Can instant messaging be tracked

I sent a co-worker an instant message through MSN messenger regarding our boss. We were both in the same office at the time. My boss was seen at my desk looking through my computer. He has spyware installed on the system. Can he retrieve my old MSN instant message that I sent to my co-worker? Become a Patron of Ask Leo! That can be viewed from anywhere the company chooses to allow it.

All of this happens over the internet, and if your company is monitoring internet traffic, they can monitor this as well. Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

OMG u could be so screwed! In that case, no, but your boss might know that you manually removed the spyware he or she installed. Get support. Communication is essential for productive business. The problem is that we are all busy people. Luckily, the instant messaging market has never been better - and businesses all over the world are using applications like Slack and Microsoft Teams to improve all areas of communication.

In this blog, we ask: can instant messaging prevail over the goliath that is email? And when is the best time to use each communication tool? The great thing about email is everyone in and out of the professional world is familiar with it. From baby boomers to millennials, every generation has sent an email. And no matter how many great communication tools come on the market, email is going nowhere. Determining when a computer is on and when it is not being used are two very important details.

For example, you might want to know if someone is away from his or her keyboard if you plan to access his or her computer remotely with virtual network computing or another tool, or if you need to physically get to it to swap out keyloggers. On the other hand, you may only want to turn on your screen-capture software when someone is actually using the computer.

Thanks to IM, we have a crude form of that capability. If your buddy is online, you know his or her computer is up. Also, most messengers can let you now if your buddy is idle has not done anything on the computer for a period of time or is away idle for a long period of time. This is great information to have, and can be obtained for free just by putting your mark on your buddy list. Actually getting your mark on your buddy list may be a slightly more challenging issue depending on the chat network he or she uses.

How you do this will depend on what IM clients your target uses. You must first identify the IM client s your mark uses and the account ID on each one. It is a good idea to keep track of all of them, in case your mark stops using one particular service this is where having Gaim or Trillian comes in handy. If your target uses AIM, you are in luck, as it lets you add anyone to your buddy list without your target knowing. MSN is similar to Yahoo in that it queries your target to ensure that you want your target to add you, and lets you decide if the person adding you can tell if you are online.

If you are dealing with one of the trickier messengers, you may have to do some social engineering to get your mark to let you add him or her to your list. If that does not work, a fake identity may be a great way to learn more about your mark. In some cases, the password is hidden and scrambled in registry settings; in others, it sits in a plain text file. Chapter 6 covered the process for obtaining the buddy list from AIM. Obtaining the password is a slightly trickier procedure.

Versions of AIM older than 4. Version 4. A hash is the result of feeding the password into a one-way function, meaning that it is mathematically impossible to recover the password from the hash. So, if your mark is using an old version of AIM, there is a chance you might be able to recover the password. A dialogue box should pop up giving numerous tidbits of information, along with the version number. A Google search on AIM password recovery will show several tools that will uncover the password.

While this would be a fortunate scenario, it is a highly unlikely one. As of the writing of this book, the current version of AIM is 5. The best bet for actually acquiring a password is to use a hardware or software keystroke logger. In addition to installing one, a good idea is to pull up the client and type in an incorrect password. Since many clients automatically save the last password typed, you need to modify the one stored to ensure that your mark enters the correct one the next time he or she logs on.

Like AIM, Yahoo passwords are not stored or transmitted in plain text. Similarly, using a keystroke logger is the best advice for collecting this information. NET passport as the basis for its authentication. However, since it relies on. Since Gaim is not distributed by the owners of the IM networks and must interact with more than one network, it is more efficient for Gaim to store its own buddy and password lists. Gaim stores all of its information in easy-to-view.

XML files are a type of markup language that is relatively easy to understand and which can be opened by most Web browsers. This is the program you want your mark using. If you have any influence at all, steer your mark this way. There are two files of interest: accounts. There are basically two ways to find the XML files that you are looking for—manually, if you know where they are, or by searching the entire hard drive for them.

We discuss both methods along with their trade-offs. Both files should be there and accessible using Notepad or most any other text-viewing application.

This requires one of two things to be true: the user has not marked his or her files as private, which is often the case. Or, if they are marked as private, you must be looking for these files from an administrator account or from the same account as your mark. While this method depends on permissions and is a little trickier than the next one we discuss, it allows you to locate the Gaim configuration directory for your mark, which also contains other useful information.

In addition, should the nomenclature for the file names change, you can examine the files in the directory one by one, looking for the correct information. Like the previous method, this one also depends on file permissions.

Once you have found the files, their contents should be plainly visible. The following example shows the accounts. As you can see from this example, account names and their corresponding passwords when stored are both clearly visible.

In the next example, we show you the type of information that you can retrieve from a stored buddy list. This example shows you the blist. From this file, we see that Sarah does not have many buddies added. In true life examples, it is not unusual for people especially teenagers to have hundreds of entries in the file. Similar to Gaim, Trillian stores its buddy list on the computer via the server.

You can retrieve this list by browsing to:. However, unlike Gaim, this list does not contain the password of the user. Instead, the password is stored encoded in an. For the popular ones we are monitoring, the files are:. Instead of encrypting the password, Trillian uses a two-character encoding scheme to scramble them. There are several programs that will break this encoding for you including one available on our Web site , but to give you a better idea of how they work, we have included Table 9.

The top row contains the characters from our file, and the left-hand row contains the decoded plain text. You just need to match up the two character letters from the top row with the correct letter. Sample of a Table to Decode Trillian Passwords. Collecting information on the chat sessions that your mark is conducting can be done in several ways. Most of the popular chat programs come with the capability to save a log file of the conversation. While some people may enable this to keep a record of their conversations, a lot of people never bother with this setting.

This is a great place to keep track of chat, because a thorough log can yield all types of useful information. When logging is not an option, either because the program does not have the capability, or because you cannot physically access the machine, sniffing becomes the other alternative.

Most chat is still in plain text and can easily be picked up with sniffers. Most IM clients can be configured to log all of their traffic. This is an excellent feature that can help you in your spying efforts.

Very few users pay attention to the maze of preferences that most clients offer, and turning on logging is generally a very quiet and unobtrusive option that has a low risk factor. Even if someone were to discover that logging was enabled for his or her messenger, it does not immediately point the finger at anyone, or indicate that spying has occurred. AIM does not come with a method to log all of the chats. However, there are many extensions and add-ons to AIM that will provide this functionality.

If your mark has installed them, it may be possible to log his or her chats. Then you need to bring up the Preferences menu. After the Preferences menu is shown, select the Archives option on the left. After toggling on the Archives option, logging will be activated.

You can then exit Yahoo Messenger and log off of the account. Log files are saved for a duration of 10 days as. The contents of this directory can be copied to be viewed at your leisure later. This tool can be found either at its home site, www. For Archive Reader to work, you must also have Yahoo Messenger installed and the. Only the newer version of MSN Messenger has the ability to log chat files.

If your mark is using Messenger v6 or higher you are in luck. After starting Messenger and logging in, the options can be accessed by selecting Tools Options Messages Message History. After you have collected log files, buddy lists, and passwords, you may be eager to immediately view them. If you open a. Take them somewhere else and view them on a computer that you feel is reasonably secure, or that you can reasonably clean up so that anyone seeing it will have a hard time determining what you have done on it.

Gaim logging is very easy to toggle on. Once the Gaim program is started, select the Preferences button on the window, which will pop up a window with menus. Select the Logging tab to bring up the logging options.

Also, the average number of snaps created in one single day amounts to 3 billion. The projected number of people who will be using Whatsapp by the year is 1.

The figure is only expected to go up given the current popularity of instant communication. The number of users on the Facebook Messenger app has crossed 1. A large chunk of people using instant messaging apps use more than just a single IM app. Content sharing is among the basic features of most IM apps. The matter of concern is that are no safeguards incorporated in the content sharing mechanisms of such applications.

Sharing of personal information via IM apps poses yet another threat to the privacy of the youngsters addicted to them. Instant messaging apps provide yet another platform for bullies to exert their influence on their victims. Cyberbullying is on the rise ever since the advent of these applications. Constant exposure to the blue light emitted by smartphones is a bane to the health of teenagers. IM apps keep them hooked onto their smartphone screens for hours.

As IM messaging apps provide a medium to communicate with people without actually being in their physical vicinity, many young individuals are inclined to subject themselves to isolation from the real world.

Sexting is yet another obsession that is being fostered by teenagers on almost every corner of the world. The alarming fact is that the circulation of nude, as well as semi-nude photographs of children, is not an uncommon occurrence anymore.