips and generally explained what I do in some capacity (for consumers). For businesses it is more online defamation and serious cybersecurity breach investigations. In Australia, it is true - there is no police effort that goes into this area, and many people are left in the dark not knowing who is out to get them. Click here"
Massive identity theft case solved - Beware of Internet Fraud- 05 April 2018 - eVestigator® - "It started off with an innocent facebook invitation. As you do more and more of these Cybercrime cases you see the trigger points looking at you straight in the face. The question that some might ask is, "Why?". Facebook has an established trust based on 'friends'. Your instinct tells you that if there is a 'blonde bombshell' wanting to be friends with you gentleman, that you should automatically accept!
Well instinct can be very deceiving. In this last case, Simon Smith of eVestigator uncovered a major fraud that was so intertwined between aliases, social networks, stolen identities, and fixations of stalking that it was a great cybercrime catch. There is always a reason behind cyberstalking, and Mr. Smith explains the psychology like this:
"Cyberstalkers want to live in the shoes of another. They want to make an impact, whether it be in the shadows or in the public. They thrive on sharing their stories with others. They find that it is both funny, and a game until they get so far into it - they start believing they are in fact the identity they are portraying themselves as. This is when it turns serious. This was the case recently. I was tasked with finding a serial cyberstalker that not only was living the life of another person, but was living friends lives through that of her immediate family. It become 'sickening'. She made herself out to be the perfect person that she always wanted to be at the detriment of a innocent young man, almost costing him his life and his sanity".
Not many people understand the psychology of cybercrime. Mr. Smith recently had the benefit of being trained by the world renown Steve Van Aperan, as a Master in Detecting Deception, the reading of body language, and conducting effective behavioural interviews. He is one of the most advanced criminal profilers in the world. After he assisted police in 68 homicide investigations and two serial killer cases, the media gave Steven Van Aperen the moniker 'The Human Lie Detector'. To help police read people, Steve developed his unique four-stage process and his hugely successful '60 Second Profiling Technique'. He has trained intelligence agencies, homicide detectives, the Defence Security Authority and Department of Defence personnel in how to read people and detect deception by analysing verbal, non-verbal and paralinguistic behaviours. His training is recommended to any person interested in in-depth Cybersecurity and Cybercrime as the element of human reasoning plays a key factor in determining both intent and motive and guides a good investigation.
This case was a huge success and the person found is likely to be charged with a sentence that will see her convicted and jailed, although that is up to the Crown Prosecutor. The family was very happy with the results. There are 4 key lessons to take away from this:
•You do not know anyone until you have met in person and validated who they are from what they have said;
•You should not invest in anyone who will not invest in you. We are physical beings and need physical contact. The internet is an illusion to many, and cannot be supplemented for reality;
•If there are always barriers and deflection, then there is a reason. Set some trigger points, give some chances, then walk away;
•There is no such thing as internet dating - whoever made that term up must not have been conscious. The internet is used to introduce humans to one another and should be seen as nothing more than that.
You can read more about Simon Smith here or on his media site, here.
Most updates are on LinkedIn: https://www.linkedin.com/in/simonsmithinvestigator
Yet another case solved. There are two interesting cases on right now. Keep a look out!"
Crypto Advertisers Report Ad Suspensions And Account Terminations- 12 March 2018 - eVestigator® - "Crypto Advertisers On Google Adwords Report Ad Suspensions And Account Terminations Google have a lot to answer to. They are suspending advertisers of innocent cryptocurrency platforms when the reality is they let through the hoops "Paid Phishing Advertisers" - which certainly leaves them open and responsible for the losses suffered to those that went to fake sites 'sponsored' for a fee by Google. I believe this is intended to shift blame, and anybody affected by Cryptocurrency phishing can contact me as there is action going on in this area. It is about numbers."
Simon Smith talks live on air about the CPU Meltdown and Spectre issues- 11 January 2018 - eVestigator® - "I have prepared a basic rundown of where the Meltdown and Spectre CPU vulnerabilities sit. What the vendors are doing, what it means to you, how to update your systems, and a bit of advice especially if you lease or host Virtual Private Servers.
First off, I started the week with a basic radio interview on the state of affairs Monday morning. This article/interview was not intended to be exhaustive as it was all still very fresh - but hopefully they will answer some questions you may have.
CURRENT STATUS - Google has now revealed more details about the CPU security flaw dubbed Meltdown and Spectre affecting many Intel CPU's. ARM (Intel) also appears to be affected by the security 'vulnerability', but the latest news at the time of writing this article is that AMD now too appear to be susceptible.
NON DISCLOSURE AGREEMENTS - Apparently it has been revealed that those in the industry involved, all the way from the chipset production to experts in the field had been made to sign non-disclosure agreements, as this was all known (at least to Google) over a month ago. As it is necessary, with every breach, which usually refers to data, but in this case, physical, it does mean immediate action must be taken.
FIRST THE NECESSARY BUT BORING BIT - Please contact your software and device manufacturers or carriers to make sure that all applications and operating systems installed on your Phones, Chromebook's, Laptops, PC's, Mac's and other devices are up to date. For those of you who have rooted or Jailbroken your phones (this means hacked the phone to gain super user rights) - you may want to think about going back to stock firmware!
WHAT DOES INTEL SAY? - Intel have began issuing their patches for both the Meltdown and Spectre vulnerabilities that affect its processors. The tricky part for Intel will be to get them sent through its distributor and branded network.
WHAT DOES MICROSOFT AND APPLE SAY? - Naturally both Corporations have patched their latest operating systems, including the latest releases of Linux, but to this date, there has been no announcement as to gaming consoles, smart televisions or any other devices. This is of grave concern.
APPLE, MACS, IPHONES AND IPADS - Those who run the Mac OS v 10.13.2 are fine with that version Apple has stated publicly. However, all Macs, iPhones and iPads are affected by Meltdown and the updates that were going to be scheduled for later this week have been 'hurried up' because the vulnerability got "discovered".
GOOGLE ANDROID/SAMSUNG/HUNDREDS OF MANUFACTURERS - Android mobile devices and tablets are a concern. They almost all use ARM processors in their Android based devices, especially Samsung, the most popular. What is difficult here, is that these updates are going to have to be filtered down through manufacturers, and networks, and this creates several points of failure. It is vital that owners take control, and chase these updates, as although at the moment there is nothing �vicious� that has been created, you can bet that many hackers out there are trying!
THE BIGGEST CONCERN - Virtual Private Servers are of grave concern. If the main operating system and/or hardware is not patched on a host server, then any child VPS could possibly get direct access to cached portions of the CPU intended for a completely different "virtual server" or client. This could lead to a major cybersecurity breach, and this should be the top priority for any network engineer who is responsible for delivering services on the cloud. To listen to the interview, click here."
Kids Cyber Security Smart Toys, the new IoT risk issued by eVestigator Simon Smith- 09 December 2017 - eVestigator® - "Simon Smith, Cyber Forensic Investigator and Expert Witness issues a Cybersecurity warning about Kids Toy Cybersecurity concerns, or otherwise known as Smart Toys and the risks involved. In an interview on Radio 2SER, he exposes some examples Cyber Security concerns that exist in Kids toys in today's marketplace in the leadup to Christmas that are necessary for parents to look out for.
"The IoT in the 'toy market' is not only often overlooked, it is very dangerous to adults too", Mr. Smith said in the interview. Simon pointed out some key Cybersecurity risks parents and family members should look out for when purchasing toys for children or loved ones this Christmas that uses standard home electronic protocols that can be misused to place kids in danger. As a Family Dispute Resolution Practitioner, he also brushed on the topic of the danger such technologies can have in family disputes which involve custody arrangements and messy AVO's.
As product and system developers continue to bring to market untested and imported goods, Mr. Smith stated he, "continues to see dangers in the quality and lack of common sense exposing our kids to Cyber Security risks now just as much - and if more - as adults. This is a new epidemic and can even place children in a very dangerous situation".
Mr. Smith has over 21 years experience in the IT SDLC/Software Engineering, IoT, Information Security, AVO, Family Law-AVO Investigations & Cyber Security & Criminology disciplines, and is an Expert Witness on the topic. He warns purchasers to "look into each electronic device, and its capability as to how it shares voice or visual data, how or if it pairs with external devices, and how, why or if it connects to the internet".
He recommends that this information should not come from a salesperson in a store, but should be well researched prior to purchase and states that "Toy Cyber Security should be a concern to everyone".
"We are used to worrying about the scary looking toys, and perhaps the video games that depict violence, but these toys bring reality into the picture", Mr. Smith said.
He said, "All you need is somebody with a motive, especially prevalent in Family Law and stalking cases to potentially plant a 'teddy bear' with remote listening and talking capabilities, and it would be possible to intercept AVO's, breach court orders, brainwash children - all areas I work with in strategic investigations in Family Law disputes and Cyber Discovery".
"Be careful this Christmas, you can always ask me or another professional if you are unsure", Mr. Smith stated. He urged not to be afraid to ask multiple questions of the manufacturer - as you have a right to know exactly what the device (as a consumer) is doing and where it is broadcasting any signals.
"If you have any concerns, contact the appropriate specialist, and if necessary, I would be more than happy to investigate the device for privacy and security breaches, as this is something I am very passionate about, especially when children's safety is involved", Mr. Smith said.
Listen to the Radio Interview on YouTube
Simon Smith discusses Blockchain with Reuters, the Government are "passing the buck"- 04 December 2017 - eVestigator® - "Recently in an interview with Reuters, Australia reported that it has recently hired HoustonKemp, a consultancy that is based in Singapore to build a blockchain-based system to record intelligence created by investigators and others, and improve the way important information is shared.
In an interview with Reuters, eVestigator cyber Expert Witness and Investigator Simon Smith said, "The government is just looking to pass the buck on to private industry".
However Mr. Smith is concerned that AUSTRAC have further problems that it needs to sort out, especially with the issues that will be brought up with the 'Royal Commission' into the banking complaints. Mr. Smith has worked on cases involving AUSTRAC, one that relates to his client, a remittance provider, the liability associated to that provider in relation to an international transaction which is currently before the Supreme Court of Victoria. It is Mr. Smith's view that having the benefit of dealing with major AML/CTF fraud, and laundering complaints - he has seen that AUSTRAC and the banks cannot 'sing together' now, and are by far too premature to go any further.
Also he states, "As a Blockchain programmer I can safely say that based on some of the claims, it is obvious that it is being used as a 'buzz word' as I cannot think of any major benefits especially as right now, I have over $500,000 of cases relating to Bitcoin untraceable theft. However I believe the word 'untraceable' in that case is being misused and fear the same for the Government's plans, so I don't buy it"
Live on ABC Radio to give tips on "International Fraud Awareness Week"- 03 December 2017 - eVestigator® - "Simon Smith goes live on ABC Radio to give tips on "International Fraud Awareness Week" - and adds more...
eVestigator, Simon Smith talks to the breakfast show host of the Far North Queensland ABC radio during 'Fraud Awareness Week' on some of the ways the public may be able to protect themselves. He speaks mainly of the trust factor, as most often people give away their credentials which is most concerning.
The most important advice I can give anybody is to understand that people behind the internet are still 'people'. Many people think that the person on the other end is someone they imagine they want them to be. We need to meet people in real life to know them, always ask for a second opinion.
To that he further adds the following tips:
"Simon says, stay safe :)"
A 'journalist' whilst playing "investigator" needs a lesson before playing judge and jury- 03 December 2017 - eVestigator® - "What happens when a 'journalist' gets it all wrong, turns into judge and jury, & denies a person their right to a fair hearing?
Simon Smith of eVestigator says, "Check your sources and don't interfere in the court process. Is that not journalism 101?" Jeremy Kirk, a supposed cyber-security expert veteran reporter, who has allegedly never solved a single cyber-crime decided to go on the attack and use credible "Twitter trolls" to source one of his stories, when evidence was given (and available) to him from reputable sources - with access to reputable documents, including court records that completely contradict a story he wrote misconceiving "chatter" on the internet for "serial stalking and criminal/civil harassment".
A sensitive tormenting topic which involves a jurisdiction and law (and history in which he does not understand - and directly involves the natural backlash a Cybersecurity Investigator gets when dealing with gang stalkers, extortionists, and hackers with a motive but surprisingly no evidence dating to a reason why Mr. Smith was subject to such stalking, so they invented one, and ISMG and Jeremy Kirk went with that).
There is such a thing in Cybersecurity called empathy and a human element, and people who do not understand what Cybersecurity actually is, or who practice it by definition never know or are faced with the Cybercrime element. This is what the research of a journalist should do when touching on a subject that involves emotion, victims and "missing pieces", "police statements", "unheard court cases", and nameless "twitter trolls", which public searches show sheer stalking. That is the point when an experienced journalist should stop, and "research" and think 'maybe this is not an even playing field here. Something looks odd'.
The full article can be found here. Having given expert opinion, expert evidence, expert Affidavit, and expert evidence on oath, I remind any journalist (and this is not legal advice but common knowledge) that
Section 18 of the Australian Consumer Law, which is found in Schedule 2 of the Competition and Consumer Act 2010 (Cth), prohibits conduct by corporations in trade or commerce which is misleading or deceptive or is likely to mislead or deceive. This has been held to extends to any entity depending on the circumstances, as a contractor or and person interfering with another person who is in conducting trade or commerce.
Media outlets may think they are immune to being sued under this law but that is far from true. Under the former law, The High Court found against a media organisation under the Trade Practices Act in ACCC v. Channel Seven Brisbane Pty Ltd  HCA 19. That decision related to false claims on a Current Affairs Program about goods and services. As for being immune as an employee, there is case law on that as well when you are in a position of editorial decision making power. My only advice is, "Leave it to the Courts". That should be always the way any dispute is dealt with when facts are at question."
Simon Smith comments on the Uber 57 million account breach and cover-up- 03 December 2017 - eVestigator® - "When will Australian's know the impact?
Upon reviewing the following article, Mr. Smith, in response comments on this massive security breach - where hackers were allegedly paid by Uber staff to delete stolen data!
"Now if I have never heard a story that has made me fall off my chair, it's this one", said Mr. Smith.
"I cannot say I'm surprised based on the business practice of recent. People place too much trust in these companies. I personally attempted to sign up to Uber to test their security a few months back and gave up half way. I made some personal notes which did not look too good for Uber.", he said.
"However, this is just the beginning. The company admitted that it failed to disclose the breach after twelve months, and only now Uber seeks to recover from the repercussions that came next after founder Travis Kalanick left in June.";
"Apparently, as many breaches start, an insider threat was created by two individuals who downloaded data from a poorly protected cloud-based server which Uber relied on. I have quite often warned people that cloud based security is not the issue, but the people who you entrust to manage the servers are;"
" "The data contained names, emails, mobile phone numbers and wait for it, 57 million Uber users globally. So now we can look forward to more identity theft, and blackmail, telemarketing and investment scams, all thanks to poor Cybersecurity;"
"Such a disgrace. I ask the Australian Privacy Commissioner to step in and to something in relation to disclosure of all Australians affected."
Cryptocurrency - is it secure? Simon explores still what is the weakest link in Cybersecurity.- 1 November 2017 - eVestigator® - "It has been a busy time for e-fraudsters. They have been thinking of new methods, and deriving
new strategies to mine cryptocurrency - figuring out complex algorithms and strategic DDOS points to hit. One such group of criminals that is targetting investors is not trying so hard.
In fact they are taking advantage of the weakness of human trickery, phishing. I now have clients who
between them have lost close to $1.2m to falling victim to 'DIY fraud' and it is getting all too easier for fraudsters to get away with it. I'll be keeping you posted as things progress. Also, I'd like to announce a new site where everythingn is in
the one place with regard to my activities. Welcome to https://www.evestigatormedia.com.au. I will have some news regarding the outcome of these complex cases shortly."
Simon Smith personally goes Live on Sky News Re: NotPetya with David Speers- 05 July 2017 - eVestigator® - "Hold off on the Chocolate for a little bit Australia as the 'Petya' or 'NotPetya' cyber attack has hit Australia - as to what extent and what method, it really is not 100%.
In Australia, it appears that:
Hobart - Cadbury (Confirmed) DLA Piper (Confirmed - could be in offices Melbourne, Sydney, Brisbane and Perth) Maersk Sydney (Now confirmed)
Australia has been reportedly hit by the alleged Petya attack which not only allegedly uses the same SAMBA exploit that WannaCry used, additionally it is alleged that it also broadcasts itself across the network looking for local devices.br>
Exactly how it got to Australia with open SAMBA is quite a mystery. There is talk of potential phishing and potentially a Ukrainian Accounting Software Package called MeDoc that led to the outbreak but many sceptics argue that the scale and speed of the attack is far too broad for just that.
Even worse, it affects the master boot record (MBR) of the PC, something of which is extremely malicious and stops you from being able to boot the PC properly. Samba is supposed to be used for network and printer file sharing. Patches have been issued many months ago by Microsoft for Windows systems, however boot level encryption is something only low level repairs can fix. Corporates should have had bit by bit "BACKUP SYSTEMS" daily in place, especially in production and manufacturing environments of which I have had over 10 years experience in the full Software Development Life Cycle in, an industry you cannot spare a minute of downtime.
Companies need to have daily block by block level minute by minute backups and further, offsite encrypted backups following that. I do agree on one point with the Government that computer users should not be tempted to pay any ransom in exchange for unlocking a computer, and well, now they can't as the email requesting Bitcoin has been shutdown.
I do however find that it is seemingly ironic of the Government to take this view considering their plan to fix Cyber Security Issues in Australia is to train and reward criminal hackers (not Cyber Security professionals) in an attempt to circumvent what they have admitted to inadvertently perceives to be a Cyber Security shortage in the industry, when hacking is not Cyber Security, and is rewarding the enemy.
There are serious concerns here for Australia I have regarding this, and it is the lack of quality in the development of software and solutions - combined with computer users not keeping up to date with basic patches and maintenance of their devices, and new software and product creator's rush to market and non-training and avoidance of the Software Development Life Cycle that give hackers this power (which the Government intend to endorse). The increase in Cybercrime is typically wrongfully attributed to an alleged increase in 'emerging technology', this, I say, is not so.
I provided intelligence of all the stopping points on both the WannaCry ransomware by reverse engineering the thundercrypt bitcoin email trail and a variant that was fresh into the marketplace to replicate it, and neither Government took notice. Both trails led back to the United States, and both trails gave intelligence which would give access to VPN's who would have connection logs of actual criminals.
Never do business with criminals as it funds their next attack, and there is no guarantee you will ever even get a decryption code as the case turned out to be, that it never was intended to work that way.
Patch your systems with Windows Update Don't let any person into your office that is unauthorised Do not click on any attachment in an email you were not expecting, there's no time for jokes Do not insert anything into your computer somebody gives you Get a backup solution that backs up your computer in a differential timeline approach so you can go back sector by sector to any second of time in the worst case scenario for any partition
Simon Smith asked to review novel for world famous author on the growing risk of Cyber-terrorism- 26 June 2017 - eVestigator® - "Simon Smith asked to review novel for world famous author on the growing risk of Cyber-terrorism
To my delight, I was approached by a very renown author to review on the back cover of his fourth book - my summary of the true to life nature of events he outlines in his novel.
Having built up a case list now spanning potentially almost every cybercrime one could imagine, for potentially every kind of intention, I have most certainly dealt with Cyber-terrorism and the workings of the criminal mind.
It will be an interesting scenario and I shall keep you all posted once the review is done and published as to the author and details. He is an editor, author, and well established and sought me out so I thought I would take him up on this opportunity (as long as he does not mind my honesty)."
Breaking News - Simon Smith tracks alleged 'WannaCry' related ransomware cyber-criminal (NOT in North Korea)- 02 June 2017 - eVestigator® - "Cybersecurity and Social Engineering expert / Forensic Investigator Simon Smith of eVestigator tricks a Ransomware criminal into turning their VPN off to uncover their real identity.
In his success in catching almost 500 Cybercriminals he puts it down to 'understanding the mindset' and the 'human element' and the technology comes second.
He has notified authorities and believes this finding will uncover enormous data over many of what he calls 'myths' about 'North Korea'. Simon Smith says, "He has proof this variant is not North Korea".
He invites Avast Mobile Enterprise (formerly Remotium, Inc.) Kasper Mortensen McAfee, Malwarebytes, BullGuard, Symantec and Avg Customer Care to contact him for intel to assist with their research efforts."
eVestigator Simon Smith releases a world view and raw data of 'WannaCry' tracing- 25 May 2017 - eVestigator® - "As promised, eVestigator Simon Smith has released the 'WannaCry' Email Domain Trail of 'WannaCry' tracing. As a social engineering experiment, and in response to intelligence from the email sent at 9:29 PM referencing an email from [email protected] to qwe uio became public domain - Simon Smith of eVestigator decided to create a domain name with privacy called qweuio.com. This domain name was not advertised and unknown. Of interest it found its way to various malware investigators, but it passed through some very interesting channels along the way. The identity of the domain was in some way advertised on Google, despite a negative robots.txt entry later - however all questions of knowledge of this site weigh heavily on the recipient of this email and those who would take a 'wild guess'. Mr. Smith draws your attention to the non-TOR locations, and the times. The TOR locations may be useful for researchers later on. However, Mr. Smith, a Cybersecurity and Cybercrime social engineer from https://www.evestigator.com.au is more interested in the VPN/Proxies that took an interest in this site and encourages the community to expose the addresses behind them. Even more alarming, Mr. Smith identifies what is, the first true IP addresses showing Spain and India, multiple times, and referring back to historical events, raises questions over the recent media in those two countries in relation to hacking, international arrests, or motives for researchers to look at. Following are the times and dates of the hits, and locations they show. The raw metadata and access ti the virtual mapping system can be viewed free from here."
Simon Smith interviewed regarding Cyberscammers and the ACCC figures on the Radio - Talking Lifestyle QLD,VIC,NSW- 24 May 2017 - eVestigator® - "Those who missed the radio interview on Cyberscamming, Cyberstalking, Cyber Security and Cybercrime relating to social media and the ACCC's statistics, we have provided a copy of the audio recording here for your entertainment! We discuss some statistics, some behavioural patterns and general advice on what to look out for with the various Cyber Scams out there."
11pm AEST 24/05/2017 Simon Smith will reveal Socially Engineered Thundercrypt IP Data- 24 May 2017 - eVestigator® - "Potential 'WannaCry' Exploiters early trails may show evidence to researchers that is useful in referencing back to the 'chain' of events", Mr. Smith said at a press conference today.
Simon Smith, Cyber Security Forensic Investigator, Software and Social Engineer expert will now submit to the public all IP traffic raw from Thundercrypt - engineered from primarily this conversation.
Smith used proprietary counter intelligence techniques to hunt down the potential originator of said exploitation and exposed an interesting origin which may match well with the BitCoin trail. Smith says that, "as a programmer, it is so very easy to open up the binary of an EXE and read the text string of a ZIP/UNZIP DLL and compare it with the same DLL in millions of places. I know TOR is involved but this also shows real IP's and those behind VPN's who should cooperate with law enforcement to provide true login credentials (as they do hold)". Smith says "this is a human method that may show insights to real locations, and real people, and well, has worked on hundreds of Cyberscammers and Cyberstalkers, and Cyberhackers - but this is a little different, but let's wait and see, it may be useful when matched to real TOR monitoring and real VPN statistics, and of course, real IP's".
Smith says on the 24/05/2017 he will show the world what data was received. It shows original IP's coming from India and Spain but mostly Spain. It could be also seen to have a US link. He gives this to others to add to their research.
Mr. Smith does not contend that this is going to find the Cybercriminals, but says, "at least he did something about it, instead of just talking".
VPN PROVIDERS ARE STRONGLY ENCOURAGED TO CONTACT LAW ENFORCEMENT MATCHING THE DATE AND TIME WHICH WILL BE SHOWN IN AEST - UTC-10, SYDNEY AUSTRALIA TIME."
Simon Smith appears on appears on "The Project" to discuss the Government's abuse of statutory power in the ATO $165m SCAM- 18 May 2017 - eVestigator® - "Mr. Smith, a strong advocate for justice, and successful Forensic Investigator and Cybercrime expert agrees that statutory malfeasance should not be tolerated and agrees with the Prime Minister that anybody who engages in such conduct should be subject to the highest penalty of the law.
The Deputy Commissioner of the ATO, Michael Cranston has been charged in relation to a $165m unprecedented tax fraud involving his son and daughter, Simon Smith (aka eVestigator) appears on "The Project" regarding the Government's abuse of statutory power."
Simon Smith appears on SBS World News to discuss Social Media Scams- 16 May 2017 - eVestigator® - "Recently the ACCC released a report on the number of social media scams that are reported. I personally, have seen more than the ACCC in money value. It is common practice for people to do one of three things. a) Nothing, b) Go to the police, or c) Contact SCAMWatch or some other department. With option b and c, you can expect a dead end. You are redirected to a website known as ACORN where you fill in all your information. Their name says they are a reporting network but their advertising says otherwise."
"Essentially what ends up happening is either the victim never hears back from ACORN, the victim hears back an extremely excessive amount of time later, the victim receives a brochure saying 'watch out online', as the police officer's that ACORN hand the case to cannot do anything about the case, and especially if it is an international case, they wrongfully state 'it is out of jurisdiction'."
"After option (b) they are left in serious trauma and come to me. I am able to catch Cybercriminals inside and outside of Australia regardless of whether they are hiding behind fake profiles. I have done so, and have attained justice for many people who have been turned away. This story was about the figures reported. The more serious problem is the lack of the police actioning the crime even after I provide them with the evidence on a silver platter. There have been cases where they have still said, 'out of jurisdiction' and I have had cases where they have used Interpol to make arrests."
"In a way, it could be argued that this lack of arresting cybercriminals adds to cybercrime. Something has to be done because the figures do not match. Here is a link to the broadcast on SBS World News."
Simon Smith to speak at the world first Virtual 3D Global Summit on Technology Enabled Abuse- 04 May 2017 - eVestigator® - "Gain access to world renowned experts who will empower you and your organisation to manage the widening threat of Technology Enabled Abuse
Here's your chance to rapidly upskill your knowledge on a complex topic.
Simon Smith is lined up as one of the Global Experts to speak as a Cyber Security Expert and Forensic Investigator at the "1st Virtual Global Summit on Technology Enabled Abuse" - A first of its kind, and truly a worldwide event not to miss. It is a 3D Summit and Exhibition focusing on Technology Enabled within the workplace. This summit is offering organisations a pathway towards overcoming the silent epidemic.
This Summit brings you one of the biggest global agendas for the 3rd Millennium. A complex topic, addressed is the harsh realities of Cyber Abuse, Cyber Harassment, Cyber Bullying and Cyber Stalking in the workplace.
Join 30+ expert speakers, government and industry leading organisations from across the globe and learn how you can reduce the impact of Technology Enabled Abuse. Click here for the Respect Campaign Link.
For a limited time only (see website for availability), claim your complimentary admission to the LIVE 3D Summit and Exhibition.
"Gain access to world renowned experts who will empower you and your organisation to manage the widening threat of Technology Enabled Abuse."
Trans Disciplinary Approach
It is time to stop, put down our devices, close our laptops, take a long deep breath and do something that we humans are good at. We need to think. For too long we have focused on the Internet as a diet of data, devices, and tech experts. Now its time to turn our focus to the greater socio-technological implications. We must look at human behavior, the good and the bad.
And we need to start talking more - and looking for answers and solutions.
The best approach is trans disciplinary. The human migration to cyberspace has been unprecedented and rapid. We need to stop expecting individuals to manage all things cyber for themselves or their families. Science, industry, governments, communities, and families need to come together to create a road map for society going forward.
The program covers topics such as: Cyber Harassment, Cyber Bullying, Cyber Stalking and Discriminatory Behaviour.
Join 30+ expert speakers, government and industry leading organisations from across the globe and learn how you can reduce the impact of Technology Enabled Abuse. At Home. At Work. At Play.
Simon Smith t/as eVestigator has over 21 years experience as a Master Computer Programmer and University lecturer dating back over 16 years in advanced computer programming and for the last six years has been utilised as a Digital Forensic Expert Witness and Private/Factual Investigator, as well as an Expert Cyber Security Investigator and Auditor and Data Recovery Expert.
He is also a Cyber Security Analyst, Mobile App-Store Developer and a Computer Systems Source Code Auditor and Reverse Engineer - and often called as an Expert Witness for the Courts. Simon offers a vast range of Specialist Investigative and IT services. Appearing first in Australia as a Today Tonight Cyber-bullying Expert, he has since appeared numerous times on "A Current Affair", "The Today Show", the "7:30 Report" and "Today Extra's" on his successes in tracking Cyberscammers in dating and major High-Tech crime cases. He is a Cyber-Crime Forensic Investigator, with experience in Insurance Risk Analyst, Data Loss/Prevention, Online/Offline Fraud, Intellectual Property, eDiscovery / Due Diligence and an Education Industry Expert.
Simon concentrates as an Expert Witness in the very rare field of Cyber Forensics and is an expert in catching Cyber Stalkers and White Collar Cyber-crime and has succeeded in cases where even the High-tech police divisions have not been able to assist. He has been able to locate offenders without any trace of an IP address and shorten litigation due to his extensive knowledge. He has identified through his unique talents over 150 cyberstalkers, and $75m worth of cyberscammers.
We want you to be part of the solution.
Please visit https://www.therespectcampaign.com/summit/ for all necessary details.
Simon Smith, eVestigator on A Current Affair discusses 'Clone Websites'- 03 March 2017 - eVestigator® - "Simon Smith, eVestigator, an expert Cyber Fraud and Cyber Crime Forensic Investigator tells "A Current Affair" about Ann's story in an effort to bring some justice back to Ann and her husband. Mr. Smith located the clone website his prior customers' Ann was the victim of. It was hidden behind a real company website to provide a false sense of trust, a tactic called social engineering. Note: Mr. Smith was only commissioned for a very short time on this task and was directed on other crisis for the couple shortly thereafter.
Ann, working in finance is a very smart lady, yet behind this false cybercrime impression, this fraudster socially engineered the bank, not Ann and manipulated breaches in what Mr. Smith considers 'negligent identity theft internet fraud', which the bank detection system aided the fraudster in allowing online. Mr. Smith tracked this permission based activity from india. Due to a lack of police care, bank effort, and other crisis going on at that time, that is really as far as it went, apart from being promised a full investigation.
Ann lost over $200,000 to fraudsters and what was not covered in the story was the bank's excuse that it somehow it is all Ann's fault, a 65 year old lady who has lost most of her assets. This is a reasonably new fraud that could sting pretty much anybody as they work on a person-person basis using real names and real company websites to back them up.
Mr. Smith spotted the bank's public advertising stating consumers are 'not liable for the fraudulent or negligent conduct of '**the Bank**' staff or agents'. As a master programmer with 20+ years of industry experience, he simply stated, "their security systems are in my expert opinion programmed to a level that is inferior and substandard. They don't appear to detect a simple foreign IP address as a trigger which any other bank would immediately action. A monkey might as well have written them.
As an expert in policy, advanced computer programming and fraud detection, cybercrime and social deception, with a Graduate Diploma in Anti-Money Laundering and Counter Terrorism Funding, and plenty of experience, Mr. Smith has done many investigations into this kind of fraud. Ironically, not as you would expect, the liability most of the time ends up back at the bank, based on a finding of a lack of due diligence and capacity to create a sophisticated algorithm that "has to analyze behavioural trends, request headers and build a regression offset to trigger an alert", Mr. Smith said.
In this case remembering back, Mr. Smith states he tried several attempts to mediate with the bank as a Nationally Accredited Mediator and Dispute Resolution Practitioner. He was appalled at what they did to Ann as he states, "they owe Ann a duty of care and they breached their that. They promised her a call back and investigation more than 1.5 years ago and had the nerve to hang up on me. To this day, the shameless bank still has never called back."
If you wish to check out Mr. Smith's profile, or wish to brief him on any Expert Witness or Cyber Investigation matters or make media contact please see below:
LinkedIn: http://www.linkedin.com/in/simonsmithinvestigator eVestigator: http://www.evestigator.com.au Direct: +61410643121 Email: [email protected]"
Cyber Security Master and Mentor says the Hon. Minister Tehan's Cyber-defence strategy promotes false jobs- 14 April 2017 - eVestigator® - "Mr. Smith has provided the media with extensive coverage as to the flaws in the Minister responsible for advising the Prime Minister on Cyber Security."
"Mr. Smith issued this press release to the media, and it made its way to millions of Australians. Mr. Smith, Australia's leading most experienced Cyber Security and Social Engineering expert found literal flaws and false promises in his so-called plan. In fact, Mr. Smith found that the wasted millions of dollars he Mr. Tehan was thinking of giving to hungry 'Diploma Mill' Universities who could not possibly teach the skills required, would not only set potentiall students up for failure, but would create false expectation for jobs that would not exist, and mislead and deceive the public."
Simon Smith identifies a $200,000 South African Cyber Scammer- 15 February 2017 - eVestigator® - "Another day another cyber fraudster. This was a good one. Via reverse social engineering, I finalised with a cup of tea and a great chat on the phone with his American accent as I was writing my report. After 5 years of the police placing "exhaustive" resources and trying "relentlessly" to find this person, I had the full identity and details, date of birth, phone number, record label, family details, facebook profile, life story, home phone number and a good old chat too."
"It was easy for me, and yet again it surprises me how these people think they can get away with these crimes. There he was with his nice looking clothes at the expense of others, even showing pictures of boarding aircraft, funding his record label. Little did he know his entire world was about to come crumbling down. After he switched between about 7 countries on his VPN I managed to attain his real IP address."
"Dare I say it's off to prison for a very long time for this one."
Simon Smith appears as a world expert on cyber security on SecurityNow exposing myths, discussing cybercrime and AI- 31 January 2017 - eVestigator® - "SIMON SMITH LIVE VIA PODCAST IN AN INTERVIEW WITH KEN HESS AND PRESTON SMITH
Simon Smith of eVestigator joins a discussion with the 'This Week in Tech' SecurityNow Guru's in an exclusive interview via Podcast.
SecurityNow began during Cybersecurity month (October) 2016 and has contributed to the cyber IT community immensely. The guys behind it are absolute 'guns'.
Their primary focus is personal and corporate cybersecurity, and they do it brilliantly. Take a look at their website. To be interviewed by them is certainly a great honour.
eVestigator appears on A Current Affair discussing Uber accounts for sale on the Dark Web- 11 January 2017 - eVestigator® - "Cyber security expert Simon Smith found several instances of Uber details being found on the dark web, an encrypted part of the world wide web that is often used for all sorts of illegal activity." "On the dark web, I was able to find Uber accounts especially, at a premium price of four dollars," Mr Smith said." "It's a matter of account details, because those account details unlock accounts of all the others - like Google Wallet and PayPal and credit card details. It's almost a trusted key lock that Uber have and once you've got into Uber, you've got into everything else." "My strong advice to everyone is to change their password because it is quite likely that hacks are performed from stolen accounts gained from other sources."
eVestigator completes the Stanford University online extensive Cryptology Certification- 01 January 2017 - eVestigator® - "Simon Smith is proud to announce he has completed one of the hardest and strictest certifications ever.
Created by Professor Dan Boneh of Stanford University, Stanford have produced an extremely thorough online certification well respected by the industry. Cryptography is an indispensable tool for protecting information in computer systems. In this course you will learn the inner workings of cryptographic systems and how to correctly use them in real-world applications.
The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two parties generate a shared secret key.
*Stream ciphers, cryptography, pseudo-randomness, encryption, secure encryption.
*Block Ciphers, more powerful forms of encryption, AES/3DES, using block ciphers to provide data integrity, build an encryption/decryption system using AES. *Message Integrity and classic constructions for MAC systems that are used to ensure data integrity, how to prevent modification of non-secret data, encryption confidentiality and integrity, authenticating large video files, hash chains.
*Authenticated encryption, encryption methods for confidentiality and integrity, search encrypted data, studying symmetric encryption, key management and public-key cryptography networking a ciphertext attack on a sample website.
*Basic key exchange, setting a secret key between two parties, consider protocols secure against eavesdropping, the main concepts of public key cryptography computational number theory and algorithms dating back to antiquity (Euclid) working up to Fermat, Euler, and Legendre. Also covering concepts from 20th century math and constructing several public key encryption systems.
*Public key encryption, deep learning on how to encrypt using a public key and decrypt using a secret key. Public key encryption used for key management in encrypted file systems, messaging systems, and devices.
*The two families of public key encryption systems, one based on trapdoor functions (RSA in particular) and the other based on the Diffie-Hellman protocol. Constructing systems that are secure against tampering, otherwise known as chosen ciphertext security (CCA security) and CCA secure public-key systems. Cryptographics mathematics for public-key advanced encryption techniques."
eVestigator® appears live on Channel 9 to discuss Dating Scams & police neglect- 05 December 2016 - eVestigator® - "Simon Smith of eVestigator, went to Channel 9 with a recent dating scam victim, Christine, for a quick chat with Sonia Kruger and David Campbell about the devastating effect that cyber victims are facing when they are looking for love on 'dating sites'. It is an absolute pity that people are victims to these crimes. Some notes for everyone out there, some of which we did not have time to say live this morning:
1. Look local. Ensure you call the person on a real mobile number and they call you back from that same mobile number.
2. Ensure you meet the person in a reasonable time frame somewhere public.
3. An online dating site is not for dating. It is to simply introduce you to a real person.
4. If a chatter does not want to be a real person within a reasonable timeframe, say bye bye!
The broadcast is available here."
eVestigator® featured on the 7:30 report (ABC) regarding cyber scammers- 01 December 2016 - eVestigator® - "Simon Smith appeared on the ABC tonight reporting on his experience in dealing with the victims of scammers who manipulate people's weaknesses to extort money in relationship scams. The full article is here."
eVestigator is invited to talk Cyber at the Secure Utilities 2017 Conference- 28 November 2016 - eVestigator® - "Simon Smith of eVestigator will be presenting a very hot cyber topic at this event to CIO's, CDO's, down to Analyst's of high profile utility professionals. The topic is 'so hot right now'. It is entitled "Cyber security: your people are your biggest risk". The topic is not only presented in a fun and charismatic way, all people have the opportunity to be involved in the engaging abilities of Mr. Smith and see just how simple it is to 'let down your guard' in a simple innocent way in a very damaging territory."
eVestigator® has yet another win this time in a workplace claim- 18 November 2016 - eVestigator® - "It does not have to be all one's and zero's. The same common sense principles applies to all good forensic evidence principles. It is safe to say and expected that every lawyer will do their very best for their client and omit as much information as possible."
"It is also fair to say that I will do the very best for my clients and uncover as much information as possible. The benefit to being an investigator and a mediator/dispute resolution practitioner is that you have the ability to not need to 'seek instructions' and you can think on the spot. In this instance, this was not a workplace investigation, but more a simple advocacy role which gave rise to almost being a workplace investigation."
"Suffice to say that through traditional and well founded techniques (those used in recent cases where I was able to save cases where people had spent hundreds of thousands of dollars on lawyers to no avail) this case resolved to the satisfaction of my client and it was a great success. All members of the public, whether behind a private company, the police force, a statutory organisation or a sporting club have to remember that common sense prevails all in an investigation."
"Politics, playing games, and scare tactics have and never will bother me and only show weaknesses in the other side. I succeed from evidence. My clients' who have been able to see the outcome from a process of planting the seeds and seeing them sprout, can all very much say that when they sprout, they blossom into a garden so bright - they never could imagine. This is the situation with my next case which will be the subject of a further blog. A damaged case in need of serious fixing due to negligence of representation. If only one would take five minutes and look at disputes from a common sense approach? How different would the world be?""
eVestigator® Simon Smith achieves what three lawyers and $200,000 simply cannot- 16 November 2016 - eVestigator® - "In an absolute marvel of strategy and intelligence in a Family Law related strategic investigative matter (a specialty of mine as an FDRP) I was able to create an outcome that a suffering Mum who has been tortured for over 3 years, had been subject to emotional and exhausting distress, had been vindicated by the courts and told false information by lawyers who almost took her home that concluded her case sharply. I did this at a tiny fraction of the cost and it was done by investing in strategy. It is great when you hear a mother say to you, 'You have saved 2 lives, thank you so so much'. I work for many reasons. I will be frank with my readers, I can do a lot more with my skills for the remuneration I charge, but this actually changed the life and living hell of two living souls."
"It is something that made me and all her supporters happy. Sometimes the legal system is a form of entrapment itself. Sometimes you have to think outside the square. If there is anything that I can say to anyone that is getting drawn left, right and centre by the Family Law horrors, you need to speak to me. It is not all as it seems. The judge is not always right. The lawyers are not always right. The court staff are not always right. The procedure is not always right. In this instance, I picked up an error in 5 minutes that the lawyers should have seen on day 1, saving hundreds of thousands of dollars changing the entire jurisdictional capacity of the court. That is something that makes quite a difference. You sometimes DO NOT get what you pay for. The amount of family law matters I have rescued with good solid evidence and my capacity to understand entrapment and the mind of the 'stalker/troublemaker' helps me to develop a strategy to counter challenge them. A lawyer is often needed but they are often silent and too scared to say anything in court that is not text book stock standard. Sometimes you have to look at common sense and work backwards, as in this case. This was very successful."
eVestigator® Simon Smith achieves Department of Homeland Securities Certifications- 12 October 2016 - eVestigator® - "That makes two now both the Recognised by the Department of Homeland Securities National Initiative for Cybersecurity Careers and Studies (NICCS) and the US National Cyber-Security Workforce Framework."
"Both are listed as US military endorsed certifications, I am now a Certified Forensic Hi-Tech Investigator (CFHI) - McAfee Institute and a Certified Cyber Investigative Expert (CCIE) by McAfee Institute Inc."
"The CFHI is one of the most elite computer and mobile Forensic Investigator certifications that ensures that are trained in advanced and state of the art methodologies designed to help identify, investigate and prosecute the most sophisticated types of computer crimes known to man. This Certification program focuses on enhancing skill sets as a "Hi-Tech Forensic Expert" which takes a blended learning approach of self-study, live interactions, and instructor led labs that will help you to learn how to conduct successful computer forensic investigations with powerful new concepts to prosecute the guilty."
"Taking over 25 years of hands-on experience of conducting forensic investigations, cyber-investigations from the private, public, and government sectors around the world and sharing insights into what contributes to success and failures. The CFHI Supports the National Cyber-Security Workforce Framework (Homeland Security). The National Cybersecurity Workforce Framework supports the nation's cybersecurity workforce development efforts. The National Cybersecurity Workforce Framework provides a simple, standardized way to define cybersecurity work across multiple sectors. The National Cybersecurity Workforce Framework provides detailed descriptions of types of cybersecurity work, the knowledge, skills, and abilities required for each area, and descriptions of common specialties."
"The more expert credential, the Certified Cyber Investigative Expert (CCIE) provides evidence of expertise in the areas of cyber investigations, law enforcement, loss prevention, fraud investigations, deception detection, and leadership. The McAfee Institute has partnered with the Dept of Homeland Securities National Initiative for Cybersecurity Careers and Studies (NICCS) and is listed on their site as a provider of professional certifications in this space."
"All in all - I always maintain that nothing beats the 20+ years of real life hands on experience and 27 years of programming experience from an 11 year old boy! They just do not teach that in schools and no University or Qualification compares to the low level learning you get from the fundamentals of being a programmer and learning all other jobs around it."
eVestigator Simon Smith, Cyber Forensics Expert is tells the world about Cyberbullying- 08 October 2016 - eVestigator® - "Simon Smith aka eVestigator is very passionate about the effects of Cyberbullying and discusses how widespread it is. It does not just belong to one area. He discusses its application in family law disputes, social media, workplace environments and online defamation cases. Click here to read the official press release. Verbatim of the release is below.
Has Cyberbullying Become an Epidemic in Schools, Workplaces and Businesses?
Simon Smith, aka eVestigator, a Forensic Renown Detective and Certified Cyber Investigative Expert explains how society has gone too far with Cyberbullying.
If you would like to learn more about Simon Smith, eVestigator, please feel free to visit his website at www.evestigator.com.au.
MELBOURNE, VICTORIA, AUSTRALIA, October 7, 2016. In Family Dispute Resolution, Workplace, Corporate Relations or Civil cases Mr. Simon Smith aka eVestigator explains that he has witnessed some of the worst behaviour that one could ever see, just for the purpose of attacking one's character. "Many of my customers are in complex disputes and require my services to assist more with the strategy of fixing and finding correct online evidence or omissions done in malice by one of the parties that have misdirected them rather than the actual evidence itself", Mr. Smith said.
Take Family Dispute Resolution cases "gone wrong" for example. "This is just one area that I choose to devote my time to, but I do this for the children, as they are the ultimate losers in these cases. I often have cases where there are 2 or 3 intervention orders flying around, amongst conflicting family court orders. Also, dare I say, respectfully negligent or uninformed lawyers who have not helped the problem by failing to listen to client instructions, file documents, or protect their clients' interests, or the 'best interests of the child' in many cases - some of which I might have resolved at the beginning." Being a Commonwealth Family Dispute Resolution Practitioner, "mediation is getting less favourable to mudslinging in this space", Mr. Smith said. "Family is complex and there are no black and white answers", Mr. Smith explains (who is also ironically a Marriage Celebrant). However, the epidemic of mudslinging goes far and beyond this area of his cases. He has noticed an increase in cases of cyber bullying in the workplace, in schools, and believe it or not, in the corporate world. "Much of my work is now directed at very serious defamation cases where Corporations are facing the injurious nature of the danger when one disgruntled employee or competitor posts a false review which skips any verification, and what it can do to their bottom line. In fact it has created a new industry (ORM) - Online Reputation Management." Without mentioning any names, Mr. Smith states that he is preparing the possibility to give evidence for one of his clients' against one of the worlds' largest "Goliath" Companies regarding defamatory material reproduction, assisting in the calculation of the forensic quantification of damages. "I then look at my cases that cross over to the workplace, that show complete disregard for the Human Rights Charter or Fair Work Act. This week I was extremely disappointed to hear about the conduct that had been occurring against a young girl who was an employee for many years with a story of dismissal and long term cyber bullying against her over the last four years." Mr. Smith explains that in this case, he put stop to it fast - and ensured that the relevant award conditions were met and proceeded to investigate the Company and found many other breaches, such as non-compliances with Workplace Health & Safety, pay rates, superannuation entitlements and more.
"I have also been involved in cases involving cults, child-stealing and mind manipulation, death threats, people held at gunpoint, all of which start off with an innocent chat on the internet, which turned into cyberstalking and/or extreme cyberbullying." Mr. Smith talks of a case which must remain anonymous that he has been requested by his client, at the request of the police (due to its size), to put together a 'simplified' format timeline VIS (Victim Impact Statement) to report the enormity of the crime spanning 4 years. Such a statement has taken months and consists of a series of traumatic events that could potentially end up leading to a lifelong jail sentence to alleged offender when and if prosecuted. Such allegations consist of multiple counts of online stalking, online defamation, online impersonation, perjury, extortion, drug cultivation, online identity theft, rape, being held hostage at gunpoint, financial crimes and much more. Mr. Smith explains that dealing with the victim and extracting the information and evidence in itself is "a challenge to say the least, and a learning experience in human nature" and looks forward to his client gaining justice.
"Why is it that there is so much fun in hate?" Mr. Smith says. "There are websites that are built to report false crimes that harbour a new industry of online negative SEO extortion businesses that purport to remove your entry from search engines." Mr. Smith strongly recommends to not be fooled by any such scam and states that he has succeeded by professionally removing unlawful content from the internet via proper means, and further identified defamatory publishers, even without an IP address and provided evidence before courts in Australia in relation to posts relating to identifying Facebook posts and more. He has further identified the original owner of multiple fake Facebook accounts and cyber stalkers, and assisted his clients by directing them to the process of gaining IVO/AVO's and/or reporting correctly via the police or ACORN.
He has also successfully worked on cases closely with counsel to find the evidence needed to identify the person responsible for posts and threats on almost every social network platform there is, as well as all the popular free email providers that exist which block the senders IP address. After succeeding in his last case, finding a cyber stalker who thought he was smart using a VPN, and further finding a purported hacker who left his GPS coordinates in his work Mr. Smith has one statement to make to these people. "I have news for all stalkers out there. If you think you are safe behind your VPN or TOR browser, as a developer of an Apple iOS App Store, and expert programmer of 20 years, and based on other cases, it will not stop me from finding you!"
Mr. Smith is a Computer Digital Forensics Expert. He is http://www.evestigator.com.au, an expert in security, fraud investigation, a Certified Cyber Investigative Expert, Ethical Hacker, Detective Nationally Accredited Mediator and Family Dispute Resolution Practitioner and is briefed as an Expert Witness by Lawyers or directly engaged.
Simon Smith eVestigator Cyber Forensic IT & Expert Witness Services 0410643121"
Yahoo's consumer integrity questioned over 2yo cyber breach of 500m users- 28 September 2016 - eVestigator® - "The consumer, their privacy and corporate priority - what comes first?
In light of Yahoo's recent announcement that back in 2014, they were subject to what may be one of the largest cybersecurity breaches we have ever seen, compromising over 500 million yahoo users personal information, as a dedicated advocate for consumer privacy and security Mr. Simon Smith, a well known cyber investigator stands shocked.
"This is to me, beyond a disaster. Consumers have an automatic trust in the use of these services. They truly believe that due to the brand they are dealing with, they are protected." "In Yahoo's announcement it states that they are taking action to protect their users." Mr. Smith said. However Mr. Smith, having several Qualifications in Cyber Security, Risk Management, Investigations and Mitigation has expressed concerns that this does not seem fit with the 'timeliness' and 'priorities' of some of the high-tech computer crimes he has investigated from the 'other' large search engine and email provider.
"They have accused the 2014 hacking to be the work of a 'state sponsored actor'. Is there evidence of this? I note that this accusation of cyber-terrorism still does not deflect the fact that there were insufficient mechanisms to protect user data. However, in looking at the history of this word, I checked out who else has used been the 'victim' of a 'state sponsored actor'."
Mr. Smith performed a minor investigation to see if this may be a typical scapegoat that is used, and if it can even be proven. It has not been disclosed in this case that it has been proven. It seems that in Mr. Smith's experience, "I have noticed this in reverse with so-called cybercrime and banking fraud. Consumers forget that banks guarantee their credit cards against fraud, yet certain banks in cases I have investigated have diverted their customers to police (which is certainly what should happen) but have failed to advise them that they may have a legal liability to reimburse them for their loss." In Mr. Smith's investigation into the 'state sponsored actor' theory, he found that economic sabotage is a cause that some countries have used in the past that has been proven, but facts are scarce. In Verizon�s 2013 Data Breach Investigations Report (DBIR), on their word it was estimated that a figure of 20 percent of above 47,000 analysed security reports were attributed to state affiliated actors. In the real world most of the major cyber crimes seem to lead to cyber-terrorism and cyber-warfare.
"I am not comfortable in making a statement about that until Yahoo can show evidence. However, I can say that the following questions should be asked:
1. Why does it take a leak and a potential extortion attempt to tell your customers almost two years later their data is stolen? It is uncertain if Yahoo were fully aware. They have stated it is an 'ongoing investigation'. For yahoo to immediately claim that it is a 'state sponsored actor' does indicate that there must have been prior knowledge; so
2. Why weren't the 500 million users made aware of the breach of their privacy and password and personal information enforcements made mandatory?
3. Why does it take a potential or purported criminal activity to spark exposure to the media. Yahoo is a commercial company subject to the same Corporation and Privacy and Consumer Protection laws as any other."
"It is my opinion that a cyber-security breach starts and ends in the hands of the company", Mr. Smith said. As a financially equipped company, experts are and should be engaged to monitor and block cyber attacks, and at the very minimum, there are standard protocols that every cyber-security trained expert knows to do on immediate attack to avoid damage and mitigate losses, Mr. Smith asserted.
"It is, in my opinion, no excuse to blame others. The public should have known, Yahoo should have their own experts, and if it is going to be labelled a 'state sponsored actor' attack, it would be more comforting if there was evidence in support of this, like a finding of fact from a court." Mr. Smith, Cyber Forensics Renown Detective from www.evestigator.com.au stated confidently.
eVestigator® PRESS RELEASE: eVestigator® warns the public about the cyber-risk of Pokemon and Augmented Reality in the wrong hands
eVestigator® discusses cyber-security issue in recent Tesla Car WiFi Hack- 21 September 2016 - eVestigator® - "Where is the world heading when the Cyber World with the Real World?
Cyber Forensics Computer Expert Simon Smith discusses the Danger of Remote Control Wi-Fi Tesla Cars
In response to recent media coverage exposing wirelessly hacking of a real Tesla motor vehicle, Simon Smith from www.evestigator.com.au is shocked to hear that the manufacturer is offering hackers bounty money to find further flaws in their security.
As a seasoned high-tech expert software developer first and foremost, any person in the industry understands how a systematic Software Development Life Cycle works. The testing phase is not left to the wilderness of hackers for reward, especially when the product is already on the consumer market and already has the ability to endanger lives. A software development company must have experts internally that can satisfy their customers internally.
For just $38 USD, one can purchase a WiFi extender device that will extend a simple signal for approximately 8 km at a dB level of approximately 200mw. I do not encourage this as this level is illegal in Australia. However my point is that technically any enthusiast can build a long range WiFi link over an extended line of sight peer to peer network offering various spoofed WiFi hotspots, not dissimilar to the method demonstrated in the recent article that shows 'Keen Security Labs' fooling the Tesla's auto-pilot system. Tesla's comments that their "realistic estimate is that the risk to our customers was very low" in my opinion is not assuring enough. It is already known to consumers that Wide Area Networks exist in our major cities, offering internet access freely and that technology exists now rather cheaply for cyber hackers to spoof such networks that the Tesla vehicle (if following normal WiFi client protocol) may be broadcasting its presence to the outside world exposing itself.
Fake WiFi hotspots purporting to be trusted hotspots are a common hacking trick that is seen in cyber crime and phishing these days. The very nature of WiFi clients (unless purposely built against protocol) is to broadcast client beacons periodically through the air advertising their existence, and sometimes the existence of previous hotspots they have connected to. This in the past has been used to reverse engineer WPA2 security technologies and spoof existing networks by replicating their expected SSID purporting to be a "trusted connection".
An example of WiFi hotspot spoofing is as follows: Imagine being parked outside McDonald's, and connecting to a free McDonald's hotspot - but what you do not know is that you are connecting to a device held by a person in the car park and all your passwords and traffic are running through his eyes first in plain text before him. In a vehicle situation, it is well known that a CAN bus of a modern day car is a 'local' Controller Area Network built inside the car, for that very purpose, and in my opinion has no purpose or place outside of that car. This flaw is a demonstration of when the "Cyber World interferes with the Real World". One thing consumers need to remember, and this is something I see everyday, is in the Cyber World, the controller is still a human or humans but we forget to focus on who is controlling and monitoring those humans?
The weakness in any computer information system is the human. In the Cyber World the human is unknown. We are going to see more and more cyber security risks like this that turn from augmented reality (like my PR on the dangers of Pok�mon Go) to cyber reality like this. I have to say ladies and gentlemen, welcome to Cybergeddon. The line has been crossed and something needs to be done. Life is not a game, neither is our privacy or human rights. We should be concerned."
Simon provides intel to SAPOL. Lack basic cyber knowledge. Video forensics cases- 07 Sep 2016 - eVestigator® - "In our own backyard, just a ping of about 10ms away - a syndicate may have been busted. As I prepare my report and finalise the case, these people should not be going anywhere fast."
"It is becoming all to much a familiar scene, and I am noticing a very strong pattern with bank staff members being involved. I started to first become suspicious of the banks 'fraud departments', early last year. It is my opinion that they are more adequately called 'counsel chambers'."
"Nevertheless taking advantage of vulnerable sick people is something I won't stand for and I will be taking this to the police and ACORN, but more so will be fighting for prosecution on behalf of my customer as per his rights. This is not going to be a case that goes under the carpet. However, the challenge here is not what you would think. It is that SAPOL says go to ACORN, ACORN says send it to SAPOL, and SAPOL says 'Why did you send it to ACORN?'. After that, SAPOL showed my customer a complete disregard for the evidence and demonstrated a complete lack of understanding of simple basic Internet logic.
For example, they expressed the view that a reverse email check on a Facebook account somehow had something to do with WiFi and did not see the link that you need an email account to make a Facebook account. They also showed an incapacity to understand the definition of "malware". The customer sent a link to a raw JPG file. The JPG standard was established on March 1, 1991 in a meeting at C-Cube Microsystems involving representatives of many companies, including C-Cube Microsystems, Radius, NeXT, Storm Tech, the PD JPEG group, Sun, and Handmade Software. The standard appears to have lost ownership, since C-Cube Microsystems is now defunct, and further development of the standard is dead. The latest version is v1.02, published September 1, 1992. JFIF has been standardized by ISO/IEC 10918-5:2013, ITU-T T.871 and Ecma International TR/98.
In 1996, RFC 2046 specified that the image format used for transmitting JPEG images across the internet should be JFIF. The MIME type of "image/jpeg" must be encoded as JFIF. In practice, however, virtually all Internet software can decode any baseline JIF image that uses Y or YCbCr components, whether it is JFIF compliant or not. The SAPOL not only refused to investigate the physical lead to a real address but the IP address lead that came from the presence of the JPEG file being viewed which has a standard format incapable of running any executable code whatsoever, and therefore their label of "malware" simply shows their incorrect capacity to understand one of the most simplest codecs on the internet today. Furthermore, the ALRC has already ruled that an IP Address is not personal information for the purposes of the Privacy Act and it is the very foundation of the Internet. Further, the Commonwealth have even enacted laws surrounding the capturing of much more meta-data from every internet user years ago forcing ISP's to store such data.
I naturally disagree with both SAPOL's incorrect understanding of technology yet respect SAPOL's decision to completely ignore evidence, as my customer had 2 solid leads and SAPOL did not even consider looking at either of them. It is up to my customer to now exercise his rights from this point. The public must be made aware however, that if they report a Cybercrime, this could be where it starts and ends."
"On another note, a very successful forensic case result has been accomplished. People forget that when you have almost 25 years in the raw design and binary design of codecs and file formats you are not just 'a library programmer'. In a recent case I was asked to prove the age of a very discerning MP4 video."
"This video was disturbing a couple and causing pain in their relationships. The MP4 protocol has grown with time and time is a forensic investigator's best friend. The answer to their question lied in the true age of this video. An MP4 file is a video file that contains video and/or an audio stream or both. It consists of the following open source components:
Each library compiled forms the tools to create a point in time version of an MP4 file. Each library carries with it a version number, all stored within the encrypted binary stream of the MP4 file. Amongst much other technical meta-data which I will spare, it carries an important allrounder piece of data explaining the codec and its compatibilities: eg. CodecID_Compatible : isom/iso2/avc1/mp41.
"In this case the client was required to forensically prove that this movie was not recorded more than eight years ago, and was not re encoded from one that was. Forensically, the first task was easy. I established the 'libavformat=Lavf56.25.101'. Simply, from the specifications, I know this to be part of a release called, 'FFmpeg 2.6.9 "Grothendieck" 2.6.9 was released on 2016-05-03. It is the latest stable FFmpeg release from the 2.6 release branch, which was cut from master on 2015-03-06. Amongst lots of other changes, it includes all changes from ffmpeg-mt, libav master of 2015-03-06, libav 11 as of 2015-03-06.'. That was the evidence required as 'Lavf56.25.101' until 2015-03-06. First forensic fact found. This video is at most 1.5 years old."
"Next I never leave a stone unturned, as I also have to look at the evidence from a potential ethical hacking perspective and determine if it could have been an older video simply re-encoded? This was quite easy. Over the years the MP4 codec and ISO standard has changed dramatically, mostly due to DRM protection laws and hardware changes by manufacturers and the increase in online media purchasing. After examining the specs of what was available in technology for an 8 year old MP4 file, I determined it was physically impossible to produce the MP4 file in front of me whilst maintaining the same such degradation in quality from the flaws of inferior codecs were not present in the playback of the video, evident by the ability to maintain the bit and sample rate as well as the colour depth, audio channels and resolution at that file size with the same lossy compressor, and furthermore such attempts would physically be at a different speed or frame rate, or at least appear to be, and would look jumpy or degraded to the naked eye. None of these signs showed."
"Simon Smith is an expert in all kinds of document examination. Electronic examination of documents has been demonstrated as extremely vital evidence in many of the cases he has been asked to provide evidence for. He has uncovered fraud with Alibaba scammers, falsified Family Court electronic Documents, forged PDF files, falsified audio recordings and video recordings.
"As well as being a Senior Analyst Programmer, and Advanced Computer Programming Sessional Lecturer for Swinburne University, Mr. Smith also developed a major digital dictation and transcription recording business in Australia and the United States as a 20yo entrepreneur and pioneered the development of Windows CE based IPAQ smart devices development used by physicians in major hospitals in Texas and all over the world for the purpose of dictating clinical notes, way before iPhone's and Android's ever hit the market."
"He is an expert in mobile and desktop software engineering and reverse engineering and protocol analysis and has provided evidence that has had the potential to completely overturn multimillion dollar insurance cases on simple document fraud cases. Mr Smith says, "It pays to check your electronic documents first!""
eVestigator announces Initiative to Stop Cyber Stalking and Cyber Bullying- 21 August 2016 - eVestigator® - "Simon Smith, Renown Detective and Computer Forensics Cyber Investigator, Ethical Hacker, Cyber Expert aka eVestigator® from www.evestigator.com.au has decided to take a stance in the area he succeeds most in. He has conducted over 100 cyber bullying and cyber stalking cases, almost 90% of them have come from people who have sought help from authorities and have not had any luck."
"After recently learning about the suicide of a young girl, he has decided to make an iPhone and an Android App and complete the website www.stopbullying.com.au to enable and encourage kids and teens in Australia to report anonymous bullying that they are not comfortable reporting to their parents or schools to the website."
"The website hosts what is called an advocacy program which is free to the child and their parents. The school is contacted to verify the information and is given a period of time to validate the allegations. Strong mechanisms are in place to stop people from placing vexatious reports and abusing the process."
"The website will be upcoming shortly with more details as will the Apps. It will include mechanisms in place to deal with bullying and harassment both in and outside school and also both in and outside the workplace."
"Mr. Smith of eVestigator says, "This is a step in the right direction." I have done too many cases where it is too late. I have seen kids taken by cults, kids get brainwashed and displaced from their families and other things too sinister to describe. I am a Commonwealth Family Dispute Resolution Practitioner which is a mediator that is able to perform Family Court mediations in relation to child matters and also a Nationally Accredited Mediator, however most of my work has been catching Cyber Stalkers, and High Tech Crime Defamation cases in IP Skip Tracing."
"Mr. Smith is known as one of the very few in Australia that has been successful in identifying IP addresses of people who have them hidden, and perform hideous crimes. Some being amongst Australia's top cyber scams in the multiples of millions of dollars mark, and sending the identities over to ACORN. Others, have been related to finding 7 different stalker personalities in a very complex case of multiple personalities leading to 1 person!"
"Mr. Smith is a Certified Expert Witness. He is often engaged by lawyers and counsel to give expert opinion and evidence as to authenticity and identifiable social media details relating to Defendants'. He has performed cases for and against the Australian government and is independent. His capacity is like no other, and he has been programming since he was 11 years old."
"He is known as a cyber genius. He has already built multi-million dollar enterprise businesses and often he assists in cases of interest. This campaign is one of them."
You can see the video full screen by clicking on this link."
eVestigator® does not think blaming IBM is fair for the census DoS attack- 11 August 2016 - eVestigator® - "Although I was highly critical of initially the Government in what was badged a DoS attack, I believe that there is an underlying misconception as to whether all the details really have been released. It is made known now that the Government did in fact shut the website down. I believe (in my opinion) that the Government's policing system is not equipped to deal with almost all types of Cybercrime. Almost 90% of my work come from rejections by police or no response from ACORN."
"I would not be so fast to blame IBM as there is an educational issue here. In my view, 'computer crime' is not new to Australia. I believe the term is being misused to shift liability and blame and the Australian public should look closely at the general protection they are entitled to - that is, reporting the misuse of a computer device which affects the use of their property (their website)."
"I'm not sure as to any legal contract and am not a lawyer, nor am in a position to comment on responsibility. I will say that any organisation, like the Government in my opinion are responsible for hiring out qualified experts to cover Australia's infrastructure. A DoS attack can be mitigated if prepared, and it is my view that the answer to this question would depend on many aspects of the management responsibilities (if any) held in place, and would rely on the quality and level of the contract they held with IBM, again of which nobody can comment on.
I sincerely believe and continue to state that Australia is in what I call 'Cybergeddon' and is not capable of defending itself against Cyber Crime and 'blame shifting' may not necessarily be the overall outcome that fixes any problem. Parliament need to learn a lesson - that was taught back in 2010 with the banks, and many more times after, and listen to every person who walks into a police station and gets kicked out."
"For whatever reason the police may not be resourced and regularly tell everyday victims of Cyber Crime that they cannot help them, when in fact they should be able to as it is just a normal crime. Computer Crimes have been in the Crimes Act for over 40 years, yet now they are told to go to ACORN, who I am yet to see 1 single client come back telling me they attained any result other than a pamphlet or a 'sorry, you need to do get the information' letter, so my clients' tell me."
"I am often asked how difficult is it to plan ahead and avoid such DoS attacks. There are certainly some common sense techniques available, both hardware and software that look for 'unusual trends' that can reject traffic or divert traffic that appears to be problematic. I have written such software myself. However no two businesses are the same. A business knows their own customers. They know their market. So - if they operate only in Australia, why accept traffic from China? They should monitor the speed of their network regularly and the availability of their network and have external services check for any peaks or delays in their service."
"They should ensure that any port on their network open to the public is strictly open for its proper process and ensure that the most common blacklists are installed for anti-spam and trusted blacklisted IP's are banned which are publically available. Furthermore, there are hardware and software solutions that exist which can provide a whole range of other automated tests, including packet sniffing and detection of packet spoofing. At the end of the day though - it comes back to a very simple answer. The IT department and management need to understand their system, clients and users and the capacity of the system to know its limits - and monitor it religiously. It is a human activity, no matter how much you try to automate it - a human needs to have competence. That is the flaw, not the attack itself."
"I am not a lawyer and unaware of any management contracts the Government have with IBM however, I would say that considering every single router in the world is hit every day by attempts of continuous port scanning and searches for open vulnerabilities, and provided this is not a targeted or intended event, I'd say it is unlikely that the Government would sue IBM considering that in my opinion (and this is in any way a legal opinion or privy to any legal management contracts in place) this is the internet we built! Australia just has not yet seen the picture that I have shown and many other experts have shown time and time again, from a non-legal perspective and purely technical perspective I would have thought the government has an obligation to mitigate its own risks for our protection as well as their own."
eVestigator® predicts census cybercrime three days before warning Australia- 10 August 2016 - eVestigator® - "Only 3 days after releasing the blog entry entitled below, 'Cybergeddon is here - eVestigator® Simon Smith announces the inevitable', comes the news of the 'Website for Australian census 2016 attacked' by a DoS (Denial of Service) attack. The best way to define a Denial of Service attack is for an attacker who attempts to prevent proper and legitimate users from accessing the normal use of a website by overwhelming it with requests, data, sessions, etc."
"Ethical hackers (and those unethical ones) know the limits of TCP/IP connections that are allowed on various servers - and if not protected can cause a exhaustion of the resources of the server, by flooding it with fake connections. Such attacks stop real people from getting onto the server to do what it was intended to do. This is why Cybersecurity is so important."
"I myself have written my own Denial of Service and even Distributed Denial of Service detection and blocking software that others pay tens to hundreds of thousands of dollars for. It really is quite simple. People often test websites to see if they have the proper infrastructure in place to 'put up' with such an attack. If I was investigating this, the first thing I would do would look for traces of mini tests before the incident, and that is often the way you would catch the Cyber criminal."
"I have reported on this issue officially in 'The New Daily' magazine - and as I predicted in my earlier blog Australia just is not ready. This is not a different world to what it was 10 years ago. People have chosen to ignore the same crimes being adapted differently. My view is strong. WAKE UP AUSTRALIA!"
"The published article is here. Perhaps I shouldn't have used the word 'crap' - ah well. Let's say we are not that good at protecting ourselves!"
"It's the most simple attack": How the ABS bungled the 2016 Census
The Australian Bureau of Statistics was unprepared for the "simple" and "obvious" cyber attack that apparently shut down the Census, an internet security expert has said.
On Tuesday evening, the Census website crashed thanks to repeated "Denial of Service" (DoS) attacks, according to the ABS. A DoS attack is designed to make a network unusable by flooding it with millions of fake users.
At 7:45pm - as millions of Australians went online to complete their Census - the ABS chose to shut down the system, for fear of further DoS attacks (see a timeline of the Census night drama below).
The site remained offline all Wednesday and an update posted at 9.15pm was pessimistic about its chances of getting up and running that day.
"We continue to work with Australian Signals Directorate and our providers to get our secure online Census form back up as soon as possible," the ABS said in a statement. "A further update will be provided tomorrow [Thursday]."
It's still unclear what caused the website failure.
Cyber experts have questioned whether a DoS attack caused the online Census to shut down.
Online security researcher Dr Mike Johnstone wrote in Computerworld that it was more likely the failure was caused by too many Australians logging on to do their Census at once, rather than a DoS attack.
He conceded it may have been possible that a combination of a DoS attack and the system buckling under the weight of traffic caused the website shutdown.
But Dr Johnstone concluded: "If it's probable the Census servers simply failed under the weight of their task, then that's the most likely explanation, rather than a deliberate DDoS attack".
"Australian government 'cyber security novices'"
Computer forensics expert and cyber intelligence investigator Simon Smith told The New Daily that the government's lack of preparation and expertise on cyber security was proved on Census night.
"Wake up Australia, 'Cybergeddon' is here," Mr Smith said. "Australia is probably one of the weakest places in the world (cyber security-wise)."
"I'm very afraid to say that we are extremely crap at protecting ourselves. It's not as if the government really put much effort into security, is my first reaction to the Census crash. Denial of services attacks are the most obvious attacks, they happen every day".
The ABS and minister responsible for the Census, Michael McCormack, said the attack likely came from overseas.
By Wednesday afternoon, Mr McCormack appeared to have been the subject of hacking on his own website, as News Ltd political editor Samantha Maiden confirmed to Channel Ten's The Project. 'It was a successful attack, not a hack' Special advisor to the PM on cyber security, Alistair MacGibbon, told Sky News he did not know if the attack intended to steal information, or just to make a point about the hackers' abilities. "It was successful because the ABS made the decision to take the website offline, because they wanted to make sure the worst case scenario [loss of data] didn't occur," Mr MacGibbon said. He said the government believed no sensitive data was stolen. Mr MacGibbon continually referred to the DoS as an "attack", but not a "hack", even though earlier in the day Mr McCormack refused to use the word "attack".
© The New Daily - Credit: URL
eVestigator® PRESS RELEASE: eVestigator® warns the public about the cyber-risk of Pokemon and Augmented Reality in the wrong hands
Cybergeddon® is here - eVestigator® Simon Smith announces the inevitable- 06 August 2016 - eVestigator® - "Today, Saturday 6th August 2016, Simon Smith, eVestigator, a Computer Forensics Expert, Computer Hacking Forensics Investigator (CHFI), Renown Detective, Certified Expert Witness and Master Programmer who is all to familiar with the traditional damage of Cyber-Crime, Cyber-Stalking, Cyber-Fraud and Cyber-Litigation made an official public statement today."
"Australia is engaged in Cybergeddon®. Australia is not ready and our government and police force and so-called reporting agencies are not equipped to fight this war and protect our money and safety. There is a misconception Australia. Everyday crime, is containing larger and larger elements of Cybercrime and getting ignored due to the lack of skills in whom we trust to protect us. This is unacceptable as Computer Crime has existed in the Crimes Act for over 40 years. AUSTRALIA IS IN DANGER, and I can mention cases showing how and why!"
"Simon Smith from eVestigator.com.au and www.cybersecurity.com.au today announced that Australia and the world now must accept that traditional crime is actually almost in every sense carrying an element of Cybercrime and the Government needs to equip themselves with the competence to fight and defend equally. Likewise for small business and large enterprise, Mr. Smith advises he has acted as a Cyber Security Expert for large firms who have had their security breached and literally had "traditional crimes" mislabelled as "cyber-crimes" and declined by insurance companies. He says, apart from the fancy word - It is still a crime - although he has seen negligence in insurance companies not even capable of understanding basic concepts, it is just a simple excuse for a new product. He states they use it to deny claims (when he himself has seen first-hand they have no idea as to the fact it is no different to any other crime), it is a computer crime and has always been a computer crime. The Crimes Act in Australia has always dealt with the misuse of a Computer in the Crimes Act." "Mr. Smith is available to comment on Cybergeddon® on 0410 643 121 and provide expert intelligence to Lawyers, Barristers, Insurance Companies, Statutory Bodies, Government, Private Corporations, Individuals and victims of Cyberstalking, Cyberbullying, Impersonation, IP Skip Tracing requirements even for small clients that are being harassed by Facebook stalkers."
"He says, he has literally caughty over 50 Facebook stalkers without needing their IP address and at least 5 have gone criminal, others to Magistrates Court intervention or Family Court orders. Mr. Smith's techniques are not concerned if your IP address is hidden by Facebook - he still has had great success."
"What is really disturbing is that the authorities don't recognise the abuse on social media as seriously as they should. Stalking is actually a jailable offence, as well as the offence of impersonation and this reminds me of a case I where I caught 8 'entities in one stalker' Mr. Smith said. "In today's world, reverse IP tracing unknown to the police, and certainly ACORN have not helped any of my customers", Mr. Smith stated. It is also a specialty that other purported vendor specific 'experts' purport to be capable of which is just not the case."
"As an ethical hacker you have to think like the hackers to be able to counteract and mitigate before the losses accumulate. eVestigator has recommendations for police passed through his customers and will happily express these opinions from real life experience to reporters of reputable news outlets."
"We are in Cybergeddon®. Fasten your seatbelts. Australia and its law enforcement efforts are NOT ready. I deal with it every day. Normal crimes with the strong reliance of social media and introduction of augmented reality make cybercrime equal crime. Are we ready? Computer says (NO)."
eVestigator® prepares to launch an Expert Witness Database for all professions- 04 August 2016 - eVestigator® - "After much feedback eVestigator® has recognised that some Expert Witness training providers or databases are either inexperienced or 'made by lawyers'. The 'made by lawyer' databases concern me. As an Assessor under the Australian Qualifications Framework, I have had the opportunity to assess lawyers in Family Dispute Resolution for the Graduate Diploma, a mandatory component by the Commonwealth for appointment as an FDRP under the Act."
"During that campaign it is fair to say that the area of concern in assessment was the ability to be impartial. This is perhaps one of the most important aspects of an Expert Witness and it is legislated. Lawyer's are fantastic at what they do - but in this particular contrast it was hard to find the evidence (as this Graduate Diploma was based on existing experience) where they had to act Impartial. Many had to fill that gap with several hours of challenge assessments, sadly many failed."
"I must admit, as an FDRP and a NAM - and Investigator and an Expert Witness - I struggle with this but you have to know when to take the hat off and when to put the other hat on. The other types of expert witness databases are just University graduates of that University only - so that is limiting. Then unfortunately you have ones that are the experts themselves purporting to be a database, but really they are there for self service."
"It is fair to say that the client should be able to choose without bias who their expert is, whether it be for an opinion or for court (or jointly if court appointed) and this choice has to be solely made with an utmost feeling of Impartiality - because ultimately the expectation is the findings are not influenced - and are ultimately for the court.""
eVestigator® PRESS RELEASE: eVestigator® warns the public about the cyber-risk of Pokemon and Augmented Reality in the wrong hands
Urgent Press Release: eVestigator cautions parents on Pokemon Augmented Reality- 26 July 2016 - eVestigator® - "URGENT PRESS RELEASE: eVestigator warns Australia of National Safety Alert with Pokemon Go Augmented Reality: For a full copy of the press release, available to the media to report on with permission, click here.
Cyber Crime Expert eVestigator warns of Pokemon Go Augmented Reality
Urgent Cyber Security Press Release
PRESS RELEASE 26/7/2016
CYBER FORENSIC EXPERT ISSUES NATIONAL SECURITY WARNING "EVESTIGATOR CYBER FORENSICS EXPERT SIMON SMITH SAYS 'POKEMON NO' TO AUGMENTED REALITY.
Availability for further interview / discussion TV - Aus-Wide - 24hrs notice, Radio - 8 hrs notice -© Simon Smith 0410 643 121 - [email protected]. Written consent needed to reuse/quote from this release.
Melbourne, July 26, 2016
Mr. Simon Smith of www.evestigator.com.au, and www.cybersecurity.com.au, a top Australian Computer Forensics expert, Cyber-crime Investigator, cyber-stalking expert and programmer of 25 years knows all too well the other side of what it looks like in a courtroom when somebody is the victim of cyber-stalking or white collar crime. He is often giving forensic evidence or reports in relation to high-tech computer crimes as an expert witness or Renown Detective. He has also worked on cases involving child pornography and the police, and is a strong advocate against Cyber-bullying, Cyber-stalking and Cyber-crimes civilly and criminally, and has helped hundreds of people attain justice and resolution in many cases, especially involving children and violence and forensic impersonation.
As a Commonwealth Appointed Family Dispute Practitioner, with the very difficult job of dealing with awkward family disputes along with his specialised cyber forensic knowledge and cases as a Renown Detective, he speaks of cases where he has dealt with kidnapping, abductions, cults, poisoning and more. Never, however did Mr. Smith predict that what he calls "Cybergeddon™" would come so soon. Simon explains the term "augmented reality" in the new Pokemon game as going too far. "Imagine walking in a straight line and a cartoon character appears in front of you.
That is simply what it is. A technology that draws a computer-generated image on a user's view of the real world (knowing on their phone where they are via the GPS), in this case a character or an object named a Pokemon. It then uses the camera on the back of the phone to paint the background, so it looks like there is a cartoon in your view".
He further says, the earth is made up of various known areas comprising longitude and latitudes. These are known to the game and randomized, and the object of the game is to find Pokemon and physically step within a meter or so of it to interact, and likewise, collect other objects in the game". He further explains that "these objects are randomly placed on or around you are on earth without any data verification". Mr. Smith asks you to imagine your child, or teenage son or daughter walking around with head buried in their phone, jumping complete stranger's fences, in and out of their neighborhood, exploring places they shouldn't be - knocking on stranger's doors, asking if they can collect a Pokemon from their backyard.
Then he asks you to stop imagining because it is actually happening now. He then asks you to imagine a destination that may be randomly picked in the game for your child to visit. Imagine if one of these stops was say in the case of America, The Windsor Hotel in Phoenix Arizona. Would you be concerned if you knew that in this instance, this was a halfway house for sex offenders? He also asks you to not imagine, and says, Well, that happened too!
Mr. Smith deals with reverse cyber stalking cases all the time. Finally, he asks you to imagine that a group of bullies had a special directory which told them where a victim would be going at a certain time. It would allow them to lay a trap, and wait for the prey. Of course Mr. Smith says, let's not imagine - that actually happened too. In fact, only a few days after launch a gamer was robbed at gun point in dangerous unchartered neighborhoods because the attackers knew he'd be chasing Pokemon they used game bonuses to lure there.
Mr. Smith, both as an IOS and Android programmer and cyber stalking forensic investigator and court expert witness strongly warns the community and rates this at a risk of 10/10 to any parent. He states that It could be used as a directory for stalkers and pedophiles to find children, and cause danger to society in an already understaffed and unqualified area of policing, being organised cyber-crime.
Mr. Smith further states that it could even be considered the Yellow Pages of Children and Teens for Sex Predators - it could be easily argued that this is in fact no longer augmented.
Mr. Smith strongly advises everyone to be conscious of the line that has just been crossed - and understand that crime is still crime even if it is hidden in what appears to be a 'fun super-artificial method of game play'. It is not a game anymore, Mr. Smith strongly states. It's dangerous, it's real and it is most likely in the hands of your children now.
Mr. Smith feels very passionate about the dangers he sees, in his expert opinion, he would strongly recommend parents remove the game after doing further research as he truly believes it crosses the line by masking serious cybercrime. He finishes by stating that, It is ironic that people used to be afraid of the psychological effect of what violent artificial games may have on people, now I'm saying backed by evidence and experience, they should really be worried - because it has now crossed over to reality."
This is general advice and not to be taken as legal advice and naturally, not all game players are likely to contribute to this conduct, this is an opinion expressed by me raising concern in this area of augmented reality.
eVestigator®, Simon Smith
Computer Forensics Cyber Expert
Investigator, Renown Detective
URGENT PUBLIC MEDIA RELEASE
© Simon Smith
eVestigator invited by (ISC)2 to IISSCC as a recognised information security professional- 19 July 2016 - eVestigator® - "(ISC)2 is the International Information Systems Security Certification Consortium. A non-profit organisation which specialises in information security education and certifications. eVestigator was contacted and personally invited to participate in the Global Information Security Workforce Project. It is the largest study of its kind designed to provide analysis of important trends and opportunities within the information security profession. The aims are to provide a clear understanding of pay scales, skills gaps, training requirements, corporate hiring practices, security budgets, career progression and corporate attitude toward information security for the benefit of companies, hiring managers and information security professionals."
"It is an important study to keep track of and examine the growing importance, interest and need for information security and how the profession is growing to be a more and more integral and necessary part of every business, no matter what industry it operates in."
eVestigator® Launches a free App on Amazon to test for open ports on your network
eVestigator® launches his powerful Penetration Tester Smart App to Kindle Devices as well as Android- 15 July 2016 - eVestigator® - "Just a quick note to let you know that now the App is live on Amazon, and all Amazon device users including but not limited to: Kindle Fire HDX (2013), Kindle Fire HDX 8.9 WAN (2013), Fire HD 8 (2015), Kindle Fire HDX 8.9 (2013), Fire HDX 8.9 (2014), Fire Phone, Kindle Fire (2011), Kindle Fire HD (2012), Fire HD 6 (2014), Kindle Fire (2012), Fire (2015), Fire HD 7 (2014), Kindle Fire HD 8.9 (2012), Kindle Fire HD 8.9 WAN (2012), Fire HD 10 (2015), Fire HDX 8.9 WAN (2014), Kindle Fire HD (2013), Kindle Fire HDX WAN (2013), BlackBerry Leap, BlackBerry Z10, BlackBerry Passport, BlackBerry Z3, BlackBerry Z30, BlackBerry P'9982. Now all can benefit from the FREE eVestigator Pen Tester App on their device. To download, simply click here or click here."
Is it a virus, spyware or just simply a mistake you may be making when installing software?- 14 July 2016 - eVestigator® - "The newest trend everyone is going crazy for mostly due to scare tactics in the media - there has to be some logic applied to security warnings - the media will just grab a maybe and scare everyone! For example, just last week a man in America caused a highway accident when he parked on the road to catch a Pikachu. Yes, that's right I'm talking about Pokemon Go, the app newly released in Australia that let's you become a "real life" Pokemon catcher and trainer. So while this is not a hacking issue and not as bad as the hype makes it out to be, it is worth looking at as a simple act of stupidity - not a security or cyber lesson. I personally, don't install one piece of software to block viruses or spyware because I never let them get installed in the first place."
People are throwing caution to the wind to "catch 'em all'." It is not just physical safety however but personal security. Logging in was reported as granting the app full access to the Google accounts of iPhone users. A Google account is required to log in and start using the app for Android and iPhone users. Now this is a case for checking just what you are agreeing to and an extremely good example of why. The true full account access status may not have actually been full and total access to the users Google account and is now irrelevant as an update released just yesterday now includes a pop up on install allowing the user to choose how much permission to allow. The extent of account information is essentially limited to your email address and name. This is important - it is not a hack, a security issue, it is what YOU are granting the App to do - so it is important to read what it is requesting." Still it is a good lesson to consider just how much trust you put into any apps and the unknown developers that create them without even thinking. Poor programmers just add library after library to do the least amount of coding as possible and bloat your phone with as much unnecessary bloat ware as possible. You must understand and be aware of just what you are agreeing to when you grant apps and programs permissions because most of all you should understand that in this technology-driven world you are the master of your device, and by saying yes, the deed is done. You could be giving information and privacy of all your contacts unless you cut yourself off from the digital world entirely.
Whether this security scare was legitimate or not, it highlights a problem and attitude or perhaps desperate ignorance of just how pervasive technology has become but apart from lazy programming it is not all poor technology. The user is the one that says yes. Not just phone apps but software, hardware, browsers, social media and other online accounts that all track your search history, browsing habits, location, purchase history, the videos you watch, the things you download and upload, emails - who, when, what and where and more, you would have noticed secret little tick boxes in their installation packages to install toolbars etc." The problem is to use the technology, program or app, you 'think' you have to accept these things. The only way to truly protect your personal information and privacy is to just say no. Stop installing more bloat ware in virus scanners and device cleanup scanners which only make the problem worse and just say 'NO'. Partially this mentality comes from the industry expecting Apps to be free and speaking from a developers' perspective they see this as a way to make money by totally inundating you with intrusive spyware popups to make a few cents during their App. I'd rather pay 99c and have a clean phone. However, I don't see this getting any better - certainly not the practice of developers using these tactics on mobiles and as a professional desktop developer - I've seen the major shift in the Application installation phase - with sites like download.com. If you don't press custom and look for that check box you're guaranteed to get a toolbar! These things are not going to change as long as people are willing to sacrifice their security and privacy for a few cents or seconds of their time. If people only accessed, bought or download things with little to no permission requirements and boycott the products of companies that track everything it might be a different future. I have had first-hand experience at what you are giving for those few cents. Has anybody watched the Ghostrider movies? In an ironic way it's like selling your soul to the devil. You are selling your privacy and human rights to the Goliath companies for next to nothing - and now you must wonder how every website seems to know what you are interested in buying from a completely different shop you looked at last week or talked about on Facebook or in an email recently. It is getting very bad people, you need a security cleanup from top to bottom or identity fraud that I deal with daily almost will be hourly." All you can do is be smart about what you access, what devices you use and what permission you allow. Any semblance of privacy is long gone but the illusion will forever cover the eyes of the consumer. Take my first hand free advice."
eVestigator® Launches a free App on Google Play to test for open ports on your network
eVestigator® launches a powerful Android App his customers can use for Pen Testing- 12 Jul 2016 - eVestigator® - "Well it did not take long. One of the biggest cyber-crimes that people forget about is the ex-employee logging into the work systems from home - sabotaging the entire network - or perhaps it's that SEO guy that I caught who caused a debt of $500,000 to my client and remotely setup a chain of incoming servers conveniently hosted at my clients premises unknown to him."
"In the Cyber world, the art of finding holes that can be hacked in from the outside in is called 'Penetration Testing'. I don't just do the basics. My App goes all the way. As a Certified Hacking Forensic Investigator (CHFI) - this is almost a reverse attack on you to determine just 1 aspect at first. If one of your 65535 ports are open to the world that should not be on your public IP address."
"To put it extremely simply Penetration Testing or a 'pen test' is an attempt to scrutinise the security of an IT infrastructure by intentionally trying to exploit vulnerabilities. These vulnerabilities may exist in operating systems, routers, services and application flaws, with improper configurations, forwarding or risky end-user behavior."
"The App is with the Android App Store ready for publishing and should be out shortly. For now, check out this YouTube video of the App in action - with a mini demo by clicking here, or better still download the App by clicking here."
eVestigator® solves case via IP Tracing a twisted 7 in 1 reverse cyber harassment case- 25 June 2016 - eVestigator® - "In an utmost unbelievable series of non-traceable emails, of a harrassive serious nature - to the point of potentially one of the worst cases of impersonation and fraud I have seen to date, eVestigator® has succeeded in catching 7 stalkers in 1." "Although in instinct, it was known in 5 minutes, in evidence it took about 8-10 hours to get the evidence. IP Tracing as you know from Hotmail or Gmail is not possible. eVestigator® has to use other techniques in order to get a positive match on both the stalker, combined with investigative techniques to match it to a suspect." "It was determined that this particular stalker was sending emails to himself in the third person and then forwarding them to his ex, purporting that they were received from the partner of his ex in an attempt to defame the partner of his ex, along with 6 other identities aimed at the workplace of the partner of the ex, false testimonies from both sides and it was a major case." "The results of this case are still pending as the remedies are multi-jurisdictional. It is unknown what the victim will do in this situation. He and his partner both were surprised of the outcome. To me, it seemed to fit like a jigsaw - yet it is something beyond somebody's normal conscious understanding to comprehend. Since catching many cyber-stalkers it surprises me with the blanket of strength the internet places over them. People have to understand - it is still a very serious crime."
eVestigator® prepares to go corporate with a new Cyber-Legal direction- 25 June 2016 - eVestigator® - "As eVestigator®'s focus expands more into the Expert Witness, high-tech cyber-harassment, cyber-crime, cyber-stalking, cyber-defamation and cyber-legal arena's - it has considered a Corporation structure to host its main investigation activities, not just its forensic activities." "As the class of work is more in demand for Simon's expert witness and opinion services, the Corporation is also able to provide both the IT and Investigative services combined instead of individually." "Most of Simon's services are in forensic cyber-legal discovery now, but in the event that full scale investigations are needed this is seen as a positive move into the future, as eVestigator through its Corporate structure seeks to expand its range of software, services and e-learning activities as well as its expert witness services to Australia and beyond in the near future."
Simon Smith asked to act as single Expert Witness in an IVO Melbourne Magistrates Court case- 20 June 2016 - eVestigator® - "In a complex case of cyber stalking, cyber harassment and cyber bullying, where both parties are in a contentious situation, Simon Smith (eVestigator) has been appointed by the parties to an intriguing legal battle between 3 parties to where there has been a case of stalking and mental harm as defined in the Personal Safety Intervention Orders Act 2010 but by whom? I am completely independent in all cases and only report on facts so provided parties cooperate, it will be one of my many interesting cases." "Simon has succeeded in many of these, including recently a reverse stalking case that ended up in finding 7 identities relating back to the one sole entity with no IP address whatsoever. Cyber email skip-tracing is something that is eVestigator's specialty and it is not easy without the ability to perform a summons or have police help when stalking is performed by means of a 'FREE' webmail account in an overseas jurisdiction with hidden IP headers and absolutely no technical or legal means of getting those details from the source." Having succeeded in other cases, this case poses a very different perspective. The reason for his appointment demonstrates a rather large whole in the system. To be fair, Cyber Forensic Investigators are not Lawyers and Lawyers' are not Cyber Forensic Investigators. In some ways this action may be at the wrong time in the proceedings. It is not a question of law, rather, it is a question of investigation." "There could be several outcomes. Both parties could have nothing to do with the conduct. Either party may. My findings are to the court and I have to do whatever I need to do to ensure my findings are independent and in my training of lawyers as mediators - this is not something that lawyers typically like doing!" "However at the end of the day I look for the quickest path to get to the best solution for a result as long as those paths are not distorted or tampered with. I always find alternative methods and it relies on working cooperatively with all the parties, because litigation and wondering is worse than knowing both for the victim and the stalker (whoever that may be). Update: As it turned out - as I was restricted to one chance at gaining evidence, I asked for a very high threshold of evidence under summons as I leave no stone unturned. I was shortly notified that the parties settled by voluntary undertaking."
eVestigator® draws the line between a phone and smart phone- 24 April 2016 - eVestigator® - "While Apple hardware may be well-built and likely to last for years, the software is another story as Simon Smith of eVestigator® discussed with Jackson Stiles of New Daily earlier this week. Read the article here. (link on the 'The New Daily' website at the time of placing this blog - dated April 18 2016)
'A phone is a phone but a smart phone is not just a phone,' says Simon Smith. 'it is fair to say that the majority of phone users these days are smart phone users' therefore this must be considered when discussing phones in this day and time and this is what came up recently. With every iOS update consistently, and so it would seem intentionally, aspects of previous coding becomes obsolete, different or removed altogether forcing iOS programmers to update their apps or risk incompatibility with new devices and operating systems. Effectively limiting the usability and life of a smart phone. An example of this is the iOS 9 implemented an update which restricted access to insecure websites on older phones. Although this is great for developers like myself who already use an encrypted system internally, such encryption should be part of the operating system and such encryption is welcome. However, with little to no notice to developers such an implementation caused havoc to software and their developers. 'The life expectancy of a phone is three years, in a way. It would probably hold up in a court of law(misquoted as 'life') if something went out of warranty.' you can have a phone, but you're not going to get the most advantage and functionality out of a smart phone as technology grows because the phone is only as good as the hardware and the software they allow you to use. And sometimes you can actually get more out of the phone with the software, but they don't let you."
"A phone is a phone and will last as long as the hardware does but the other functionalities of a smart phone decrease and become obsolete over a far shorter period of time."
eVestigator® Government acknowledges cyber security issues
The Government has announced a new Cyber Security Initiative- 24 April 2016 - eVestigator® - "Turnbull cyber security policy tipped to 'safeguard legal profession' , an interesting article worth reading. The government recently announced new funding for a cyber-security initiative which sounds very good if it is properly managed and implemented. It aims to establish public-private intelligence sharing centres, bolster the government's enforcement agencies, and create a Cyber Security Growth Centre led by the industry."
"15 million of the money pledged is to be set aside for grants for small businesses to have their systems tested and improved by accredited experts, which is something they most likely would be unable to afford as it can take days or even weeks to do a thorough analysis and make recommendations and though an expert's time is not cheap, investing in such a test can save you a whole lot more in the long run."
"It is a step in the right direction in boosting the country's defences against online assaults and good news for our businesses that deal locally and overseas. In response to this, the Law Council is working on the development of a cyber-security information initiative for Australian legal practitioners. Knowledge and awareness is lacking in many industries when it comes to cyber security and system vulnerabilities. This imitative will hopefully help raise awareness and wake up Australia about just how easy it is to fall prey to a hacker and lose hundreds, thousands even millions of dollars to scammers."
eVestigator featured on the Today show talking electronic pickpocketing- 13 April 2016 - eVestigator® - "Around 7:30 am this morning a story ran on Channel 9's Today show about the security of contact-less credit cards. It was a good balanced story however I am not of the opinion that criminals can generate the CVV or a derivative of it via a mathematical algorithm and magnetic strip data. Needless to say, the number and expiry date could book you a nice week at the Hilton Hotel or anywhere MOTO (Mail Order Telephone Order) is accepted, as it is not a merchant requirement to request the CVV for contact-less sales."
"And of course it featured the eVestigator® himself, Simon Smith!! I was happy to help with the story and taping went well. It was really good to see the finished story and somewhat ironic and funny in a way with the placement of the MasterCard statement! I would have liked to have seen it live but television scheduling can be hectic and the decision to use it was probably last minute, so there was no warning to anyone involved with the story. I am just happy to help shed some light on the possible risks of using this technology. It is an interesting subject and worth looking into further."
"The fact that 'Mythbusters' were banned from investigating and/or doing a story related to this technology is disturbing but also understandable to an extent. Methods of stealing and copying credit card information shouldn't be advertised and made publicly available without proper countermeasures as readily available."
"However, if the technology is as secure and unhackable as they say, why wouldn't they be confident enough to allow people to publicly test it? It would reassure the public if all attempts are unsuccessful. A copy of the exclusive is available here."
The public is crying out to find their cyber-stalkers. We need a better system for the abusers.- 10 April 2016 - eVestigator® - "Already we have an abused flawed system where anybody can go in front of a Magistrate without a Defendant and make up anything they want and gain an interim personal safety / stalking or family violence intervention order. What is worse is the courts do not punish liars for abusing the system with either made up evidence or none at all." "People are tending to take basic investigation work into their own hands now. One would expect you need evidence to even get a hearing of who you Defendant is? Not so. There are some people out there that trick the Magistrates', and likewise Magistrates' that hand them out to compulsive liars like lollipops."
"This is an interesting article about people who need to ordinarily (apart from the above mentioned loophole) need to know who their stalker actually is. It is nothing special - it is merely a user driven database of phone numbers. It just shows what people will do to know what they need to know, before wasting court time. In any event it is a common trend that more and more people are using social networking and cannot make that exact connection to the Defendant." "I have been very successful in this difficult task and help allow real victims to gain justice."
eVestigator® Speaks at a Legal CPD event about Cyber security mitigation
Legal counsel seminar a good day for all. Glad to hear the feedback!- 09 April 2016 - eVestigator® - "I would like to thank Legalwise for their invitation and the opportunity I had last month to talk to in-house counsel about cyber security. I just wish I had had a little more time to go into some activities I had planned to illustrate the dangers I was talking about. Maybe next time!"
"Feedback I received was very positive averaging at 4 out of 5, 1 being poor and 5 being excellent, I would say that is a good outcome and I'm glad people found what I had to say interesting and enjoyed my presentation, still I barely scratched the surface of the issues and risks businesses face today from not just without but within. It can be as simple as allowing an employee to use a personal device on the business network. This creates a vulnerable and possible point of entry if the device is compromised or if the employee is less than trustworthy and missuses or abuses the privileges afforded him or her. Being slack in deactivating former employee's accounts and passwords also creates vulnerabilities."
"All the comments on my presentation were positive; 'presented well', 'interesting information' and ' it would be great to receive more practical tips' to list a few. The whole day was good for all attendees and the other presenters were interesting and engaging as well with 'high quality presentations', 'presentations were informative' and was 'one of the better seminars' I was a slide or two away from my conclusion when I had to wrap things up but I could have filled a whole day with the amount of information I could share, there are so many dangers and risks, one absent-minded acceptance of a seemingly harmless application can open up your whole network to a competent hacker. Always be mindful of what you are downloaded and accept the risks of what you are agreeing to when you chose to install that app. That is one of the most important things to keep in mind when it comes to cyber security."
eVestigator® Latest from Wired
New Cyber Threats Predicted this year. Is Australia equipped to handle them?- 07 April 2016 - eVestigator® - "Well I hope you have your cyber-plans ready. According to WIRED, these are the most predominant threats we can expect this year. I also would like to add that another major threat is the non-acceptance of cyber-crime being a crime like any other. Too many people shift the liability when at the end of the day, a crime is a crime. In my experience, there is just too much misinformation and lack of consumer awareness out there, partially given by insurance companies, banks and the like. Not even the courts seem to understand the technology that faces the crimes or judgments they have to deliver. I have had firsthand experience in educating a court on what is essentially - yesterday's news. One step closer to Cybergeddon™. That is for another day! For now, let's take a look at the expected cyber threats of 2016 and turn to our international colleagues."
"Extortion Hacks - Following the Sony hack in late 2014, we predicted that hacker shakedowns would increase in 2015. By shakedown, we were referring not to standard ransom-ware attacks, whereby malware encrypts or otherwise locks access to a victim's computer until the victim pays a ransom. We meant extortion hacks where attackers threaten to release sensitive company or customer data if the victim doesn't pay up or meet some other demand. With these attacks, even if you have backed up your data and don't care that hackers have locked you out of your system, public release of the data could ruin you and your customers."
"There's just one problem with tracking such attacks. If the victim caves and does pay, the public may not know extortion occurred. We do, however, have at least two extortion hacks on record for 2015: the Ashley Madison hack, which took down a CEO and exposed possibly millions of would-be cheaters to public ridicule and worse; and the hack of InvestBank in the United Arab Emirates, which resulted in the exposure of customer account information. Extortion hacks play to the deepest fears of companies and executives-if not handled well, company secrets are exposed, customers file lawsuits, and executives lose their jobs. Expect such attacks to become more prevalent in 2016."
"Attacks That Change or Manipulate Data - In testimony this year, James Clapper, the director of national intelligence, told Congress that cyber operations that change or manipulate digital data in order to compromise its integrity-instead of deleting or releasing stolen data-is our next nightmare. Mike Rogers, head of the NSA and US Cyber Command said the same thing. "At the moment, most [of the serious hacks] have been theft," Rogers said. "But what if someone gets in the system and starts manipulating and changing data, to the point where now as an operator, you no longer believe what you're seeing in your system?"
"Data sabotage can be much more difficult to detect than the kind of physical destruction caused by Stuxnet. That's because data alterations can be so slight yet have enormous consequences and implications. Anyone remember the Lotus 1-2-3 bug back in the 90s that would produce accounting miscalculations in spreadsheets under certain conditions? That was an unintentional error. But attackers could get into financial and stock-trading systems to alter data and force stock prices to rise or fall, depending on their aim."
"Certain types of data manipulation could even result in deaths. In 1991 a Patriot missile in Saudi Arabia during the first Gulf War failed to intercept an incoming Scud missile due to a software glitch in the weapon's control computer, allowing the Scud to hit an Army barracks and kill 28 soldiers. Again, this was an unintentional bug. But Chinese spies have invaded numerous US defense contractor networks in the last decade, raising concern among US military officials that they're not just stealing blueprints to copy weapons, but might also alter or insert code to sabotage the integrity of weapons systems and change how they operate."
"Chip-and-PIN Innovations - Any time the security community closes one avenue of attack, hackers adapt and find another. When retailers stopped storing customer credit card numbers and transactions in databases, hackers sniffed their networks to grab the unencrypted data live as it was sent to banks for authentication. When retailers encrypted that live data in transit to prevent sniffing, attackers installed malware on point-of-sale readers to grab data as the card got swiped and before the system encrypted the numbers. Now banks and retailers have begun rolling out new chip-and-PIN cards to thwart hackers once again."
"The cards contain a chip that authenticates it as a legitimate bank card and also generates a one-time transaction code with each purchase, preventing hackers from embossing stolen data onto fake cloned cards to use for fraudulent purchases in stores. But this won't stop fraud altogether; it will simply shift from brick-and-mortar stores to online retailers. In the UK, where chip-and-PIN cards have been used since 2003, card-present fraud-transactions done in person-has dropped. But fraud for card-not-present transactions-those completed over the phone or online-increased from 30 percent to 69 percent of total card fraud between 2004 and 2014, according to the UK Payments Administration. Neither a PIN nor a signature is required when customers use their cards online, so simply stealing card numbers is sufficient for this kind of fraud. Expect those online fraud numbers to rise in the US as well."
"The Rise of the IoT Zombie Botnet - There are many who say that 2015 was the year of the Internet of Things; but it was also the year the Internet of Things got hacked. Connected cars, medical devices, skateboards, and Barbie dolls, were just a few items shown to be vulnerable to hackers this year."
"If 2015 was the year of proof-of-concept attacks against IoT devices, 2016 will be the year we see many of these concept attacks move to reality. One trend we've already spotted is the commandeering of IoT devices for botnets. Instead of hackers hijacking your laptop for their zombie army, they will commandeer large networks of IoT devices-like CCTV surveillance cameras, smart TVs, and home automation systems. We've already seen CCTV cameras turned into botnet armies to launch DDoS attacks against banks and other targets. Unlike a desktop computer or laptop, it can be harder to know when your connected toaster has been enlisted in a bot army."
More Backdoors - The year ended with a startling revelation from Juniper Networks that firmware on some of its firewalls contained two backdoors installed by sophisticated hackers. The nature of one of the backdoors-which gives an attacker the ability to decrypt protected traffic running through the VPN on Juniper firewalls-suggested a nation-state attacker was the culprit, since only a government intelligence agency would have the resources to intercept large amounts of VPN traffic in order to benefit from the backdoor. Even more startling was news that the backdoor was based on one attributed to the NSA."
"There's no evidence yet that the Juniper backdoor was installed by the NSA; it's more likely that an NSA spying partner-possibly the UK or Israel-or a US adversary installed it. But now that companies and researchers know for certain what such a backdoor would look like in their system and how it would operate, expect more backdoors to be uncovered in 2016 as companies closely scrutinize their systems and products. And despite the fact that the Juniper incident shows that backdoors intended for US law enforcement and intelligence agencies can be subverted by others for their own malicious use, don't expect the FBI and NSA to give up on their quest for encryption backdoors in 2016."
AFP Subpoena email is a scam- 29 March 2016 - eVestigator® - "The latest version of this email apparently issuing a subpoena I have received, the AFP logo looks like it is a missing picture, this in itself doesn't prove anything as it could just be human error. It is the content and reason for the email that is suspicious."
"A little bit of fact checking, as simple as a Google search, will bring you to a link on the AFP website stating they do not send subpoenas by email and not to click any links in an email purporting to do so. If it had been genuine, the link would at least look like it directed to the AFP website but the link to the site to learn more and the link to download the supposed subpoena is exactly the same 'http://a-ip.com/H1fOYVRBS/[email protected]' I have changed it only to exclude my email address."
"The link obviously does not go to the AFP website. a-ip.com is an automated invoicing service. It is doubtful they are actively involved in the scam but their services may be implemented by the scammers in some way. However, all you need to know is that if you receive this email you are not in trouble and you should just delete and forget it."
Fake love costs money - $22.7 million lost to dating scams in 2015- 29 March 2016 - eVestigator® - "Having solved many of these myself last year I must say, I'm not surprised. This is the official figure now reported by the ACCC. It is reported that last year, 2,620 Australians reported losing almost $23 million to dating and romance scams to the ACCC. One of my clients' make up $500,000 of that!"
"Remember that it is eVestigator's advice that you need to check the source and destination of all correspondence. Love can be 'in the air', but if you have a look at our website there are ten golden rules you should read before making any decisions. This is all of what I call the makings of Cybergeddon™. It is the fake world. Believe in what you can see, feel and touch and if you can't, there is a reason."
"My client was dating on a Christian dating site. In this case, the scammer felt that religion was a vulnerability. It worked for them. I have recently had the opportunity to hear from a scammer's mouth the here lack of care and dignity as to the damage and affect this has on others. To them, it is a way of life. There will be more on this shortly. Remember also to check out my blog entry containing bank guarantees. I have something to say about the banks you might want to know."
By spying on your partner, did you know you may be committing an offence?- 26 March 2016 - eVestigator® - "It might be time to seriously evaluate your relationship when spying on your significant other becomes a viable option in your mind. You must get professional advice and support and not take matters into your own hands. There are things you can do but many things you can't do without a security licence and things that are plain illegal and unethical."
"Last year, a man was arrested in Spain for installing spyware on his girlfriends' phone, which was a gift from him with the monitoring software installed before he even gave her the phone. He was monitoring her messages, accessing her WhatsApp messages and her social media posts as well and could also activate the camera and microphone."
"Talk to eVestigator today about your concerns, options and actions you can take."
Fake Mobile Apps - A new medium for phishing- 25 March 2016 - eVestigator® - "As an avid developer of successful Android and iPhone Apps myself, its sad to see it come to this, but it's not the technology, it's the criminal. There's now malware out there targeting major Android apps including Google, PayPal, Banking, eBay and Skype among others. It is designed to mimic the login screen of 20 different banking apps from Australia, New Zealand and Turkey as well as the above. It overlays itself over the login screen in order to capture your usernames and passwords and bypasses two factor authentication by intercepting authentication codes sent by SMS, forwarding it to the hackers and hiding it from the user. It gets onto phones by imitating Adobe Flash Player, which many websites require. Avoid this by only downloading apps from trusted sources like Google Play."
"If you are worried that your phone may be infected, check the list of device administrators found under the Settings > Security > Device Administrators menu. If infected, 'Flash Player' will be include on the list. Ignore warnings about data loss and remove 'Flash Player' from this list. Now it is possible to uninstall the malware via Settings > Apps/Application manager > Flash Player > Uninstall."
"If you cannot access the Device Administration list for whatever reason it means there is malware trying to protect itself and prevent deactivation. Restart the Android device in Safe Mode, which disabled installed apps, preventing the malware from blocking access to the Device Administration list. Check your device manual or support website if you don't know how to access Safe Mode."
"Again NEVER download files or apps from unknown sources."
Australia Post 'Locky' scam emails- 25 March 2016 - eVestigator® - "The latest Australia Post email scam is very elaborate. Using advance scraping software, they scan social media to glean personal details like your name, address and occupation to make the email seem legitimate. The emails refer to an undeliverable item with a link or download with more details. The attachment or link it asks you to click looks safe to a lot of antivirus software as it is a small file or a Word document. However it actually contains malware called 'Locky', which runs a java script code that locks your computer files, demanding a bit coin ransom worth hundreds of dollars. If you are unsure about the legitimacy of an email Australia Post will never: Ask you to click on an email link to print off a label to redeem your package. Email or call you to ask for personal or financial information including password, credit card details or account information. Send you an email asking you to click on an attachment. Email you to reconfirm your physical mailing address by clicking on a link. Call or email you out of the blue to request payment. The above was taken directly from Australia Post's website. Most businesses that have been victims of these kinds of scams will have such a checklist to advise of email/telephone contact legitimacy."
eVestigator® presents at Legalwise CPD in-house Counsel conference on Cyber-Security- 20 March 2016 - eVestigator® - "If only there were more hours in the day. So much I had planned, I was expecting to hopefully find some time at the end to do some demonstrations at let people know where they have been (according to their mobile phone Wi-Fi beacons) as well as giving them a surprise or two when they mysteriously email each other from one side of the room to another" "The core topics were essentially based around how to mitigate a Cyber Attack once it has been established, and how to prevent such attacks from occurring. There was also some general discussion on liability. Interestingly we got to get through the content that needed to be shown and we can save the extra fun stuff for another time." "A question was asked of me, and I had to be honest. I say it how it is. That question was somewhat like, 'What do we do with regards to this new Cyber-Insurance'? I asked, 'Do you want my honest answer?'. The crowd said yes - and I gave it to them! It is merely a new name for existing liabilities that are otherwise easy to label outside of a policy for the benefit of the insurer to remove liability and/or a new idea to make money for the same insurance the customer already held.' Essentially, I see it as a way of 'handballing'." "I state, with all my experience, Cyber-Crime and Cyber-Security threats have always existed. A computer is like a watermelon. Where do you store that watermelon, how do you protect it, who uses it, does anyone take it home, can anyone put their hands over the window and pinch a bit to eat? The answer is yes, and it always will be. Computers don't do anything, people do!" "Employee fraud is employee fraud in any case that I have done and should be treated by the police and the courts accordingly, regardless of how they committed that fraud!"
eVestigator® acquires cybersecurity.com.au and discusses Cryptology- 10 March 2016 - eVestigator® - "In celebration of this, Simon Smith (eVestigator®) is planning to use this site in the nearby future to enhance Cryptology Training and Online Safety. Simon has just finished a PD from the popular Cybrary series, entitled "The History of Cyber Security Intelligence S3SS10N - Presented by George Schu." "This short PD offers a background to the history of cryptology; which is the making and breaking of code. In this lesson, the instructor offers a brief background to cryptology dating 4,000 years ago with the ancient Egyptians and then goes onto the discuss the birth of modern cryptology. It describes that, Cyber security can be seen as a descendent of Cryptology. The making and breaking of codes dating back to biblical times and beyond."
"It is very useful to understand the history of Cryptology. The knowledge known to eVestigator® and repeated in this PD demonstrate a background to the history of cryptology; which is the making and breaking of code. In this PD, the instructor offers a brief background to cryptology dating 4,000 years ago with the ancient Egyptians and then goes onto discuss the birth of modern cryptology, and best Cyber Security Practices and Solutions." "eVestigator® agrees with the genius Herbert Yardley (who is considered the Father of Modern Cryptology) and he dates back to World War I as he began his efforts after realising the United States did not have a focused cryptologic effort. He stated this would surely effect their ability to fight well in the war and persuaded the Army to set up an effort and as such, was hired by the Army to make this effort permanent and eventually gave way to the 'Black Chamber', which was credited in 1921 with cracking Japanese code, which was critical for the USA with negotiation with Japan at the end of WWI."
"Cryptology considered to be used and resulted in tremendous strides in World War II. Cryptology continues to grow and help the world keep an advantage on the forefront stage today and is one of the most important aspects of cyber security." "eVestigator® will be introducing some new initiatives around this area shortly."
eVestigator® Invited to Channel 9 to demonstrate a new type of SCAM- 10 March 2016 - eVestigator® - "Cyber Forensic Expert Simon Smith (eVestigator®) is soon to appear on Channel 9 exposing a major new style of SCAM for consumer awareness sweeping the country. More shall be revealed after it is aired."
eVestigator® finds a peak in domain hijacking and registration SCAMS.- 10 March 2016 - eVestigator® - "Well it is obvious to say that we already knew we cannot trust a domain name. According to Google, a domain name 'User' is the legal entity they are dealing with, not the holder, not the company, nobody. So beware if you have Google Apps for business and one of your staff members changes the authentications settings and or assigns it to a Master Account outside your company. It's theirs! I have now more than 2 major Google related SCAMS and Frauds I am working on, and please take my advice above seriously as imagine what it feels like when you are told, "you have no proof of ownership of that 'account' despite owning the domain!"
"As an online expert and due to my own experience, and many of my investigations involving domain hijacking, it's safe to say I know the Worldwide Domain Name system backwards. Personally, I register a LOT of domain names. Another thing to look for is the now manipulated fake domain registration SCAM. You register a domain name (and of course you have probably seen similar SCAMS with Trademark Applications) and then you are bombarded with services emailing you from overseas claiming to 'finish off the registration' or 'properly register it or later renew it'. Again you have never dealt with this company before. Today I received an email entitled, 'Domain Registration Incomplete'. Note the word 'Registration'. Inside that email up comes 3 bright and beautiful trademarked logo's (obviously without permission) of the 3 potentially largest search engine logos in Australia. Google, Yahoo and Bing. The email was did not even go to the effort of informing me of my recently registered domain (note the word 'registered') - and note that is even if it knows I did, or it is a cold SPAM email."
"It was NOT picked up from Google SPAM and was sent from '[email protected]'. Note: Always check who is sending you an email - no matter what it says, then check the reply-to address. This is what it said.
(Now that you've bought your domain, it's time to register it.
By registering and listing your website with the major search engines you are allowing your website to be searched by the entire online community.
You can verify and submit your website with Google, Bing, Yahoo and 20 other top search engines by clicking the button below.)
It is sent with a nice badge showing quality endorsement from 'Copyright © *2016 Official Domain Directory*, All rights reserved. PO BOX 12114 San Francisco, CA 94112."
"Now note that it says (Now that you've bought your domain, it's time to register it.) Not buying is registering. They are trying to confuse you into thinking that SEO work on the domain name is registering. Also note, that you are dealing with complete fraudulent SPAM with a reply-to address of '[email protected]'. The bottom line, the word SPAM has changed into more the word Impersonation. Always be in control or have someone in control of your IT. I am auditing a company at the moment who has no idea how their $500,000 online business works. My first advice was more of a question. Please, get me the source code!"
eVestigator® takes on 600K SCAM. An email address does not identify an entity!- 05 March 2016 - eVestigator® - "Well what a week it has been. It seems that Cybercrime is getting worse and worse every day. Someone behind a computer screen has a virtual concept that their actions and consequences are also virtual. This is not true."
"As this is a current investigation I cannot talk much about this case, save for the fact that a Goliath Corporation is involved, seeking to rely on what seems like just an email address. As you know it is very easy to compromise an identity and I will be presenting at the Legalwise CPD seminar exactly on this concept."
"Solving major cases of fact is what I do best, especially in the new war, the war of Cybercrime. There are not too many people who understand the potential of a hacker and what can be done. Needless to say I shall keep you up to date as to what the law considers a binding contract, as if it is relying on a representation via email, then the liability of due diligence on one or both of the parties must be resolved. Who's responsibility is it to ensure they are not compromised, and if so, is the civil repercussion a duty of negligence in not detecting by the other side? These are hot topics at the moment. As a Cyber Technologist, I plan to present case studies on both sides."
eVestigator® invited to speak at Legalwise CPD Counsel Conference- 23 February 2016 - eVestigator® - "On Friday, 18 March 2016, at the Intercontinental in Melbourne, Simon Smith will be teaming up with Melissa Kirby from Sharpe and Abel for the Legalwise CPD. He will be appearing as a Forensic Cyber Expert Witness and presenting useful advice and anonymised case studies designed especially for in-house Counsel when dealing with Cyber-attacks."
"He is proud to be invited to speak at the 9th Annual In-House Counsel Conference seminar, focusing on the very challenging and new specialised area of Cybercrime Loss Mitigation. It looks like it is going to be a great event. In-house counsel can be asked for all kinds of advice-some legal, some business and some off the record personal questions from co-workers. This blending of roles and responsibilities creates a very challenging legal and ethical landscape for which there is a depth of clear guidance."
"The seminar addresses several issues facing in-house counsel today, and my topics discuss case studies of 'When Your Organisation Faces a Cyber Attack' and 'How to mitigate a typical cyber-attack of Denial of Service (DDoS), or potential theft of trade secrets and IP after the event?"
"It also addresses the very important issue of 'What steps should be taken to establish quantum of damage to the organisation?' and 'How to best implement lock down and typical methods used to locate the offender.'"
"I have the pleasure of presenting with Melissa Kirby, Founder of Sharpe who specialises in working with engineering and technical professionals, supporting clients and keeping their businesses safe through difficult times during the Asian Financial Crisis, the Global Financial Crisis and all the times between. Ms. Kirby is the Legal Director of Sharpe & Abel and I will be discussing real life scenarios that as a Forensic Cyber Expert Witness/ Renown Detective - eVestigator to provide valuable intelligence in this area."
"I look forward to seeing all attendees there and am grateful to be part of a well-structured, and well organised event."
For the second time eVestigator succeeds on second opinion- 19 February 2016 - eVestigator® - "In no way does this blog entry take away from the good work that my colleagues do as I believe that everybody has unique skills in various areas and deserve equal recognition for those skills. In choosing a forensic investigator it is often difficult to determine whether you will get the outcome you want, the outcome you don't want or any outcome at all. I have completed two cases recently where I was able to successfully satisfy the customer by achieving a result that another respected high profile Forensic Investigator could not achieve at almost half the cost.
My main philosophy in investigations is to deal with facts only. Especially in cyber-crime, it is safe to say I've had extensive experience in IT and security, most acclaimed via actual practical work as I just happened to have grown up at the right time when the little baby we call the "consumer internet" was born. The point of this entry is to state that knowledge and skill is relevant not to someone's age or potential doctoral degree in an ever-changing industry, but to the actual hands-on physical experience (in my case 20 years) of software engineering at a master level and teaching others to do similar.
If you are looking for a true forensic cyber expert who actually has won cases, has the knowledge of not only the entire programming language of the internet but the backbone of the very beginnings, which is lacking in every university degree today, then look no further than eVestigator. Sometimes innovation and thinking outside the square can provide an outcome that nobody else can provide. To understand the depth of knowledge that eVestigator brings into an investigation, it is wise to look at the broad range of qualifications on this website combined with the broad range of actual outcomes. The reason why I have a 100% success rate to date, is because I am adaptable to change my methodology, writing my own code and not relying on a piece of software to conduct my investigation. eVestigator in fact writes the software most often if necessary because no two cases are the same.
So it pays to get a second opinion and eVestigator does have a 100% success rate because he will only complete a job with the understanding and co-operation of the client that the strategies that can start off and change is led by him and not interfered with. It is only when a strategy is interfered with that eVestigator chooses to not participate in an investigation. It is otherwise his nature to complete in full, from scratch every task he starts to obtain a factual result for the client. Opinion is secondary."
eVestigator®'s Gains WASC Accredited IT University USA (CHFI) Accreditation- 13 February 2016 - eVestigator® - "CHFI stands for 'Computer Hacking Forensic Investigator' and was awarded on the 10th February 2016 by IT University based in California. The University is WASC Accredited. WASC accreditation also places ITU among the recognised list of institutions on the U.S. Department of Education's database of recognized institutions of higher learning and the Council for Higher Education Accreditation's Listing of Accredited and Candidate Institutions (CHEA)."
"ITU is also recognized as an approved institution by California's Bureau of Private Postsecondary Education (BPPE)."
The Subjects covered with depth included Computer Forensics, Forensics Investigation Process, Searching and Seizing, Digital Evidence, First Responder Procedures, Forensics Lab, Hard Disks and File Systems, Windows Forensics, Data Acquisition and Duplication, Recovering Deleted Files and Partition, Using Access Data FTK, Using EnCase, Steganography, Password Crackers, Log Correlation, Network Forensics, Wireless Attacks, Web Attacks, Email Crimes, Mobile Investigation, Investigative Reports, Expert Witness and more."
eVestigator® provides forensic evidence in 4 of Australia's largest SCAMS!- 09 February 2016 - eVestigator® - "Well there was such thing as justice, or was there? I have cooperated with ACORN and given them intelligence that lead to some of the most major discoveries of direct hit IP addresses behind some of Australia's largest SCAMS. One being a major dating SCAM, now claimed over $510,000 and being misled by banks to place the onus away from the consumer guarantees under the Australian Consumer Law, and the other being the fake Microsoft 'tech support' SCAM which is well known - where somebody purporting to be Microsoft calls an unsuspecting user and is told their computer is infected."
"They then get them to download a Trojan Horse that purports to be merely remote control software, and in fact is, with a little bit more. They then use it to lock the person's computer at a very high OS level demanding payment to fix the problem. This was reported to my client, and then by me to ACORN. ACORN accused me of not reporting the data I found, when this is how they treat their customers. I inform my clients that they are a reporting network, but still via the AFP and Interpol they could make an arrest with my data, but not so."
"Here is a letter given with permission from the original client that 'got their backs up' just because I was doing my job. I have anonymised the letter for the client and have full permission from him to publish it. I make no comment as to its contents or otherwise. The customer and I have the right to freedom of expression and speech. Here is his most recent letter. I can unfortunately do no more for him, as mentioned on my website I contacted ACORN with consumer concerns and it was not well received, in fact, it resulted in what will most likely be contested legal action for alleged false statements and misleading statements and ethical standards complaints to the police. It is actually my belief that the banks are answerable to this and are shifting liability setting people up for failure when their own website is supposed to protect them and even guarantees this under various circumstances. It is important to note, that a bank is neither legally able to Investigate nor purport to be an authority making a decision without Police intervention. The letter he permits goes as follows"
"Dear Sir / Madam
On XXth Nov last year, the Bank External Investigations contacted me to advise that I had been scammed after an online romance. I will not go into details as the details are irrelevant. I was told they (XXXX Bank) could not do anything more and to submit a report on the ACORN website, which I did the following day.
Subsequently, I have submitted a further 23 reports as it is the only means of actually reporting any suspects, including phone numbers in Australia and Malaysia, bank account details in Australia and even beneficiary addresses overseas. I have submitted a substantial amount of evidence to enable Authorities in Australia and Malaysia to act on seeking the perpetrators and in fact all the possible money mules or persons colluding with the perpetrators.
I have had to play money launderer as a last resort to try to bribe the XXXX Bank to take some action to involve the AFP which to some degree may have worked.
As a last resort, as my own finances are completely negligible now, I informed XXXX Bank External Investigations that a deposit of $XX,000 in my account from an unknown sender would remain frozen until it was investigated by the AFP. I received a call from the XXXX CID . According to XXXXXXX, the call was in in relation to my last ACORN report. To my knowledge XXXX CID may not have received the report as a result of the ACORN report, and may have been a result of XXXX Bank's report to Vic Police.
I used $XXX of the unknown deposit to hire a very efficient and ethical Forensic Investigator to trace the IP addresses of the two perpetrators successfully and without any doubt, and his report was submitted on the ACORN.
To date and after three months without any communication from the AFP, other than an email from the XXX Police stating that the case was in the the hands of the AFP on 4th Dec 2015, I have had no communication.
My concern is that: The ACORN really doesn't care
The ACORN is too slow to respond, given real time information
And as a result- the evidence is no longer useful.
To cap off there are another 5 victims of this scam known by the XXXX Bank in Australia who have full knowledge and all the details and in some way they can be considered accountable in the loss of possibly $1.5M.
The prime suspects can be located in South Africa and Nigeria. Found by eVestigator®.
I request a reference to report this to the AFP Ombudsman.
What happens when a victim self-sabotages their own case?- 04 February 2016 - eVestigator® - "If you were to visit a Doctor, and engage a Specialist, you would do so because of their experience. Sometimes I have seen the victim without realising it, introduce self-harm into their own case."
"They say you can lead a horse to water, but you cannot make it drink. This is very true. Sometimes in cases, the victim actually is so entangled in the emotional trauma that they play 'investigator' and lose sight of the massive amounts of obviousness small pieces of advice from an external expert point of view can make. It ends up turning into a sheer path for self-destruction. My policy is, that I will not work with anybody who does not take my suggestions - because the hard work in setting up all the layers for an outcome is interfered with if it is not isolated to 1 person who can and will make a change for the better."
"I think a priority list is vital for clients so that an Investigator can understand the exact facts which are required first, prior to seeing the 'Goliath' of information. Things are actually pretty simple and easy if you take a systematic approach. I have had great success with every single client and in speaking to others in the industry - it is a common trend that you need to set a plan and stick to it." "Results and facts come from research. I am a factual investigator; I don't give 'opinions'. I leave no door open. The key to a good outcome in an investigation is communication and understanding of overall value and accomplishments one wishes to achieve, and as with all others in the industry - it is clean sailing from there."
"I am happy to say my strategy is succeeding and by having some common rules in place it is possible to avoid situations that displease customers. You only have to look at my testimonials. All of these people followed my advice and received an 'outcome' after research without interference. When I send an invoice I don't see money, I see outcomes and injustices, and think of ways from the information I've given to correct such injustices." "It is also important to help your client not become misinformed, as sometimes they get the wrong advice, even when you know the outcome. Sometimes, however this is out of your control. It is fantastic to see positive results and I continue to see them. I just wish to advise any potential customers to allow yourself help, and help will come to you."
"I often go out of my way and use other contacts and expertise that compliment services. This has and can end up saving customers hundreds of thousands of dollars. eVestigator® is like the lollipop (man). I help direct, and strategy is so important in this area. When you are at the investigative stage, after initial research, you start to see extreme value for money."
"Being a Family Dispute Resolution Practitioner, Marriage Celebrant and author of books on Grief and Trauma I can see the signs of 'self-sabotage'. Depending on the case, it is good to choose an investigator that has a cross range of abilities in all areas, still performing a sole service, but at least there is awareness."
"I say it how it is, and don't tell somebody what it is that they want to hear, I speak the truth and I speak based on experience and fact gained from cases I have been involved in and resolved. The level of communication is required on both sides to come to a fruitful outcome. Here are just some of the comments I have received in the course of helping people."
"It takes 2 to tango they say! These clients are gold and I want to applaud them on their trust and belief to get them successful results. I ultimately take your instruction, but be prepared for honesty. If I recommend something I am happy to explain why - and how later it can save you. All these sample customers I applaud for showing strength in their traumatic times, yet maintaining themselves from the potential to 'self-sabotage'." "Full cooperation and confidence that everybody is on the same team is a must to produce successful outcomes. Three cheers for these successful happy customer examples!"
Thank you customers!
* "Intellectually, he is clearly a star."
* "Brilliance is an understatement."
* "It took a long time for me to turn for help but turning to Simon was the best thing I could do."
* "Simon saved me 10's of thousands if not hundreds of thousands of dollars with the lawyers and he got me the results I needed."
* "Simon is also a genius computer programmer, who has helped find cyber stalkers, assisted ASIC find and prosecute unlicensed practitioners"
*"Hello Simon, I just wanted to let you know how encouraged I felt after speaking to you" "Simon's findings from forensically examining both an iPhone and an iPad gave me almost too much information than I was prepared for"
* "He knows the workings of the internet, that's a fact."
* "Thx Simon. Through all this as much as I have learnt about how nasty and shady people are, I have met a lot of good honest ones! You are at the top of the list."
* "I am very impressed with your work. Submitted another report to ACORN re the CBA XXXXX account, and complained about the lack of action."
* "Thanks for all your help, greatly appreciated."
* "Simon is the utmost professional that goes beyond what's on paper"
* ""He genuinely cares about your well-being and mental status"
* "It took a long time for me to turn for help but turning to Simon was the best thing I could do"
* "I am very impressed with your work. Submitted another report to ACORN re the CBA account, and complained about the lack of action."
* "Simon stood by me and saw the process through. He was not just a Forensic Investigator."
* "Simon was directly requested to volunteer some advice and put forward a willing participant on Channel 7's Today Tonight program"
* "I recommend Simon fully for any investigation as his programming and forensic investigation skills are outstanding"
* "Simon not only solved my case but from Today Tonight's expert request, he enabled me to explain some views on Cyber-Bullying"
* "I have gotten to know Mr. Smith over the past 10 years, both as a person and as a Computer Programmer. As a Computer Programmer, Mr. Smith stood out, from early in our relationship, as an articulate and perceptive programmer. He has shown a tenacity in dealings with several International Companies and Governmental Departments"
* "Simon saved me 10's of thousands if not hundreds of thousands of dollars with the lawyers and he got me the results I needed"
* "Simon was onto the lawyers and made sure things were done!"
* "I highly HIGHLY recommend Simon and eVestigator® especially to sort out the lawyers and give amazing factual results."
* "He was smart enough to get the actual evidence from the cloud and the iPad at the end of the day didn't even make much difference! He is superb."
* "I am a great judge of character and you, especially you, have given me strength to go on. Thankyou so so much, you are a gem.
The Banks and the Increase in Cyber Crime in Australia- 03 February 2016 - eVestigator® - "It is evident in cases that I'm currently performing that cybercrime has increased dramatically over the last three years. There are now smarter ways for criminals masking their identity that contributes to the typical attribute of misinformation that is used to target vulnerable people. I have noticed an increase in dating cybercrime especially in the Christian sector as there is a higher level of trust among Christian dating site users and it appears that one may come to the conclusion that a particular religion seems to be an innocent victim. I say that this is not so. It is a guess that potentially in the past has worked but anybody is a victim in these strategic cybercrimes that I am witnessing. Mostly what I'm seeing is a co-operative team of individuals that work both nationally and overseas. Nationally they are able to open up Australian bank accounts and overseas they are able to concoct stories as to the transition from the Australian bank account to a Malaysian, Nigerian or South African bank account. There is however one major flaw in this whole system. I question the banks and I put them on notice that they themselves are negligent in the way they handle or attempt to handle what they consider to be cybercrime."
"The lay customer is the victim and the bank is the commercial entity that is ultimately performing the transaction. Take this analogy; imagine you are buying a fridge from your local retailer. If you experience problems with the fridge within seven days of your purchase and your retailer tells you to call the manufacturer then your retailer would technically be (and this is not legal advice) in breach of the Australian Consumer Law being the Competitions and Consumer Act 2010. Ultimately the responsibility lies with who you pay or who commits the conduct. The banks have guarantees that are considered to be consumer guarantees and they protect customers against fraud. However, I find it ironic that the banks themselves will not communicate with police or to higher authorities to report such fraud, I wonder why this is the case. I believe that the banks would ultimately be reporting themselves because the result of the banks reporting that they have given money to a criminal would ultimately give responsibility back to the bank and their consumer guarantees when it comes to online safety and digital fraud."
"There are three massive cases at the moment I am dealing with where I am going to be recommending legal action against the banks in addition to cyber forensic data that identifies the criminals internationally that was obtained through propriety cyber forensic methods as it is obvious that the IP address of such criminals isn't forthcoming. My understanding is that the banks have an obligation that, again without indicating any kind of legal advice, could possible put them into a position called 'Unconscionable Conduct'. I suggest anybody who has any issues with digital fraud to contact a forensic investigator like myself if they get nowhere with the bank or the police."
"There is another angle to this that everybody is missing. Ultimately at the end of the day, the banks may very well be contributing to the fraud by rewarding those who are actually engaging in fraud. Without getting into specific conduct of a particular case that I am currently working on, I would like to state that this is most likely the case and I will be making reports to the Australian Federal Police of this nature. I strongly advise every person to read their guarantees that the bank give them and the Terms & Conditions that they rely on when they conduct internet banking and/or permit others to conduct internet banking on their behalf and the way that the conduct is intentionally hand-passed to multiple liability and discovery sources like ACORN, the banks fraud team, the local police, INTERPOL and the Australian Federal Police."
"As a forensic investigator, I can tell you now that the banks have a lot to answer to and any person who is experiencing such problems should contact me immediately."
$200,000 dating scam BUSTED by SCAM expert Simon Smith!- 21 January 2016 - eVestigator® - "I had the pleasure today of using special forensic techniques to attain the exact IP address and location details of a massive dating scam that involves potentially hundreds of people in a pyramid style dating arrangement. I have requested my client report the details which nobody has (specific IP/Device/UA String) to ACORN, and really hope for the benefit of all victims ACORN will use the AFP to make Federal arrests."
"This involved Australian bank accounts and a series of people both in Australia, in Singapore and wait for it, Nigeria. I must say that this is not the only case that involves this kind of money. I am just about to release a press release in this matter as I have grave concerns that the banks are involved. At least in this one case I have evidence that suggests that the bank are not cooperating with their Fraud guarantees. This is a major issue for Australian consumers and must be reported to the public."
"There is more than one SCAM like this I'm working on. People forget the part the bank plays in this and the level of protection and security they are entitled to. I will be advising in my report to my client that he provides ACORN with specific information that in this case implicates the bank, at least allegedly by way of conduct and advise that the ACCC must be involved. So far I have solved over $750,000 worth of SCAM's."
"The proof is evident, the scammers are exposed and I shall update you if the police update my client. For once we hope the countries can work together. The details (all except my incriminating findings) have been reported to ACORN. My findings are the "Golden Bullet" that will enable an exact location and arrest. I not only found out the true IP of the SCAMMER's, but the method and scheme they use. Innocent people are setup as part of the scheme in a massive money laundering exercise. Sadly the banks take the so called unproven "victims" word for it, however I shall be reporting to the AFP this conduct as the banks are neither investigators nor are they the police. They have however frozen money in my victim's account due to unproven information and they will have to answer to the ACCC and the Banking Ombudsman as well as the AFP, because not only did they witness the victim being used in the SCAM, they are rewarding an alleged "victim" by freezing his account."
"Nevertheless you cannot get a better result than the source, and that is what shall be passed on to ACORN. I will also be making my own recommendations to the AFP on this matter."
Ending a Relationship? Make sure you know what you are entitled to!- 18 January 2016 - eVestigator® - "Story of the week is more some useful advice. As a Commonwealth Family Dispute Resolution Practitioner (and trainer thereof) and Forensic Investigator that deals with extensive Personal Safety Intervention orders, I see a lot of 'hiding' of assets."
"One such example is, that if in the event you are going through a divorce (ironic that I'm also a Commonwealth Marriage Celebrant) but life is very unpredictable to say the least, you need to know your rights. Usually you see the typical behaviour that is similar to that of what I call a "pre-stalker". You see some niceness, then some dictatorship and a bit of control and maybe more niceness and what looks to be open attempts to 'help' the other party."
"I have done many cases like this where help=hide information. If it happens, and if it must happen, then remember that nothing is black and white in the Family Court but don't be bluffed by what people 'say' the judge is likely to do and get scared off during mediation. At least do your research. $1 spent on my forensic services could not only get results but save $5 spent on lawyers writing unnecessary discovery letters."
"One such case presented and I am happy to say that due to my services she is at least $200-300k better off than what she was 'told' she was getting. Much of what I do is facilitate the 'Project'. I don't see an investigation as one simple fact. I see it as a project. A project that I can coordinate all parties, save you money and get you results. The only time this is affected is when you are presented with a brick wall, then we need to knock it down!"
"The moral of this story is when it comes to divorce and money, trust nobody, get facts, then get lawyers for the important parts. Don't waste all money contesting wills, or assets in churning letters up and down. You may be missing a $200k term deposit sitting in one parties name that is half yours!"
Computers vs Humans, Processes -> Models -> Outcomes. Biometrics and voice example- 08 January 2016 - eVestigator® - "Many people can recognise a person straight away by their face and also sometimes by their voice. But how do computers recreate or examine a face or voice for what a human brain would assume is equivalent."
"Firstly as a master programmer and lecturer for over 25 years, a developer of innovations, I will be the first to admit that the 'computer' is not at all the only tool in my toolkit for forensic IT services, however it is a necessary tool though as it forms part of a process which leads to a method and produces an outcome, with the addition of many other sub-components, all of which rely on each other. Imagine a computer is just a giant calculator that can do nothing until you press the buttons. Well that is true. However, can you press the buttons 240,000,000 times a second? I draw similarity to today's programmers who make 'websites' and work as I used to as Senior Analyst Programmer with popular tools. People think that a template or software is the be all and end all and nothing else matters. They invent many words and accreditations for nothing more than a heavyweight unreliable set of locked down (or even worse not locked down your way) code. When I first started programming I literally had to draw every pixel on the screen. If I wanted to do something intelligent I would have to do it low level. Nothing has changed for forensics, but for programmers it has."
"What is it that has changed? Programmers have got lazy and trained to use pre-built templates. The issue with this is you lose all the control in between (and you inherit their bugs). I have written many API/SDK/plug-ins as a programmer FOR programmers because nowadays there is not one method to use some magic software the way you want you to use it 'exactly' for. So, you lose creative control, increase security risks not knowing all the code and/or everybody knowing the open source code and risk your entire business or assets on someone's "playground". You can see my certificates and credentials below and yes they are a token but how do you do cyber forensics if you're a template trained expert or trainer?"
"My answer is you simply can't. Imagine a painting hand painted half way; you can't touch the first half. The point I am making is that a good expert does not have to mention software packages (and all the jobs on job sites are direct evidence of people wanting to employ puppets of these products) they should be able to do ANYTHING AT ALL. Notice in that statement there was no mention of a computer?"
"Recently I was asked to both forensically analyse a voice and reconstruct a face. The first thing that came into my mind was OF COURSE, THAT'S EASY AND I'VE DONE THIS MANY TIMES. The first thing that would come into perhaps another mind is hmmm I'll try to go to Google and look for free software that does that. So because I understand the raw mechanics of any sound file I don't need fancy named software. I just write my own! Take that logic and look at the human face, facial reconstruction and recognition, or any biometrics for that. At the very basic level an expert should remove the computer from the question and ask themselves how I as a human could do this (understanding that the computer has an incomprehensible advantage over a human in consistency and is necessarily sometimes an absolute must to form a method as a process, with its speed and other advantages). Without getting into artificial intelligence concepts which I actually call Official Intelligence, I am happy to report a successful outcome."
"If someone says can this be done and a human can do it, the invention and intelligence lies in what you can do with that computer that makes a difference to the outcome to form that piece of the puzzle, not what the computer is going to do for you. There are plenty of parts to a method and system even in everyday life, but they should be treated as one element to complete what would be necessary to complete the next element, and so on. Such a process creates a method, which creates an outcome. It is no indifferent to any other necessary piece of the project, for example investigative ability or data extraction. Computer Forensics and implementation is necessary to do things that are still logical but out of absolute reach of the normal way of thinking, it is strategy. It is the strategy that forms the process which creates the method which produces the outcome - it really is that simple but not many people understand this (not even some Government departments). The use of a computer in forensic investigation is a necessary component as a whole and does nothing not as the sole attribute. It is also the same for the reverse. Without a computer, computer forensics (in the nature of this article) would not form the process that creates the method. Computers are necessary for their speed and collective use to deliver a logical outcome. If you take one piece of the puzzle out that is the heart of the puzzle in any process then there is no process. So in reverse if someone claims to be an expert in XYZ named software, what they are really saying is 'I am an expert in using somebody else's restrictive set of rules'."
"The moral of this blog it to give an expert's point of view to distinguish fact from fiction in how a process that uses a computer is required but not the magic tool or sole tool people thinks it is. We tell computers what to do. They do it faster and either make a workable process or make an impossible process! To understand the backbone and the place of the computer in any process, it is necessity to value the hardware contribution and not the software, and that contribution may be utmost necessary to create a real process or strategy. In my eyes that is what defines innovation."
If a pineapple was able to give mechanical benefit of the raw unparalleled computer (just being one necessary component to the entire system) then you would use the pineapple, and it would be mandatory! In Forensic Investigations as we are doing facial reconstructions and voice analysis, to attain a match you need speed but you are still relying on what you first opened your eyes to as a baby. It is the mechanics of the human mind in picking the tools necessary to create the method and process that attains a result in both innovation and investigations, and this requires strategy."
I caught the stalker stalking the stalk-ee yet I uncovered the stalk-ee as the stalker- 05 January 2016 - eVestigator® - "Well it did not take long for the stalkers to come out. Well this was an interesting case that I'd like to share with you. Imagine finding a stalker that is the victim to stalking and being presented with the person being charged for stalking, and turning the tables?"
"Well it happened. I managed to completely reverse justice in this instance. Firstly, stalking is a crime and should be reported to the police but cyber-stalking is something new to this country. This is something I am an expert in as I grew up through the birth of all versions of the consumer internet and saw where things went wrong as a programmer from the age of 11."
"So, I was approached by a guy who was accused of stalking and had a LOT to lose. Despite stalking usually being treated civilly, it is dangerous, because if you get an AVO, IVO or PSIO against you it has criminal repercussions. I should know - I've got someone put to jail on a suspended sentence on this very subject. But what I did for this client was not only cost effective but well worth it. I performed some IT forensic work on his computer and found that the very person that attained a 'ex-parte' application for an intervention order was monitoring him before, during and after they sought that order."
"I'll say that again. The actual 'victim' was monitoring every email of the alleged 'stalker' whom she had forced out of the house by perjuring herself in the Magistrates court and not telling the full story. It was in fact her that was stalking him. After some simple evidence on paper (as I always report only fact) - and a mention, things reversed quite rapidly for the Applicant. So let us just say at the mention things reversed pretty quickly. It was a small but ironic success."
"It just goes to show, you can't hide behind a masked IP address from eVestigator®"
Happy New Year Everybody - and on comes identity fraud!- 01 January 2016 - eVestigator® - "First of all Happy New Year, and we do hope that you take this year to look at your cyber security techniques and learn ways to prepare for what I call CW3, Cyber War 3. Essentially, it is already happening in front of our eyes."
"This year started off with a client being the victim of Identity fraud, which branched out into credit card fraud, and very rapidly became an international fraud syndicate."
"Simon Smith (eVestigator®) is currently working on this case and cannot reveal anything until data is confirmed but it is safe to say that due to the rapid discovery of information, the pieces of the puzzle are all fitting together nicely, waiting to be finalised and validated, then reported to the AFP or ACORN."
eVestigator® solves the Fake Microsoft Support Scam (gives ACORN IP info)- 26 December 2015 - eVestigator® - "Well, this particular customer only lost $1500, but as an ex-ACORN unhappy client, he was very happy to see that I was able to identify a unique IP Address and Date/Time of the attacker. This was reported to both the ACORN and the client."
"Now, with our support hopefully an arrest can be made. We were able to find all the Australian details that our client tells us ACORN dismissed, but went one step further and via strategic Digital Forensic Programming, captured the scammer red handed - with all his/her IP details, including browser, language, origin - essentially enough information to put them away for a long long time."
"If you want your Cyber-Crime or forensic crime solved in any jurisdiction, there is only one person that can get you there. Give Simon Smith a call on 0410 643 121, and at such a minimal cost, this client is now happy that their scammer is caught. Naturally we are working on some large scale cases - but this SCAM revealed an "Indian" operation that we probably never will know the outcome of - and of course, as ACORN told the customer they could not do anything about it the first time, now hopefully with the help of eVestigator® they can. That's another success story to end the year with!"
eVestigator wishes everybody out there who is a victim of Cybercrime hope- 25 December 2015 - eVestigator® - "I wish to let you all know that no matter how hard or how big your matter is, it is recommended to take these couple of days and get some clarity and know that I will help you with your issues when you need. I am not planning a major break but there are some times I will not be available. If you are the victim of cyber-crimes or cyber related activities, know that you can still attempt to contact with me during this period."
eVestigator refunds customer a portion of invoice for doing too good a job!- 21 December 2015 - eVestigator® - "Well, we have a new win - and a victory for the client in 2 ways! For the first time in history within less than 24 hours I had achieved an outcome for my client from what seemed a massive cyber-stalking case involving an unknown stalker - with 3 Facebook profiles."
"Ironically, my first set of intelligence hit the nail on the head. Within a bit more than half the time quoted, I had actually identified the stalker of multiple forms of media - attained for my client a full 1 year intervention order default judgment and the stalking stopped."
"So in this case it took me less time and I returned the outstanding funds to my client! This is why people trust me because I do the right thing. Even though giving money back is essentially unheard off (say if it was another profession for a fixed price job) - with me, it's fair and it makes the client happy."
Sample dating scam - that just came my way- 19 December 2015 - eVestigator® - "It's almost a daily exercise for me deleting thousands of SPAM (as I don't trust SPAM filters) and of course amongst all this SPAM is the human check of reality which I can detect in about half a second."
"Here is today's dating scam that happened to make its way to my inbox. As I always say, how do they know me, where are the purportedly writing from and where am I purportedly responding to and do I even know this person and if so, why would a non-identifiable random email just pop into my door. So welcome to Svetlana."
"Hi,Im Svetlana. Are you for real?! Im interested in knowing you better but Im not sure what are you looking for? Send me your reply directly and I will send my pic."
"Now this came from [email protected] - va at qatarairwaysvirtual.net. I don't recall having anything to do with this surprisingly. Most importantly (and not that it matters to me) but we have a reply address of "[email protected]" [email protected].""It's important to realise that Russian girls called Svetlana don't just randomly email you when you have not visited to a chat site, and even if you did it would be a giveaway because they don't even know your name!"
WARNING: New Scam Email purporting to be National Australia Bank- 19 December 2015 - eVestigator® - "Dear customer,
"In our precautions against internet fraud, our bank comes up with a new policy to prevent costumers from being victims of illegal transactions."
"There are 2 steps required in this procedure, in order to avoid problems with your account."
"What should i do ?
"Naturally this is obvious - always look at the reply to address and the sent from address. Further check to see if it was actually sent to YOU and whether or not it even mentions you. Of course you should report this to the police/ACORN."
"Another obviousness is the spelling and grammar mistakes in the bank email. We all make mistakes, but you would think that a multi-million dollar institution would have a spell checking system!"
Phishing scams are all over the place, look out for the latest one- 16 December 2015 - eVestigator® - "A new email purporting to be from PayPal is lazy and one of the easier to spot scams. The subject line is 'Limited Account Please Update'. The logo looks to be the right colours otherwise it looks completely different, it starts with 'Hello Dear Customer', there are grammar errors and the sent address is [email protected]."
"If you are still not sure and they did actually guess or have your full email address correct, not just the domain, from a new browser window login to your PayPal account. If your account really has been limited there will be a very prominent message on your account to tell you so. Some scams can be hard to spot, with great attention to detail. This isn't one of them."
Sony Corporation wishes to inform you that your Identity/Location has been endorsed as the winner of $1million- 12 December 2015 - eVestigator® - "Well today I'm feeling lucky. I woke up to this:"
"Please send Ur Name address age Tel for More Info. Your Sincerely, Mrs. Barbara Deemer [Your Sony Key Code: SYUK0303#]"
"I WON! It's amazing. Firstly let us take a look at the email domain it comes from: Sony iPrize ([email protected]) seems interesting, but I want to know how it got to me. It is sent to: winner ([email protected]), with a reply to address of: [email protected]"
"Well, so a) they didn't know who I was, b) they are not Sony and 3) what has Yale got to do with Sony? In this instance I deem it obviously as fake and unless someone at Yale is fraudulent, then I would count this as SPAM."
"The moral of this story is 'phishing' is the art of purporting to be someone or some entity you are not. This could probably be just someone trying to bring down Yale's servers in a DDOS attack. Either way the first thing to look for is 'Why me, and is it really me they are sending to or is it generic?' The second thing to look at is at 'what domain does it actually come from and is it the domain of the real company?' Then you need to look at any reply-to addresses, as people might use a legitimate spoofed sending name and address and beautiful graphics to fool you, but if they want your details, unless they are Sony, the reply to address will tell you really where you are sending your personal information to."
"Typically, a scammer would make a domain or add a sub-domain to an existing domain like [email protected] or [email protected]."
"Finally as Judge Judy says, if it doesn't make sense, it's not true! She's very right"
Grief and Trauma and how an Investigator needs to understand- 08 December 2015 - eVestigator® - "I am the former CEO of Australia's largest marriage celebrancy Academy. I authored and taught thousands of students via my own written course materials in grief and trauma, conducting funerals and the like. I also draw upon my Graduate Diploma in Family Dispute Resolution, Nationally Accredited Mediator status and Bail Justice Training Course as well as relationship education experience as a marriage celebrant and counseling qualifications."
"This week has started off with some pretty serious cases m An Investigator by all means should not claim to be an expert in this area but at minimum I believe must have some training to enable them to determine whether a case is needing to be paused pending more important health reasons. At least having a toolkit of referral information and some training to determine whether or not you can rely on instruction from your client is mandatory."
"I have often had to suspend the case asking my client to consider first attaining outside help. I sometimes must rely on such expert medical opinion to ensure I am doing the best job for my client. Investigators have to have empathy and know where they stand and clarify instructions carefully as for both parties it is not conducive to the case, if the client is unwell. I have direct experience in handling such cases and especially knowing how to detect and refer."
A simple fast victory stopping 1 year of trauma- 05 December 2015 - eVestigator® - "When somebody knows your every move you have to wonder how? Most importantly it is best to get onto it straight away and not put up with threats or extortion as it is a crime and potentially the longer you leave it, the higher probability of data loss and more emotional trauma."
"I succeeded today in an extortion case where people may think they are safe behind a mail.com email, a fake Facebook account or a prepaid mobile, but think again! Whilst sometimes there are technical restraints, a good investigator has to use logic and simply strangely enough common sense. An arrest will be made and justice will be served in this case for only 2 hours cost to the client of my time and I get to enjoy the weekend too."
An investigator does more than just the job at task- 05 December 2015 - eVestigator® - "In a current case I am working on I noticed on the side a discrepancy in the billing and conduct of previous dealings in the case. Completely voluntarily I offered my client to look at the legitimacy of those charges and do a little bit of forensically informed conciliation. Bang. 13,000k given back to my client they never would have had. I give my all to every customer so when looking at an investigator you need to look at the proactive capacity and passion they have for their work. They were over the moon and never would have known about this." "Having built some of Australia's largest educational institutions valued at over $26m as well as being an expert auditor I had no trouble in just 3 discussions and 4 emails attaining in a separate capacity $13,000 worth of credit for my client of which I sought no benefit rom. I just like people not getting taken to the cleaners! $13,000 was welcomed, believe me."
"In a similar unrelated case I anticipate just through my mediation and conciliation add on skills, I may have spotted an opportunity for my client to recover up to $40,000 for unlawful charges. In no way am I a debt collector and in no way do I want to be one :), I am just making this statement to show my intuition and problem solving skills out of court. I am not a lawyer and do not ever claim to be one, but I am certainly equipped to understand what is right and what is wrong, both ethically and in common sense human behavior."
"There are lots of good lawyers out there and I rely on them sometimes to present my expert evidence. The point of this blog is with me, you don't just get a phone call or suspicion without supporting evidence, you get fact (and fact only - good or bad) and action if there is action to be taken on any angle. That is why people choose me. Please feel free at any time to view my Vocational and Higher Education level Qualifications above."
eVestigator succeeds again. Finds a criminal stalker forensically in 4 minutes- 05 December 2015 - eVestigator® - "Yes you heard correctly. Never before has it been this easy. Investigations are not just about expert computer forensic knowledge. They are about strategy. People often ask how much to find this person? How long is a piece of string that has cuts and twists and tangles all the way through? Strategy and direction and the complementary knowledge of having grief and trauma qualifications and teaching this discipline, a counseling diploma, combined with being a Nationally Recognised Mediator as well as a Family Dispute Resolution Practitioner, Marriage Celebrant and having a qualification from Victoria University in the 2011 Bail Justice Training course lets me have some level of directional intuition. Hence, 4 minutes :) The customer is very happy and that is the main thing! "
Just a quick note to keep your eyes open wide on the media as eVestigator has busted potentially Australia' Biggest Scam- 05 December 2015 - eVestigator® - "Well I must not say too much until it is charged but I uncovered one of Australia's if not Australia's biggest scams and forensically identified the offender. Keep an eye on the media."
ACORN - I must say I'm shocked- 02 December 2015 - eVestigator® - "May I direct you to the section of the website dedicated to what I have achieved and discovered from some disgruntled ACORN customers of which many cases I have solved. Please read the article which will be updated regularly near the top of this site. "
Timing of police serving intervention orders- 01 December 2015 - eVestigator® - "Well you have a victory, you do the hard work and attain an intervention order on behalf of your client and over 24 hours later the cyber stalker strikes again. In this instance with the excellent assistance from the police it is not served yet but may be in a day or two. It is fair to give everyone an opportunity to be served but it is a hit and miss on the timing opportunity. A breach and arrest would have been made but there is always next time!"
What happens when a client doesn't take your advice?- 01 December 2015 - eVestigator® - "This is often a sticking point for most Investigators/Mediators. You may have seen the text book scenario unfolding so many times and yet if somebody believes they cannot do something they cannot do something."
"Similarly if someone believes they can do something they can do anything! I wish to report another success story today. A dangerous stalking/harassment case turned nasty where I saw the alleged 'victim' almost having conversations with himself setting up a plan for an intervention order"
"I predicted this action in the words spoken and am very proud to say that this person who was alleging they were the victim and constantly harassing my clients, building a story ready to get an ex-parte 'lollipop' injunction. I therefore instructed my clients 2 sets of important advice. One - go to the police but 'in a certain way to a certain officer' and Two - go ask for a statement to be made again 'in a certain way in a certain manner' and Three - ask for the police to take out a Personal Safety Intervention Order as this man is likely to breach it as it was getting so obsessive and dangerous to the point of physical danger to my clients lives - and guess what - they got it!"
"A good investigator doesn't sit there and watch people they know 'human nature', 'process' and 'procedure' and naturally, areas of failure and potential human barricades. This advice worked perfectly and now they can concentrate on living safely after years of harassment, bullying, false accusations and stalking. That was a good result."
"Those that don't listen to advice or believe in an outcome will get that outcome, there has to be a point where trust is earned and respected, and then justice can prevail!"
The line between Defamation, Stalking and Imagination- 30 November 2015 - eVestigator® - "Well another successful week has passed. I have solved 4 cases this week. People often don't realise the crimes they may be committing. This week we have seen people lie and caught out by me in court, false imaginative creations of stories of which they may have lied to a Magistrate but don't realise my evidence won't only overturn their allegations, but potentially get them in jail!"
"No matter how it is framed, if you lie you may leave a digital fingerprint that gives you much more than you ever bargained for. Let's just say that if you think you are anonymous behind six Facebook accounts, think again. Upcoming will be a rather large blog entry relating to how the Internet and social media will destroy our privacy and show what I already see now as the new war so many are untrained to understand. The Cyber War!"
eVestigator® annihilates an intervention order action with a forensic defense - Who really is the stalker?- 28 November 2015 - eVestigator® - "This is a story that I'd like to share with you, anonymously of course. It is a well-known fact that people can lie in court and in Victoria (the Acts change but represent similar systems in other states) the Personal Safety Intervention Orders Act allows a person to enter the stand ex-parte and allege an incident and occurrence, and likely achieve an interim intervention order potentially destroying someone's life for the next 2 months before they get a contested hearing."
"This is an area that I forensically specialise in and would like to share the story of how useful a Forensic Factual Investigator can be in these instances. Understanding that there is a serious risk of an order being placed on a person (if it was not a correct series of events), the bigger risk is the breach. I have done over 50 cases but none like this. A breach could potentially give someone jail time and a fine depending on the complexity of the breach and the police's willingness to follow through with it. Remember, all this can be initiated civilly with a lie."
"One such case occurred where my client was alleged to have been stalking a person and keeping him under surveillance. After only 2 hours of forensic investigation of her iPhone, social media links and internet behaviour, I found concrete black and white evidence that his exact iPhone was logging her under surveillance before during and after the interim intervention order was granted!"
"Even further I found it had been going on far before and way after. The evidence I committed was compelling. It happened to coincide with what people don't realise could be a digital fingerprint. I suppose, if a person who accuses they are being stalked, and goes on the stand under oath, and then my client comes up with the name of his iPhone literally stating say "James's iPhone" has logged in every day to her account before during and after he placed an intervention order, then that is somewhat strong. More so, it was found coincidental to be happening after the order was granted with the release date of the iPhone, and forensically the phone was proven to have had its password physically changed and tampered with during these events, and synced to his iPhone."
"Not only for my client did this mean that they are actually the ones being stalked, a crime of surveillance has been committed, and the use of her mobile phone was intentionally tampered with to set the new password as my client could always login via the phone but not the computer. The tracking and forensic data further proves that my client was potentially the subject of GPS surveillance. So it looks like someone is up for charges. My client for just a couple of hours has probably saved thousands of dollars in unrecoverable legal fees in a no cost jurisdiction and has evidence to charge him with perjury, stalking, and using an electronic device to track a person."
"So I'm guessing that the gentleman that attained the intervention order without truth is going to regret ever getting on that stand. eVestigator® gets results."
Best Outcomes Advice- 02 November 2015 - eVestigator® - "Although it can be hard to know where to start, to take full advantage of any investigation time it is important to be clear in your brief to us so we can focus our attention in the area you need. Carefully consider the worth of new information compared to what you know and take a 'needle in a haystack approach'. These messages relate to successful iPhone, iPad and Android investigations, and believe me when I say if you think you have deleted something, think again! Sometimes not even the device is needed to attain intelligence. We have succeeded in this area and have many happy customers attaining answers that are crucial to them. Some criminal, some civil, however all equally promoting the same message."
The 'Cloud' (a friend or foe)- 09 November 2015 - eVestigator® - "The lesson for this week is to be careful what you put on your iPhone or Android device. Regularly backing up your devices is prudent, but pay particular attention to where you are backing anything up to and also how they protect the transmission and redundancy of the data."
"A lot of people find value in open source 'solutions' and 'plugins' like Word press and all these magical instant websites and themes (I call it a lazy man's programming- sorry but I'm just being honest). Not that there is anything wrong with a template but that is not logic. From what I've seen in relation to hacking, you want to say thank you for the visual and goodbye to the 'supposed' programming. Real programming (in my opinion) is to control and write my own code, I'm sure you can appreciate if someone knows the exact code behind your entire website, they clearly can read backwards and reverse engineer such 'common' open source. This could cause criminal or civil repercussions or identity theft."
"eVestigator® can forensically search and locate any remnants and security holes of corporate networks to properly and securely backup (or perform an emergency forensic data restoration) efficiently with both redundancy and security, keeping in mind (in the case of individuals) privacy. Imagine a non-programmer running your entire income stream of which you have no access to the code behind it. Then one day, all your income stops and an error pops up. What would that do to your business?"
"We have extensive experience in larger cases and have had quite a few wins. One such client won an uncontested hearing and is now gratefully seeing the end of a tormenting period of time and benefiting from the complimentary and combined skillset of eVestigator®, plus the $200k default judgment we helped control and coordinate with handpicked lawyers might have put a smile on her dial!"
Android Devices - "Apparently the FBI has fined you- 11 November 2015 - eVestigator® - "The latest amazement of the week was the famous modal screen bypassing all your Tablet or Phone with a message stating that you have been caught by the FBI watching porn and must pay a fine. 3 minutes and it has gone, but people these days create scams and viruses in a new way. Think of the psychology behind it. Everyone probably has an eBay account. An email purporting to be eBay can be made up by someone in about 5 minutes, leading to a $1 domain called ebay123.com for example.
"Amazingly it looks exactly like eBay - because it's merely a capture of the screen. The lesson here is in one of my golden rules (check the reply email address) - although even that with a virus affecting your local DNS could spoof that. However the point of the message is about the psychology. Who doesn't have an eBay account? The lesson here is to look at the start and the end (not what you think is the middle). Did you make such a transaction or debt, and who are you communicating with. eBay is the trick. It diverts your attention away from the real method of the SCAM which is so obvious, but by then you've already seen the colour logo's, clicked the links and sharing your identity with someone in a foreign country."
eVestigator® gets IP Address to solve cold Acorn and High Tech Police Cases in Record Time, attaining a Suspended Jail Sentence as against the Defendant. "In 2 separate cases, eVestigator was approached as a last resort by some very unhappy victims. One had been waiting 5 years, the other 1 year. It is good to see the government is doing a great job in 'determining' there is a problem - with this new 'war' - the 'Cyber War'. It is fair to say it is also ever-changing and new technologies and ways of security breaches and exposure to identity via social media is expanding at an enormous rate. The cases are naturally very complex and can lead to both criminal and civil liability. However, there was a case that sat with the Victorian High Tech Police Unit for over 5 years (one of eVestigator's cases many years ago) which was solved in just 2 weeks from Cyber Investigation, leading to a possible sentence to jail or suspended sentence."
"How? Facebook, intelligence, common sense and other mechanisms. Further, he has also just solved a case that was delivered to Acorn gathering dust for over 1 year, in 1 day. Further, he has personally seen factual wrongdoings from IBAC. This is just Victoria!" "The message is, that clearly there needs to be more emphasis or resources on education at a young age because people simply don't know where to go, and in both instances, the delay was potentially more damaging than the conduct found in the investigation. It still is no doubt a good thing for Parliament to have mechanisms in place but are they working? Also the crime itself is half the story. The trauma and grief that follows the victim from being held waiting can lead (and has lead) to people having to get themselves onto mental health plans merely due to the injustice and time delay."
eVestigator attains a massive victory and solely defeats the entire WA GovernmentTraining Accreditation Council board's erred decision worth proving the government does not even understand their own regulatory definitions. "Well everybody said it could not be done. eVestigator® Simon Smith invented, successfully passed at audit and created a massive private accredited training college like as big as a Private TAFE.
The Training Accreditation Council however refused to a) make a decision in breach of legislation (despite 3 of their chosen auditor's declaring a pass on the audit) and b) refused to register the RTO (Registered Training Organisation).
A skills recognition initiative (the largest private institute in the southern hemisphere)."
"After 3 years of demands against the board who had no lawful excuse 'not to grant it' to make their decision so it could be appealed, so they did, on baseless grounds. Almost 2 years later, evidence from eVestigator® Simon Smith (of which Slater & Gordon could not achieve) given on appeal to the State Training Board deemed the Training Accreditation Council to have erred several times in breach of the standards not once, but twice, and reversed the decision around 5 years later.
The damages are expected to be at minimum $20m. It is noted though, that the WA Ombudsman was completely wrong and justice sometimes does exist. This cost WA thousands of jobs and skills upgrades and deteriorated market growth from Mr. Smith's creation. The State Training Board were undermined and forced to reconvene twice and found in Mr. Smith's favor twice - and later stated words to the effect of, "Never before have we seen anything like this", and have requested the Minister make changes to the system. Mr. Smith is unable to make any comment as to this matter.
Simply click on the map and you will be taken to the official eVestigator® page.
Receive an email whenever there is a new blog post in the eVestigator Blog.