Hello Fellow Examiners,
I am currently working a case in which the client wants to know all information help within the computer about his wives bank accounts as they are going through a divorce he wants to know the following
1.) A list of all bank accounts
2.) This can be foreign or domestic
now I am using X-ways and am wondering if there is a regex you all can think of that may help me, I've tried a few, but must be making a mistake somewhere because I get a lot of false positives. Any help would be greatly appreciated!
Sam
My bank account is a fixed length and all numbers. Fairly straightforward regex for that - but like you said, prone to a high number of false positives.
I don't know of any bank account # format (like a CC format for example) that a series of regex's could be created for.
Hello,
If your data set is small enough, you might be able to use Nuix's ProofFinder tool (
ProofFinder can automatically identify and segregate financial documents and information for review and analysis.
If Magnet Forensic's Internet Evidence Finder is in your toolkit, then I know IEF already has searches available to identify accounts (credit card numbers for sure).
Here in Europe a bank account (when "fully qualified") has a "standard format", called IBAN
https://
but except for reports from the Bank and transactions, the full IBAN is rarely used in full, and the BBAN is used instead (which can be almost *any* format).
And there is additionally (for international transactions) the BIC or SWIFT code, which also is "free format".
Even the "standard" IBAN is often written with spaces or separators between groups of numbers/letters so it is not very easy to parse correctly avoiding false positives or risking to miss some occurrences.
jaclaz
Hello Fellow Examiners,
I am currently working a case in which the client wants to know all information help within the computer about his wives bank accounts as they are going through a divorce he wants to know the following
1.) A list of all bank accounts
2.) This can be foreign or domesticnow I am using X-ways and am wondering if there is a regex you all can think of that may help me, I've tried a few, but must be making a mistake somewhere because I get a lot of false positives. Any help would be greatly appreciated!
Sam
use BulkExtractor (free and opensource) for collect all bank accounts - download http//