Making email migration an easy ride - time after time!

E-mail Forensics and Advanced Outlook Analysis

E-mail Forensics and Advanced Outlook Analysis

How to use “Data Extraction Kit for Outlook” for advanced analysis, e-mail forensics and e-crime investigation – step-by-step guide

Data Extraction Kit for Outlook is a versatile Outlook data conversion, migration, email forensics and analysis tool. In this article, we will explain how to use the program for conducting forensics analysis, internal investigations and data collection.

Using Data Exctaction Kit for the email forensic and e-crime investigation

Step 1

Once you’ve downloaded and installed the program, run it from the Start menu or use a shortcut on your desktop.

Software installs two shortcuts – one for 32-bit and another for 64-bit software. The software and Outlook bit should match. If you have 32-bit Otulook installed, you have to run 32-bit shortcut, if Outlook is 64-bit, you have to run 64-bit Outlook.

You will see the main program window divided into several key areas: control panels on the left that are used for configuring the settings of the data conversion process and applying item filters, a process log area on the right-hand side of the screen and a Reports button located at the top.

Step 2

Click the Reports button to open a drop-down menu prompting you to select one of the two possible sources: an Outlook profile or a standalone PST file. If you want to generate a report on the contents of an Outlook profile used on this computer, go with the first option.

Reports button opens the list of available reports

If you have a PST file copied from the source system, choose the second option. In both cases, the program will ask you to specify the name and location of the destination file, as well as the name of the source Outlook folder or PST file.

Outlook Folder selection dialog

You will be prompted to specify the Outlook folder to get data from. Here you have to select one of available Outlook or PST folders and press Done button. To export all Outlook folders and subfolders you may choose the root one (it is called “EML to Outlook Transfer” on the example picture).

Step 3

Once done, the program will generate a detailed report in the form of a CSV (comma-separated values) file. This file can be immediately opened in Microsoft Excel (or any other supported software) for further analysis using its powerful search and filtering tools.

Prompt to open report file

Example

Let’s consider the following situation: you know that a serious data leak occurred between October 1 and December 12, and that the email containing the leak is likely to have been sent to someone whose address is in the hotmail.com domain. Given that your email archive may contain thousands of email messages, locating a particular item meeting these criteria in Microsoft Outlook would be quite a challenging task. However, once you have all the information in Microsoft Excel, you can use its fast search, filter and sorting functions to quickly narrow down the search scope.

Excel icon

Excel lets you run searches on a particular sheet or workbook, search by rows and columns, narrow down the search scope to particular areas, make queries case-sensitive and more. In addition, Excel does a great job opening extre

mely large tables and allowing you to work with them with decent performance. Finding a particular piece of information is relatively easy with Excel using its data filtering and sorting tools. For instance, you can run the following query:

  • The sender’s email address contains “Hotmail.com”
  • The CC field is NOT blank
  • The BCC field is NOT blank

to find emails from a potential suspect. Once you have the search results, you can identify messages with attachments and act according to circumstances.

Once you have located the necessary email or an entire thread, you know where you should be looking in your original file. Start Outlook and run a search using the criteria available in Excel, such as Subject and Date Range – and you are done!

You can now use Outlook data extractor software to extract this email (or set of emails) to any of the supported formats.

A non-standard way of using an Outlook data converter

As you can see, Data Extraction Kit for Outlook is more than just a powerful Outlook data extractor, PST to EML converter and migration tool. It’s a technically complex, yet easy-to-use solutions that gives you full control over the contents of PST files and allows you to find very specific information in email archives of any size.

Other Tutorials


Gmail to Outlook Converter Box

How to export Gmail emails to PST?

Gmail to Outlook Transfer – User’s Manual Gmail to Outlook Transfer (click here to download) is Read more

Netscape to Outlook Converter Box

How to transfer Netscape Mail to Outlook

Netscape to Outlook Transfer – User’s Manual In this article we answer one important question many Read more

Mac Mail to Outlook Converter Box

How to Transfer Mac Mail Emails to Outlook

Mac Mail to Outlook Transfer – User’s Manual In this article, we will show you Read more

MSG to PST Converter Box

How to import MSG files into Outlook?

MSG to Outlook Transfer – User’s Manual Even though “email conversion” may sound technical and complex, Read more

Mac OS to Windows email migration

How to convert Outlook for Mac to Outlook for Windows?

Email migration from Outlook for Mac OS to Outlook for Windows platform may be simple Read more

How useful was this article?

Click on a star to rate it!

Average rating / 5. Vote count:

As you found this post useful...

Follow us on social media!

We are sorry that this post was not useful for you!

Let us improve this post!

 
Comments

No comments yet.

 

E-mail Forensics and Advanced Outlook Analysis

time to read: 3 min