On the other hand, it is also increased the number of cybercrime attacks. In this write-up, we are going to discuss “how investigators can perform the email forensics of OLM file associated with Outlook for Mac system?” What is the Need for Outlook for Mac Forensics?Development of advanced features within the updated versions of email clients has provided ease for communication across the globe. It is available for both the operating systems i.e., Windows and Mac systems. One of the widely used email clients which are also targeted by cybercriminals is MS Outlook.
![]() ![]() In order to access the message Source, select the message and right-click on it and choose ‘View Source’Message Source of the email in Outlook for Mac looks like this:It consists of email file header portion, but not the whole body content. These files are present the extension (.olk14MsgSource) containing message in plain text ASCII, Unicode, or both formats. Message source stores the email content located under the “Data Records” directory. Here, n defines the sequence, and K is used to denote thousand according to the default naming convention used by Microsoft for naming folders such as T – Trillion B – Billion M – Million and K – Thousand.It contains the most important part of the content as far as forensics investigation is concerned. Multiple file directories are present under this folder such as Calendar attachments, contacts, messages, message source etc.When the Message folder inside the “Data Records” directory is opened, users can see many other folders before reaching the main message in the format of the nK directory. Contents of Outlook for Mac Profile are as follows:As stated above, Identities are used in Outlook for Mac system and it contains a directory called “Data Records” containing all the data items or files of the particular Outlook profile. The tool provides multiple functionalities like search mechanisms based on algorithms, recover deleted data, multiple preview modes of emails and attachments, export evidential files, and many more. Outlook Mac OLM File Forensics Using MailXaminerMailXaminer is efficient email forensic software, containing a wide variety of powerful advanced features. The resultant information can be studied manually or with the help of an efficient Email Forensics Tool like MailXaminer. It can be used to extract the important information related to the message like sender details, IP address, receiver details, MIME version, etc.The collected email data from the suspect’s Outlook OLM file can be compiled together. Message Source contains many details about the email and related data in terms of forensics. A local copy of the email message is created when they are downloaded. Best backup software for mac reviewAn “Add File” pop-up window will open, now select the file type and “Browse” the location of file from the system. For this, select the “Add Evidence” tab. Further, we will discuss the process of investigation and searching for evidence in OLM data files using MailXaminer software.Step 1: At first, users need to add the suspected file into the software to start the examination process. To export the files from the software, just select files, and then click on “Export”. Using these different views of emails, investigators can extract hidden data and search the evidence from email filesStep 5: Under the “Attachments” tab of the “Media” section, one can view all the attachments from the scanned email files in a list without opening the whole messageStep 6: MailXaminer also provides an option to export the evidence report in any desired file format. Then, choose “Preview” option from the listStep 4: It provides different preview modes such as Normal mail, Hex, Properties, Message Header, MIME, Email Hop, HTML, RTF, Attachments, and Word Cloud. For this, just select the email files and right click. MailXaminer is an efficient utility that allows deep examination of the emails of Mac Outlook. Several investigation tools are available in the market to resolve cyber-criminal acts. The in-depth investigation on the Outlook for Mac OLM file has been described after analyzing the contents of the OLM file used by the suspect. Then, click on “OK”.The blog has aimed to understand the need for forensic analysis associated with email clients like Outlook for Mac.
0 Comments
Leave a Reply. |
Details
AuthorJoe ArchivesCategories |