Mobile devices are not always what they appear to be. Knock-off handsets are prevalent in Asia, Europe and are infiltrating the borders of the United States. Commercial forensic tools do not provide the same amount of support for knock-off devices as they do for GSM and CDMA handsets. Specialized forensic tools and add-on options to commercial kits are available, however not all of the data is parsed for the investigator. This talk will lead an exploration of the different methods for acquiring and analyzing knock-off handsets, to include a live acquisition demonstration. A detailed overview of the files contained within a physical dump of a knock-off device will be provided. Examples will be provided to demonstrate proper parsing methods and data interpretation of the knock-off device files.