Cell Phone Forensics

From ForensicsWiki
Revision as of 21:53, 18 September 2006 by Wypman (Talk | contribs) (Guidelines)

Jump to: navigation, search


  1. If on, switch it off. If off, leave off. Note only under exceptional circumstances should the handset be left switched on and in any case every precaution to prevent the handset connecting with the Communication Service Provider should be made. Consider use of a Faraday Bay (Shielded Bag).
  2. Collect and preserve other surrounding and related devices. Be especially careful to collect the power charger. The phone's battery will only last a certain amount of time. When it dies, much of the data on the device may go too!
  3. Plug the phone in, preferably in the evidence room, as soon as possible.
  4. Retain search warrant (if necessary - LE).
  5. Return device to forensic lab if able.
  6. Use forensically sound tools for processing.


Expand on 5 as to what to collect:


  1. Research the Cell Phone. Visit PhoneScoop.com for more information