Tracking the pandemic thread with Oxygen Forensic Detective

Nowadays, as a novel pandemic spreads across the world, it may be up to law enforcement to identify those who might be infected and who they may have contacted. This task is not an easy one since people don’t naturally keep track of their daily movements. As a result, when asked directly, the information given might be incomplete or incorrect.  This uncertainty will cause complications and left alone could mean additional people could be exposed and subsequently infected. At Oxygen Forensics, we always try to anticipate your needs, and this is why Oxygen Forensic®️ Detective is a valuable tool during times like this. 

So, what can be done?

Filter the events in Timeline by date to view only those that happened recently.

Open geo data in Maps to review recent routes and visited places. While various fitness trackers can store valuable data, locations can also be recovered from photos, messages, reminders, and events. In the US, it is also possible to get coordinates of the Wi-Fi hotspot a phone connected to via MAC address.

Note that location data may not be recorded for all activities. Therefore, it would be beneficial to check all social connections on the Social Graph, filtered in the same way. Information for meetings are recorded directly and indirectly. Some examples of meeting information that would be recorded directly are invitations to things like dinner or movies, while mentioning a meeting to someone on the street or grocery store would be recorded indirectly.

The next pile of data worth looking into is data from calendars, organizers, and other apps. Some meetings, generally more official ones, as well as memos about public events, may be recorded there.

Check everything?

Are you sure?

If you want your analysis to be more comprehensive, use our built-in Oxygen Forensic®️ Cloud Extractor to extract data from clouds. Credentials and tokens for cloud services could be imported from Accounts and Passwords section available in the main extraction screen, or they could be entered manually if known. 

After the credentials and tokens are verified, data can be extracted. The user can save the extraction or import it directly into Oxygen Forensic®️ Detective. Naturally, we recommend the latter option for the most swift and seamless experience.

After the import, check the above mentioned data categories to uncover more data which could be important and of significant help.

Much like Oxygen Forensic®️ Cloud Extractor obtaining cloud data, investigator can also use Oxygen Forensic®️ KeyScout to recover relevant data from a person’s computer or laptop, be it operated on Windows, macOS or Linux.

To use KeyScout:

1. Open Oxygen Forensic® Detective;
2. In the Oxygen Forensic® Detective’s tools menu, select Oxygen Forensic® KeyScout;
3. Add keyscout.exe to removable media.
4. Run KeyScout on the target computer;
5. Save collected data to an inserted removable drive (this collection will contain both an ocpk file and odb file).
6. Investigators can import the ocpk file to Oxygen Forensic® Cloud Extractor and the odb file to Oxygen Forensic®️ Detective.

The investigator could then uncover visited geo locations from the names of Wi-Fi hotspots, information about meetings or social gatherings from Calendar or Reminders data as well as from social and messaging apps installed on PC, and, to some extent, from web browsers history (frequently visited pages of the events, online-bought tickets or reserved places).

Any of this data may be crucial when it comes down to the safety and comprehensiveness of an investigation. If you have any questions regarding the use of our product on similar cases, feel free to contact us. We will be happy to assist you.

If you have already used our product on similar cases, feel free share the feedback with us! We’re always here to help you!

Stay safe, and keep the world safe, with Oxygen Forensic®️ Detective!

P. S. All things considered, we would like to inform you that we have decided to extend the licenses that expire this February, March, April or May till June 1 FOR FREE at the user’s request.

If your license is active, but you are working from home, CONTACT US to get your FREE DEMO LICENSE with all the features of the full version. We’re right here by your side.