INVESTIGATION
INTO
FACEBOOK RELATED CRIME
BY
CID, CB, Cyber Crime
Police Station, Odisha,
Cuttack
Abbreviations
•
•
•
•
•
•
•
•
•
•
•
URL:http:https:IP:IMEI:CDR:SDR:CAF:ISP:MDN:UTC:-
Facebook Screenshot
Formal Complaint
• Ashis Kumar Das (25), S/O- Anup Kumar Das of plot No57/189, Unit-6, PS:- Airfield, Bhubaneswar, Khurda presented
a report at Cyber Crime P.S. of CID, C.B, Cuttack alleging to
the effect that about creation of a fake face book account in
his name having profile name:- Ashis Das and URL:https://www.facebook.com/profile.php?id=100006557143471&fr
ef=ts. He came to know about opening of the said fake face
book account on 11/09/2013, and his wife Shalini Pattnaik has
visited the fake face book account and informed him over
phone. In the said fake face book account, the accused person
has posted his photographs along with his morphed photograph
having pornographic content. In that fake face book account,
the accused person has also posted false and baseless
information in respect of his character.
Formal Complaint
• The accused person has posted /published a
number of photographs containing obscenity,
vulgarity, nudity, sexual explicitly act and
conduct in that fake face book account with an
intention to defame him in the society. Due to
the said postings and creation of fake face book
account, he is suffering mentally & harassed.
He is submitting the screenshots of the fake
facebook account & the nude photographs
posted in that fake facebook account. He is also
informing that, he has no facebook account in
the facebook website.
URL
{UNIFORM RESOURCE LOCATOR}
URL of alleged Facebook account
https://www.facebook.com/p
rofile.php?id=100006557143
471&fref=ts
Sections of Law
• IPC:-
292/465/469/506
• I.T Act:-
66-A/66-C/67/67-A of
Information
Technology
Act- 2008.
Section of Law
• Sec. 292 of IPC:- Sale etc., of obscene books etc.,
Whoever: sells, lets to hire, distributes, publicly exhibits or in
any manner puts into circulation, or for purposes of sale, hire,
distribution, public exhibition or circulation, makes, reduces or
has in his possession any obscene book, pamphlet, paper,
drawing, painting, representation or figure or any other obscene
object whatsoever,
• Sec. 500 of IPC:- Punishment for defamation.
• Whoever defames another shall be punished with simple
imprisonment for a term which may extend to two years, or
with fine, or with both.
Section of Law
• Sec. 465 of IPC:- Punishment for Forgery
Whoever commits forgery {making false document or false
electronic record} shall be punished with imprisonment of either
description for a term which may
extend to two years, or with
fine, or with both.
• Sec.469 of IPC:- Forgery for purpose of harming reputation
Whoever commits forgery, intending that the document
forged shall harm the reputation of any party, or knowing
that it is likely to be used for that purpose, shall be punished
with imprisonment of either description for a term which
may extend to three years, and shall also be liable to fine.
Section of Law
• Sec. 66C: Punishment for identity theft
Whoever, fraudulently or dishonestly make use of the
electronic signature, password or any other unique
identification feature of any other person.
Punishable with imprisonment of either description for a term
which may extend to three years and shall also be liable to fine
with may extend to rupees one lakh.
• Sec. 67: Publishing of information, which is obscene in
electronic form
Whoever publishes or transmits or causes to be published in the electronic
form any material which is lascivious or appeals to the prurient interest if its
effect is such as to tend to deprave and corrupt persons who are likely,
having regard to all relevant circumstances to read, see or hear the matter
contained or embodied in it.
Punishable on first conviction with imprisonment of either description for a
term which may extend to three years and with fine which may extend to
five lakh rupees and in the event of second or subsequent conviction with
imprisonment of either description for a term which may extend to five
years and also with fine which may extend to ten lakh rupees
Section of Law
Sec. 67 A: Punishment for publishing or transmitting of
material containing sexually explicit act, etc. in electronic form
Whoever publishes or transmits or causes to be published or
transmitted in the electronic form any material which contains
sexually explicit act or conduct.
Punishable on first conviction with imprisonment of either
description for a term which may extend to five years and with
fine which may extend to ten lakh rupees and in the event of
second or subsequent conviction with imprisonment of either
description for a term which may extend to seven years and also
with fine which may extend to ten lakh rupees.
Cognizable & Non-bailable
Criminal Law Amendment Act-2013
Section:- 161 of Cr.P.C
Provided further that the statement of a woman against
whom an offence under section 354, section 354A, section
354B, section 354C, section 354D, section 376, section
376A, section 376B, section 376C, section376D, section
376E or section 509 of The Indian Penal Code is alleged to
have been committed or attempted, shall be recorded, by a
woman police officer or any woman officer
Criminal Law Amendment Act-2013
Section:- 164 of Cr.P.C
“(5A) (a) In cases punishable under section 354, section
354A, section 354B, section 354C, section 354D, sub-section
(I) or sub-section (2) of section 376, section 376 A, section
376B, section 376C, section 376D, section 376E or section
509 of the 45 of 1860. Indian Penal Code, the Judicial
Magistrate shall record the statement of the person against
whom such offence has been Committed in the manner
prescribed in sub-section (5), as soon as the commission of
the offence is brought to the notice of the police:
From the complainant
The Investigating Officer has to seize the following
articles:-
• Screenshot of the fake Facebook account
• Specifically those screenshots containing
postings /photographs posted by the accused
From the complainant
• ID proof document of the complainant and
after seizure the ID Proof document left in
zima of the complainant
• Computer system (Desktop or Laptop) in
which the postings made in the fake
Facebook account were visited by the
complainant / Printer (if any) be seized and
after seizure the computer system left in
zima of the complainant
From the complainant
• Seizure of Mobile Phone Handset of the
complainant along with SIM Card & Memory
Card
• Seizure of Messages sent by the accused to
the complainant {printed form or
handwritten by the complainant}
• The seized Mobile Phone Handset along with
SIM Card & Memory Card should be sent to
CFSL for forensic examination and opinion
From Social Networking Site(hacking)
The Investigating Officer has to collect the
information given by the accused in respect of
the fake Facebook profiles created in Facebook
webpage in the name of the complainant:• Profile name
• URL
• Profile picture
• Date of creation of the account
•
•
•
•
•
•
Basic Information
Address
Work & Education
Family
Status
List of Friends
Correspondence to be made…….
 Facebook
Law
Enforcement
Response Team, USA :Summon u/s 91 of Cr.P.C. (Summon to produce
documents) submitted to the Facebook Law
Enforcement Response Team, USA to furnish
the account registration details along with log
details in respect of fake Facebook account.
Facebook:Law Enforcement Response Team,
Facebook Security,
1 Hackers way,
1601 Willow Road,
Menlo Park
California 94025,
USA
E-mail ID:records@fb.com ,
vix@fb.com
Sample letter to Facebook.
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
NOTICE UNDER SECTION 91 Cr.P.C.
From:- Superintendent of Police,
Criminal Investigation Department,
Crime Branch,Odisha, Buxibazar,
Cuttack-753001,INDIA.
To:The Law Enforcement Response Team,
Facebook Security,
18th Hackers way,
Manlo Park CA 94025,
USA.
E-mail ID:- records@fb.com
Ref:
Odisha State, Criminal Investigation Department, Crime Branch, Cyber Crime PS Case No.13 dated 26.09.2013 u/s
465/469/292/500 IPC r/w Sec. 66-A/66-C/67/67-A of the Information Technology (Amendment) Act-2008.
Sub:
Production of Documents: - The user registration details along with concerned IP address and login details in
respect of the fake face book accounts.
Sir,
In inviting reference to the case on the subject cited above, this is to intimate that, someone has
created a fake face book account having user name Ashis Das impersonating the identity of complainant Ashis Kumar
Das, with an intention to defame, denigrate and demoralize the image of the Complainant in the society. The accused
person has morphed the photograph of complainant having pornographic content and has posted, published several
obscene nude photos containing vulgarity and sexual explicit act and conduct in the said fake account .The URL of
the fake face book account is:https://www.facebook.com/profile.php?id=100006557143471&fref=ts.
Sample letter to Facebook.
• In this context, this is to bring your kind notice that, as per
provisions incorporated under the Information Technology
(Intermediaries Guidelines) Rules -2011 as per Sec.3 (Clause-7) it is
observed that, “When required by lawful order, the intermediary
shall provide information or any such assistance to Government
Agencies who are lawfully authorized to investigate, Protective,
cyber security activity. The information or any such assistance shall
be provided for the purpose of verification of identity, or for
prevention, detection, investigation, prosecution, cyber security
incidents and punishment of offences under any law for the time
being in force, on a request in writing stating clearly the purpose of
seeking such information or any such assistance.”
• In the interest of justice and for expeditious investigation of the
case, it is being requested to reply on the following point-wise
information and produce the required documents to the undersigned
by 11.10.2013 positively.
Queries to be made to Facebook
Law Enforcement Response team
• User Registration:- The user registration details
of the fake Facebook account in respect of the
aforementioned User Name and URL.
• Date of Creation:- The date of creation of the
Facebook account along with IP details.
• Browsing Log:- The browsing log details in respect
the aforesaid Facebook account from the date of
registration to till date.
• Emails: - Email addresses added to the Facebook
account (even those removed by the user).
• IP Addresses: - A list of IP addresses where the
user logged into Facebook account.
• Phone Numbers: - Mobile phone numbers added to
the Facebook account, including verified mobile
numbers added for security purposes.
• Deleted Messages/ Photos:-If the user deleted the
messages or photos posted in the said Facebook
account, may be retrieved.
• Address: - The current address or any past
addresses the user had on Facebook account.
• Alternate Name: - Any alternate names the user
has on the Facebook account (ex: a maiden name
or a nickname).
• Linked Accounts:- A list of the accounts the user
has linked to Facebook account.
• Messages:- Messages the user sent and received on
Facebook.
• Chat:- A history of the conversations the user had
made on Facebook Chat.
Facebook Information :-IP details.
•
•
•
•
•
•
•
•
•
Service Facebook
Target 100006557143471 (Generated 2013-11-06 07:51:07 UTC)
Date Range 2001-01-01 08:00:00 UTC to 2013-11-05 08:00:00 UTC
Name First Ashis
Middle
Last Das
Registered
Email
Addresses
• dasashis893@gmail.com
•
•
•
•
•
•
•
•
•
•
•
•
•
Vanity Name
Registration
Date
2013-09-07 05:10:01 UTC
Account
Closure Date
Account Still
Active
false
Time 2013-10-04 07:20:23 UTC
Phone
Numbers
Credit Cards
Facebook Information :-IP details.
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Recent Session
Activities
IP Address 115.240.154.78
Time 2013-10-04 05:30:13 UTC
IP Address 115.240.154.78
Time 2013-10-04 05:29:16 UTC
IP Address 115.240.154.78
Time 2013-10-04 05:29:06 UTC
IP Address 115.184.181.131
Time 2013-09-29 06:05:24 UTC
IP Address 14.142.140.47
Time 2013-09-26 02:59:31 UTC
IP Address 101.62.70.169
Time 2013-09-23 14:09:15 UTC
IP Address 115.253.34.2
Time 2013-09-22 15:06:49 UTC
IP Address 115.243.34.154
Time 2013-09-19 05:12:43 UTC
Facebook Information:-IP details.
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
IP Address 115.253.105.8
Time 2013-09-17 06:43:43 UTC
IP Address 115.243.94.57
Time 2013-09-15 11:48:14 UTC
IP Address 115.184.185.218
Time 2013-09-14 06:49:30 UTC
IP Address 115.250.4.226
Time 2013-09-10 13:29:23 UTC
IP Address 115.253.52.29
Time 2013-09-08 13:38:12 UTC
IP Address 122.50.134.251
Time 2013-09-07 06:47:45 UTC
IP Address 122.50.134.251
Time 2013-09-07 06:45:05 UTC
IP Address 115.253.120.167
Time 2013-09-07 05:10:03 UTC
From the report of Facebook:• Target:- 100006557143471
• Registration Date:- 2013-09-07 05:10:01
UTC ,
10:40:01 IST}
• Vanity:• Emails:- dasashis893@gmail.com
• Name First :- Ashis
• Last:Das
• Phone Numbers:-
Correspondence to be made……
 E-mail Service Provider:• Summon u/s 91 of Cr.P.C. submitted to the
Nodal Officer of E-mail Service Provider to
furnish the account registration details along
with log details in respect of E-mail account
Information in respect of e-mail ID:Account Registration Details
Date & time of creation of the e-mail account
IP log at the time of creation of the account
Physical address if any of the computer system
used by the fraudster
Browser information
Mobile Phone Number used at the time of
registration and updation of the e-mail account
{registered mobile phone number}
Secondary e-mail account
Log details of the e-mail account
Google report
From the E-mail Service Provider
Name:E-mail:Status:Services:Secondary E-mail:Created on (with date & time):IP Address:SMS:Log details:-
Sample Reports from E-mail
Service Provider
Analysis of IP
• After obtaining the IP from Facebook,
analyze the IP through Utrace website (free
tool available in Google) to ascertain the ISP
of the user.
• Convert UTC format to IST by adding (+)
05.30 hours
• Ascertain the identity of ISP from IP such
as (BSNL, VODA, Airtel, Aircel, Relance,
IDEA etc.) from the IP.
• From the report of Facebook Law
Enforcement Response Team & Legal
Investigation Supports, Google, Inc., it is
found that the accused had accessed the
internet by using Reliance Communication
Ltd. (ISP) to commit crime.
Correspondence to be made……
Internet Service Provider:• User Subscriber Details of the IP address
• Telephone number in case of DSL/CDMA/3G, and Dial up
• other relevant information in respect of the User
Subscriber
–
–
–
–
address of correspondence
contact number
e-mail IDs
billing details
• MAC ID of the alleged computer system or
• IMEI Address of the computer resources with respect of
the relevant IP address
• CAF / NTC in respect of the User Subscriber in respect of
the alleged IP address.
Request Letter to ISP
Sample reports from Internet
Service Provider (ISP-Relance)
Sample report from ISP (Reliance)
. Brief Request Description Customer Name Customer
Add. MDN NO 115.240.154.78 11:00:13 4-Oct-13
Police sp1cidcb.orpol@nic.in Odisha Mail Received
From LEA.Support On 28-Nov-2013 Regarding Ip
Details Mr/Mrs SUSHANTA PATTNAIK Mr/Mrs
SUSHANTA PATTNAIK
PLOT NO-A/15 NAGESWAR TANGI
BBSR BBSR
ORISSA
Phone Number:9861886263
Correspondence to be made……
Mobile Service Provider:Subscriber Details
Date of Activation (DOA)
Customer Acquisition /Application
Form (CAF) {in original}
CDR for the alleged period
Certificate u/s 65-B of the Indian
Evidence Act
Investigating Officer will seize
From the possession of accused: Laptop with charging adapter
 Computer system, its other components (Monitor, CPU,
UPS, Keyboard, Mouse)
 Hard Disk from the seized CPU
 Modem
 Pen Drive /USB Drives /CDs/ DVDs
 Mobile Handsets
 SIM Cards
 Memory SD Card
 Dongles
 Cables
 Telephone Bills
Investigating Officer will seize
From the possession of accused:








ID Proof documents
Documents of the house
If any company, then its details
If employed, then documents of the office like Identity card
etc.,
Computer (Desktop / Laptop)
Mobile Phone Number along with SIM Card / Memory Card
USB Drive / Flash Drive / Pen Drive
External Hard Disk if any
CD / DVD
Investigating Officer will seize
From the possession of accused: Write down each computer resource's






Make
Model
Colour
Sl. No.
Capacity
Service Tag No. (if any)
Seized Exhibits be sent to CFSL for examination
• Seized exhibits be sent to Director, Central
Forensic Science Laboratory, Directorate of
Forensic Science Services, Govt. of India,
Ministry of Home Affairs, 30, Gorachand
Road, Kolkata- 700014, (T) S.D.J.M., for
examination and opinion
Letter Rogatory
• Sec. 166 A of Cr.P.C:- Letter of request to
competent authority for investigation in a
country or a place outside India.