How can your clients protect themselves when their electronic communications and confidential digital information is specifically targeted by those who have physical access to their devices?

By Nicholas G. Himonidis, Attorney and Private Investigator

Many recently reported cases have demonstrated that an acrimonious divorce or custody battle can be fertile ground for hacking email accounts, the use of illegal spyware and unlawfully accessing private computer and cellphone data. With physical access to the devices in question, virtually all traditional computer security protocols can be defeated.

The following protocol, known as “Digital Defense 101,” can neutralize the threat of digital compromise from adverse litigants with physical access to the client’s home, office or personal spaces.

Specific Defenses to Specific Threats

Computer or smartphone spyware silently documents activity and relays information to the installer. Such programs consistently avoid detection by commercial anti-virus/anti-malware scanners and professional forensic examinations to locate these threats, and can cost upwards of $3,500 per device.

Any client who feels their digital information is at risk during the course of an acrimonious litigation should follow these steps to defeat the threat.

  1. Stop using the devices immediately, and copy specifically recognized user-created, uploaded or downloaded files to a removable drive.

  2. Replace the smartphone. Refrain from connecting it to the old phone. If calling records are compromised (i.e. the bill showing incoming/outgoing calls), an unlisted prepaid phone with no bill should be purchased instead.

  3. Replace the computer used for internet access with one that either has built-in independent internet access (3G/4G) or a separate physically-connected 4G AirCard. A high quality anti-virus/anti-malware scanner must be used on the removable drive before transferring the files.

  4. Configure both devices outside the suspect wireless network’s range, eliminating any chance of accidental connection. Your client should learn to enable and disable each device’s wireless adaptors so that Wi-Fi access is only enabled when secure and disabled in suspect locations.

  5. Limiting unauthorized access by someone with physical access to the new devices will prevent spyware installation and guard against data being copied:

  • Phones: Enable all security features. Your client must choose and memorize a random password, enable a short time period before auto-lock and small number of wrong password entries, and always lock their phone. Remind your client to hide the phone in addition to using the password lockdown feature.

  • Computers: Use the BIOS setup menu upon computer reboot to enable a BIOS Level Password. BIOS Level passwords are extraordinarily difficult to bypass even by computer forensic professionals. Remind your client to shut down the computer regularly so the BIOS Password is always required.

  • Remember: Your client must only use independent internet connections built into or attached to the new device.

  1. Using the new computer and secure, independent internet connection, your client can create a new email account. No identifying features should be used and a random, complex, alphanumerical password should be memorized. The old email should not be used as an alternative or password reset information may be sent to the compromised account.

Your client will have now succeeded in setting up an extremely secure computing and communications environment; however, one deviation can result in reinfection. Remind your client to follow these rules:

  • Do not connect to any network that the suspect has physical or virtual access to.

  • Disable wireless adaptors whenever in proximity to any suspect locations.

  • Disable Bluetooth if not used. Otherwise disable “discovery” after connecting your devices so the device cannot be seen.

  • Only use new removable drives as an infected USB can re-compromise your devices.

  • Only access the new email from the new devices.

  • Never connect the new devices to the old for any reason.


Nicholas G. Himonidis is an attorney, licensed private investigator, certified fraud examiner and certified computer forensic specialist. He is Vice President  of Investigations at T&M Protection Resources, LLC in New York City.