Tag Archives: cybercrime

Digital Detectives: The Role of Cyber Forensics in Modern Crime Stories

Posted on by

By Jennifer Graeser Dornbush

When I was growing up, evidence meant fingerprints, fibers, and blood spatter.
Today, we also find enormous amounts of evidence in our digital prints: browser histories, cell phone pings, and metadata buried in a cloud server halfway around the world.

Crime scenes have a giant presence online.

I’ve spent years learning how investigators read the physical world for truth. But in the last decade, a new kind of evidence has changed everything. The next big clue isn’t under a microscope, it’s inside a smartphone.

For storytellers, that shift opens an entirely new frontier. If you’re writing crime fiction and ignoring digital forensics, you’re leaving some of your richest material untapped. But it’s also tricky because what we “watch” or “observe” on a screen isn’t very action-focused as a plot line.

Today, we’re stepping into the world of cyber forensics and how to use this evidence in your next crime fiction.

What Is Cyber Forensics?

In the simplest terms, cyber or digital forensics is the process of identifying, preserving, analyzing, and presenting data from electronic devices in a way that stands up in court.

If traditional forensics examines fingerprints and fibers, digital forensics examines pixels and packets, the trails left by our phones, laptops, GPS units, and cloud accounts.

The real-world process

When a device is seized, investigators create a “forensic image,” a bit-by-bit copy that captures everything: deleted files, timestamps, cached data, and metadata. That image becomes the foundation for analysis. Information Analysts then use specialized software to reconstruct timelines, recover communications, and verify authenticity of an individual’s usage.

Every action is documented to maintain the chain of custody and keep evidence tracked, secure, and court-admissible.

Digital forensics branches into specialties:

●      Computer forensics – analyzing desktops and hard drives.

●      Mobile forensics – recovering data from phones, tablets, and wearables.

●      Network forensics – tracking online traffic, hacking, and IP traces.

●      Cloud forensics – locating and authenticating data stored on remote servers.

The process may sound technical, but at its heart, it’s still detective work. Each byte is a breadcrumb, and every breadcrumb tracks a trail where a criminal or victim has been.

Where Digital Evidence Hides

A great mystery writer knows how to hide a clue in plain sight. The same is true of digital evidence.

1. Smartphones

Modern phones are portable black boxes. They store call logs, texts, deleted images, app data, GPS trails, and even sensor information that can pinpoint motion and location. In fiction, a single recovered text or photo can flip a plot.

Example: A victim’s fitness app records 200 extra steps at 2 a.m. proof she was still alive hours after the suspect claimed she was dead.

2. Laptops and Cloud Storage

Documents, emails, cached passwords, and file-creation times often reveal motive or premeditation. Cloud backups extend that reach: deleting something locally rarely means it’s gone.

3. Social Media and Messaging Apps

Posts, private messages, likes, and geotags create a map of a suspect’s or victim’s personal life. For writers, social platforms can expose contradictions: the killer who posts a cheerful vacation photo minutes after committing a crime. The victim who texted an irate boyfriend before disappearing.

4. Smart Devices

Doorbell cameras, smart speakers, thermostats, and watches all record direct evidence of where a victim or criminal has been. Investigators now recover voices, motion data, even room temperatures to build timelines.

5. The Digital Silence

Sometimes what isn’t there matters most, a phone suddenly powered off, an erased drive, an hour missing from security footage. In storytelling, absence of evidence can shout louder than its presence.

Every byte is a witness; the challenge is deciding which ones are telling the truth.

Turning Data into Drama

As a writer I often worry that using too much digital forensics bogs my story down, makes it uninteresting, or relies on telling instead of showing. After all, we want our characters in action. And watching someone stare at a screen or pick through files is very passive and very boring.

The secret to treating digital discovery is to use as little exposition as possible– sometimes you have to describe video footage or a computer file. Where we can get the most punch is when we use digital evidence as revelation… aka: a turning point in the plot. The found digital evidence can be a small, medium, or big turning point. But it has to count as something that shifts the plot investigation in a new direction.

●      Anchor the data to emotion. A recovered voicemail is about the message, but also the emotional meaning to the person who hears it.

●      Pace the reveal. Instead of unloading a list of findings, let information surface gradually, each clue raising new questions.

●      Show the cost. What does it feel like to invade a victim’s inbox or scroll through a dead child’s messages? Use sensory detail to humanize the act of investigation as the investigator is uncovering the evidence.

●      Avoid jargon overload. Let characters translate for the reader: “The timestamp’s off. Someone changed it.” That’s all you need. Unless your character is a digital analyst. Then, lean into the jargon as part of her character

The Emotional Edge

Behind every password and pixel is a person. And humans are driven by emotion. Use that in writing. Here’s how:
Bringing Humanity to the Data

The best crime stories are seeded in motive. Digital evidence should never replace emotion; it should reveal it.

●      A deleted text exposes regret.

●      A GPS trail shows obsession.

●      A search history lays bare guilt.

●      A detective scrolls through a suspect’s messages, what do they feel? Curiosity? Pity? Revulsion?

●      Think of each digital discovery as a confession waiting to be interpreted.

●      What is a detective’s reaction when she hacks into a victim’s private photos?

●      What happens when a journalist exposes data meant to stay sealed?

●      How do loved ones feel when a phone becomes evidence instead of memory?

Use emotional reactions of characters to heighten empathy, build the plot, and ratchet up suspense as they uncover a digital footprint.

Realism Without the Textbook

You don’t need to be a hacker to write digital authenticity. You just need to understand procedure and respect accuracy.

Start with credible sources

●      The U.S. Department of Justice’s Digital Evidence Guide outlines best practices for law enforcement.

●      The National Institute of Standards and Technology (NIST) publishes clear, publicly available frameworks.

●      The FBI Cyber Division offers summaries of current threats and tools.

●      Podcasts such as Darknet Diaries or The Forensic Lunch reveal real cases in accessible language.

Write lean

A single correct detail is worth more than pages of exposition. If you know what a “write-blocker” or “hash value” is, mention it once to show expertise, then move on. An easy hack for this is to have the digital expert character explain it to a non-techie character.

Consult real experts

A quick interview with a local cyber-crime investigator can provide nuances no textbook will, tone, pressure, emotional toll.

Authenticity doesn’t come from showing off what you know. It comes from knowing just enough to stay believable.

The Digital Detective

Every generation of investigators develops new instincts. The digital detective, whether real or fictional, reads data like body language.

They’re patient, analytical, and often brilliant. They see patterns others miss. But make sure yours is more than a brain behind a keyboard.

Give them the full range of character depth:

●      A cyber expert who still keeps notes by hand.

●      A genius coder who’s terrible at reading people.

●      A hacker turned consultant wrestling with guilt.

Common Mistakes to Avoid

1.     Tech magic. Don’t let characters “trace the IP in seconds” or “hack the Pentagon before lunch.” Real analysis takes time, warrants, and patience.

2.     One-click evidence. Data rarely tells a single truth. Circumstantial evidence here requires that investigators put all together all the evidence to create a line of reasoning that leads to a single suspect.

3.     Static scenes. Fiction can quickly turn into non-fiction with digital evidence trails. But no one wants to read computer analysis. BORING! Keep it quick, fast, and show how data changes the direction of plot.

4.     Outdated references. Technology evolves fast. Double-check that the apps, devices, and terminology in your story still exist.

5.     Emotionless experts. Readers connect to people, not software. Give your digital detectives personal reactions to what they discover.

The Forensic Thread

When I teach writing workshops, I remind authors that fictional forensics is about culling what is possible, not what isprobable. Whatever thread you pull on doesn’t have to be probable. It only has to be possible. Have fun with evidence and technology! Be inventive!

In my own fiction, I use cyber forensics the way I use autopsies, not for shock value, but to reveal truth. A recovered email can carry much emotional weight when it’s tied to character and motive.

Science gives us technology; humanity gives us connection. When you use cyber forensics, balance both.

The Future of Digital Crime

The frontier keeps expanding. Artificial intelligence can now detect manipulated images and generate false ones. Blockchain records are being introduced as tamper-proof evidence. Entire crime scenes can be reconstructed in virtual reality.

That evolution is thrilling for real life investigators… as much as it is for storytellers. Imagine writing a case where the killer uses deepfakes to create an alibi, or where investigators chase a suspect across multiple metaverses in VR.

But beneath the technology, the essential human question never changes: Why?

Technology will always change how crimes can be carried out… and solved. The corruption of human heart will always determine motive. And motive will always be the pulse of every great crime story.

Jennifer Dornbush is an author, screenwriter, and forensic specialist who brings crime stories to life with authenticity and heart. With a background rooted in real-world forensics and a passion for crafting unforgettable mysteries, Jennifer offers readers and viewers a front-row seat to the intersection of science, justice, and human nature. Jennifer’s crime expertise has made her a sought-after speaker, consultant, and educator. Through her webinars and master courses, Jennifer guides writers in melding suspenseful storytelling with forensic realism to the screen and page. Meet her at www.jenniferdornbush.com

True Crime Thursday – DEEPFAKES

Posted on by

By Debbie Burke

@burke_writer

 

Believe none of what you hear and half of what you see.

This saying has been around for centuries, variously attributed to Benjamin Franklin and Edgar Allen Poe.

Today, thanks to Artificial Intelligence (AI) and Machine Learning (ML), you can no longer believe anything you hear or see.

That’s because what your ears hear and what your eyes see could be a DEEPFAKE.

What is a deepfake? Wikipedia says:

…synthetic media in which a person in an existing image or video is replaced with someone else’s likeness. While the act of faking content is not new, deepfakes leverage powerful techniques from machine learning and artificial intelligence to manipulate or generate visual and audio content with a high potential to deceive. The main machine learning methods used to create deepfakes are based on deep learning and involve training generative neural network architectures, such as autoencoders or generative adversarial networks (GANs).

Deepfakes have garnered widespread attention for their uses in creating child sexual abuse material, celebrity pornographic videosrevenge pornfake newshoaxes, bullying, and financial fraud. This has elicited responses from both industry and government to detect and limit their use.

 

I wrote about AI three years ago. Since then, technology has progressed at warp speed.

The first recognized crime that used deepfake technology occurred in 2019 with voice impersonation.

The CEO of an energy business in the UK received an urgent call from his boss, an executive at the firm’s German parent company. The CEO recognized his boss’s voice…or so he thought. He was instructed to immediately transfer $243,000 to pay a Hungarian supplier. He followed orders and transferred the money.

The funds went into a Hungarian account but then disappeared to Mexico. According to the company’s insurer, Euler Hermes, the money was never recovered.

To pull off the heist, cybercriminals used AI voice-spoofing software that perfectly mimicked the boss’s tone, speech inflections, and slight German accent.

Such spoofing extends to video deceptions that are chilling. The accuracy of movement and gesture renders the imposter clone indistinguishable from the real person. Some research shows a fake face can more believable than the real one.

Security safeguards like voice authentication and facial recognition are no longer reliable.

A November 2020 study by Trend Micro, Europol, and United Nations Interregional Crime and Justice Research Institute concludes:

The Crime-as-a-Service (CaaS) business model, which allows non-technologically savvy criminals to procure technical tools and services in the digital underground that allow them to extend their attack capacity and sophistication, further increases the potential for new technologies such as AI to be abused by criminals and become a driver of crime.

We believe that on the basis of technological trends and developments, future uses or abuses could become present realities in the not-too-distant future.

The not-too-distant future they mentioned in 2020 is here today. A person no longer needs to be a sophisticated expert to create fake video and audio recordings of real people that defy detection.

In the following YouTube, a man created a fake image of himself to fool coworkers into believing they were video-chatting with the real person. It’s long—more than 18 minutes—but watching even a few minutes demonstrates how simple the process is.

Consider the implications:

What if you could appear to be in one place but actually be somewhere else? Criminals can create their own convincing alibis.

If corrupt law enforcement, government entities, or political enemies want to frame or discredit someone, they manufacture video evidence that shows the person engaged in criminal or abhorrent behavior.

Imagine the mischief terrorists could cause by putting words in the mouths of world leaders. Here are some examples: https://www.cnn.com/interactive/2019/01/business/pentagons-race-against-deepfakes/

Deepfakes could change history, creating events that never actually happened. Check out this example made at MIT of a fake Richard Nixon delivering a fake 1969 speech to mourn astronauts who supposedly perished on the moon. Fast forward to 4:18.

How was this software developed?

It arose from Machine Learning (ML). The process involves pitting computers against one another to see which one most accurately reproduces expressions, gestures, and voices from real people. The more they compete with each other, the better they learn, and the more authentic their fakes become.

A fanciful imagining of a contest might sound like this.

Computer A: “Hey, look at this Jack Nicholson eyebrow quirk I mastered.”

Computer B: “That’s nothing. Samuel L. Jackson’s nostril flare is much harder. Bet yours can’t top mine.”

Computer A: “Oh yeah? Check out how I made Margaret Thatcher to cross her legs just like Sharon Stone.”

The Europol study further outlined ways that deepfakes could be used for malicious or criminal purposes:

Destroying the image and credibility of an individual,

Harassing or humiliating individuals online,

Perpetrating extortion and fraud,

Facilitating document fraud,

Falsifying online identities and fooling KYC [Know Your Customer] mechanisms,

Falsifying or manipulating electronic evidence for criminal justice investigations,

Disrupting financial markets,

Distributing disinformation and manipulating public opinion,

Inciting acts of violence toward minority groups,

Supporting the narratives of extremist or even terrorist groups, and

Stoking social unrest and political polarization

 

In the era of deepfakes, can video/audio evidence ever be trusted again?

~~~

A big Thank You to TKZ regular K.S. Ferguson who suggested the idea for this post and provided sources.

~~~

TKZers: Can you name books, short stories, or films that incorporate deepfakes in the plot? Feel free to include sci-fi/fantasy from the past where the concept is used before it existed in real life.

Please put on your criminal hat and suggest fictional ways a bad guy could take advantage of deepfakes.

Or put on your detective hat and offer solutions to thwart the evil-doer.

~~~

 

Debbie Burke’s characters are not created by Artificial Intelligence but rather by her real imagination. 

Please check out her latest Tawny Lindholm Thriller. 

Until Proven Guilty is for sale at major booksellers here.