This course provides an overview of the actions investigators can take at the outset of a financial crime investigation. Students learn to ask critical questions, gather documentation, and analyze information for leads. Topics include obtaining and working with financial records, red flags in financial cases, money laundering, investigative strategies for different types of financial crimes, and commingled funds.
This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically-sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, available acquisition options, accessing locked devices, and the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the hunt methodology for analyzing third party applications not supported by commercial forensic tools.
Mobile device hardware fundamentals. How mobile devices work, store data, and interact with a variety of networks.
Device handling. Properly preserving data for imaging and analysis. Identifying potential threats to data integrity.
Device acquisition and security. Acquisition options (physical, logical, device backups). Bypassing passcodes and properly defeating encrypted backups of iOS devices.
Advanced analysis techniques. Mounting images, partitioning scheme and default folder structure, types of artifacts (plists, SQLite databases, etc.).
This course introduces analysts to the broader concepts of connecting the dots through link analysis. A critical portion of conducting a successful analytical investigation is the ability to link together and understand the complexities of the connectedness between people and organizations. Introduction to Link Analysis (ILA) expands on the basic principles of link and association analyses explored in the Foundations of Intelligence Analysis Training (FIAT) while building a framework for more advanced methods such as social network analysis.
Expanding basic knowledge of link and association analysis
Explaining the process of social network analysis
Understanding the visual mapping and mathematical components associated with link and social network analyses
This course provides students with the fundamental knowledge and skills they need to investigate crimes involving virtual currency. Instructors explain foundational concepts like the characteristics of money, virtual currency, and cryptocurrency. Blockchain technology, proof work, and proof of stake are covered; and students learn how industry-leading cryptocurrencies (Bitcoin, Ethereum, and Monero) work and how they differ from each other. Finally, students learn investigative techniques for tracking and documenting transactions; and best practices for seizing and securing cryptocurrency.
*Virtual currency basics. History of money and of virtual currency. Categorizing virtual currency.
*Blockchain. History of the blockchain. Understanding different protocols.
*Cryptocurrencies in detail. Bitcoin, Ethereum, Monero and other privacy coins.
*Investigative techniques. Seizing virtual currency; tracking transactions through the blockchain; documenting investigative results.
This course promotes a multi-agency approach to the problem of financial exploitation of senior citizens. Bringing together law enforcement personnel and adult protective services investigators, the course enhances students investigative skills and interviewing techniques while facilitating networking and cooperation that can extend out of the classroom and into real cases. Topics include recognizing elder abuse, working with victims, identifying perpetrators, and resources for investigation and community awareness. Students work together to conduct a mock investigation into a hypothetical case.
*Financial investigation basics. What constitutes elder abuse? Family and trusted persons as perpetrators. Statutes and sentencing enhancements.
*Senior victims. Reasons for vulnerability. Special needs like Alzheimers or dementia.
*Resources. Community awareness and investigative resources.
*Hands-on experience. Work a case as part of an investigative team.
This one-day course provides foundational spreadsheeting knowledge and skills to enhance workplace productivity. The course covers basic navigation of Microsoft Excel by combining live demonstrations and hands-on exercises.
Work with multiple worksheets within a workbook
Hide, unhide, and protect worksheets
Adjust rows and columns
Use copy and paste options
Find, select, and sort data
This course provides the fundamental knowledge and skills required to acquire forensic backup images of commonly encountered forms of digital evidence (Microsoft Windows based computers and external storage devices) in a forensically sound manner. Presentations and hands-on practical exercises cover topics on storage media and how data is stored, the forensic acquisition process, tool validation, hardware and software write blockers, forensic backup image formats, and multiple forensic acquisition methods. Students will use third party tools, both free and commercial, that are currently used by practitioners in the field.
This course covers basic intelligence writing and briefing principles as well as methods for effective and clear intelligence sharing. Topics covered include creative and critical thinking, critical reading skills, source evaluation, privacy and civil rights, intelligence writing style and structure, and generating and presenting intelligence briefings. With guidance from experienced experts, students gain hands-on experience by working through data sets based on real cases to produce intelligence products. Instructors and peers provide feedback on briefings and reports produced and presented in class.
*Foundational skills. Creative thinking. Critical thinking. Critical reading.
*Information sources. Identify sources of intelligence information. Evaluate sources for validity and reliability.
*Analytical reports. Develop a structured and actionable analytical report based on a data set given in class.
*Privacy considerations. Ensure protection of privacy and civil rights while producing intelligence products.
*Briefings. Construct and deliver an intelligence briefing based on a data set given in class.
This course prepares students to identify various artifacts typically located in property lists and SQLite databases on MacOS-based computers, as well as learn how to perform forensic analysis. Students gain hands-on practical experience writing basic SQL queries and using to analyze operating system artifacts that includes, but is not limited to, user login passwords, FaceTime, messages, mail, contacts, calendars, reminders, notes, photos, Safari, Google Chrome, and Mozilla Firefox.
This course builds on the concepts introduced in FC101 (FIPS) and FC105 (FREA), introducing investigators and prosecutors to emerging issues in financial crime. Topics include money laundering, analyzing large financial data sets, conducting effective interviews, and managing large amounts of financial evidence. This course consists of a mix of lecture, discussion, and hands-on exercises. Students conduct a mock investigation that includes interviews, data analysis, and the examination of various documents.
*Money laundering. Methods of laundering money. Tracing illegal funds. Emerging issues. FinCEN.
*Spreadsheeting skills. Spreadsheet architecture. Formulas and calculations. Pivot tables.
*Working with financial data. Benfords law analysis. Disentangling commingled funds.
*Hands-on experience. Work a mock financial case as part of an investigative team.