Wk4 Findings Assignment Mitchell K

.pdf

School

American Military University *

*We aren’t endorsed by this school

Course

455

Subject

Information Systems

Date

Apr 3, 2024

Type

pdf

Pages

5

Uploaded by SuperHumanMoonGoldfish41

Report
3.8 Email 6: JLA Enterprise and Sabre Project - October 17, 2019 - 1209 hours On , at hours, sent another counterfeit email, however this time posing as Dwight Schrute ( ) with the goal of establishing further legitimacy for the wire transfer (Forensic Comment: SCOTT’s first email using the count erfeit Dwight Schrute email account). In the email, (as Dwight Schrute) asked Dr. Jim (Forensic Comment: APUS believes this to be ) to be the contact person with (Vice-chancellor, University Medical School) (Forensic Comment: is using this part of the email message to establish HE is and knows a project that is working). In the second part of the email, SCOTT stated his (Dwight Schrute’s) company now runs the investor, since the contract with had already expired. The m essage originated (“x -originating- ip” located in the raw email header and Figure 20) from , a Corporation, an outbound outlook mail server in (Figure 21). Figure 1 - abernard@jlaenterprise.com auto-forwards to andybernard@abcglobal.net Figure 2 - IPv4 Geographical Location - 192.155.90.47
Figure 3 - Email 6 - Dwight Schrute (Counterfeit Account) to Andy Bernard and Jim Halpert (Legitimacy)
3.10 Email 8: Sabre Project - October 17, 2019 - 1337 hours On , at hours, sent another counterfeit email, however this time posing as (abernard@jlaentreprise.com) addressed to and legitimate email accounts while sending a carbon copy to the counterfeit email address ( ). (Forensic Comment: The email account is controlled by ) stated HE (as Andy Bernard) would read all the emails again and provide an answer later that day. However, HE (as Andy Bernard) asked to acknowledge the new wiring instructions as confirmed by Dr. Jim (Forensic Comment: APUS believes this to be ). asked to work directly with him on t he project. The message originated (“x -originating- ip” located in the raw email header and Figure 26) . The same IPv4 address used during section 3.7 Email 5: Sabre Project - October 17, 2019 - 1123 hours and section 3.9 Email 7: Sabre Project - October 17, 2019 - 1325 hours. The IPv4 address is now associated with , counterfeit email account and counterfeit email account. Figure 4 - abernard@jlaentreprise.com to dwightschrute68@gmail.com and nee.beesly@gmail.com
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help