With the steady rise of online fraud [1], responders have often had to rely on computer forensic tools to determine the exact nature of incidents. Several commercial digital forensics software suites are available for examining digital media related to computer crimes. Although these tools provide examiners with extensive capabilities for forensic examinations, they can have significant drawbacks in terms of training, initial costs of the tool, and yearly maintenance upgrades. Alternatively, there are free and open source software (FOSS) tools with equivalent functionally that examiners can use to perform most of the same tasks possible by commercial applications. This article describes some FOSS tools that are suited for general forensic examinations, with an emphasis on those capable of the primary forensic examination tasks relevant to phishing cases, including identifying malware, automated and manual recovery of deleted files, creating a timeline, and identifying Web browser trace evidence.