Researchers at Concordia University have developed a reliable technique for revealing the identity of anonymous email senders, reports the Concordia Journal. In fact, the method is so reliable, it can be used to provide evidence in courts of law.
“In the past few years, we’ve seen an alarming increase in the number of cybercrimes involving anonymous emails,” the study’s co-author Benjamin Fung, a Concordia professor of Information Systems and Engineering, tells the Concordia Journal. “These emails can transmit threats or child pornography, facilitate communications between criminals or carry viruses.”
The technique was first developed based on the need of police departments to be able to identify who wrote a particular email sent from an IP address used by multiple people. Fung and his team aimed to develop a technique which was reliable enough that it could be used in official investigations.
So how does it work?
First, analysts must identify patterns in emails written by a particular subject, like the suspect in a police investigation, for example. They must then narrow down the patterns to those that are unique to the subject, and discard those patterns that are duplicated by other suspects.
These unique patterns have been dubbed a “write-print,” and are said to be as distinctive as a fingerprint, and are the key to identifying the exact author of a particular email.
“Let’s say the anonymous email contains typos or grammatical mistakes, or is written entirely in lowercase letters,” says Fung. “We use those special characteristics to create a write-print. Using this method, we can even determine with a high degree of accuracy who wrote a given email, and infer the gender, nationality and education level of the author.”
Fung and his team tested the technique on a batch of 100 emails taken from the roughly 200,000 emails written by 158 real-life Enron employees. The team used 10 emails for 10 different people, and were able to identify the correct email author with 80 to 90 percent accuracy.
Perhaps now would be a good time for the hacktivists at Anonymous to stop writing all those press releases. Just a thought.
- Firefox just got a great new way to protect your privacy
- AI is making a long-running scam even more effective
- Gmail client-side encryption adds security for businesses
- Apple’s security trumps Microsoft and Twitter’s, say feds
- LastPass reveals how it got hacked — and it’s not good news