Reviewing Email Evidence with Email Explorer in Magnet AXIOM Cyber
“This meeting could have been an email” has become a running joke (and sometimes a legitimate complaint) in many offices, but also highlights the continued importance of email communication for businesses. In a recent summary of workplace communication, 74% of employees reported that they rely on email as their primary method of communication.
With the continued prominence of email in corporate settings, we’re thrilled to unveil a highly anticipated feature to AXIOM Cyber: Email Explorer.
A New Yet Familiar Look at Email Evidence
This new interface helps you manage emails by presenting them in an intuitive and familiar format that mirrors the appearance of common email platforms.
Email Explorer presents messages similarly to how the sender and recipient would have originally viewed them, providing important context that may otherwise be missed. Much like a native email platform, Email Examiner provides several filters and search capabilities to narrow in on specific message times or themes to help manage the volume of data.
When reviewing evidence, you can use Email Explorer to tag both the email message and attachments as evidence at the same time—saving you from the tedious and time-consuming task of manually linking and tagging attachments to emails. Recognizing that reviewing email evidence is especially important for eDiscovery investigations, we have also added the ability to easily select and export multiple records for legal stakeholders.
Supported Email Sources
To ensure your investigation includes all of the necessary email evidence sources you may encounter, we have included support for:
- Cloud Gmail
- Cloud IMAP/POP
- Cloud Outlook
- Cloud Apple Mail
- Cloud MBOX
Email evidence from any of the above sources can be examined in Email Explorer using the advanced search and filtering capabilities to help you quickly surface the email evidence that is required for your investigation. Recognizing that reviewing email evidence is especially important for eDiscovery investigations, we have also added the ability to easily select and export multiple records for legal stakeholders.
How We Examine Email Evidence
The average employee sends 110 emails and receives 75 emails daily. With the rate of emails being generated by businesses, it’s not surprising that emails continue to be a leading evidence source in many different types of corporate investigations.
Below are some examples of how Email Explorer can facilitate the review of email evidence in different examinations:
- Malware/Ransomware – Verizon has reported that 94% of all malware is delivered by email. Now, you can filter to review messages that include attachments that meet specific criteria, to help identify messages containing suspected malware.
- Phishing and Business Email Compromise– 96% of companies reported email-related phishing attempts making it one of the most common email-based threats. With Email Explorer’s search capabilities, you can identify common link attributes or wording to find messages that may be related to phishing attempts.
- Legal Review and eDiscovery – The volume of messages associated with legal investigations can be especially high. You can easily review email evidence with Email Explorer’s familiar interface which provides context to the original message threads. Search and filter criteria also help to narrow down large volumes of potential evidence.
- Insider Trading or Fraud – Email records can be key elements in establishing a timeline of events and the parties involved. With Email Explorer, messages can be sorted based on the timeline and reviewed in a format mirroring the original message to provide context and the progression of the communications.
- Data Exfiltration – Emails can be a common exfiltration technique from corporate networks. You can quickly identify messages that include attachments meeting specific criteria, or search for references to file sharing links in the message content with Email Explorer. Date and time filters also facilitate building a timeline of messages related to suspected data exfiltration.
- Employee Misconduct – To identify workplace harassment or inappropriate employee conduct through email, Email Explorer‘s global search bar captures hits for terms included in messages while time filters can narrow the investigation to specific windows during which incidents are reported to have occurred.
To see Email Explorer for yourself, request a free trial of AXIOM Cyber today!