So the other day, was exciting something i will always remember; becoming a detective. What you say, yes well i will try to keep this mostly anonymous as i think that’s more appropriate due to the circumstances. Well a close friend of mine created a website for buying and selling cars in a foreign country which his brother lives in. So all going well website is fine bla bla, I just helped my friend system admin for the server maintaining apache, mysql, postfix etc.. the website was fairly busy.
But there was fake accounts created over time posting fake ads selling cars but most of which in-fact all were very obvious scams but one of which ads was created 5 times on this website from 5 different users with 5 different emails but each listing was exactly the same. Long and short of it one person fell for this listing and ended up wiring ~£8000 to this scammer. So the victim contacted the local police which contacted us to try and find as much details as possible on the scammer like emails ip’s etc.
As the scammer was trying to get more money out of the victim the police suggested to play along with the scammer so we can catch him in the act. But my job was to find out as much information as you can. And by god the amount of information you can figure out about someone based of server logs is scary if your clever.
So we cross referenced the times which the scammer signed up to the website each time, to get his ip and his email and checking the post data to be 100% sure we had the right ip. There were 5 instances we had to go through. 3 of which ips would origionate from exactly the same place which was a major city and isp the other 2 were in a more local rural town. And if you take more attention to the dates the first 2 sign-ups by this scammer originated from this city and occurred around June then nothing until October or so where the next 3 sign-ups occurred so this could give rise to the idea that this person moved house. We know its the same scammer each time when the listing is exactly the same each time and the trace on the ip go to the same places each time.
So yes this was an interesting day but very very interesting what you can figure out about people from their IP.
Elementary dear Herron. I’m sorry that was far too obvious!