If you think you are protected behind a VPN to commit crimes, think again!

Simon Smith of eVestigator manages to crack a case, and reverse the irreversible! In absolutely what would have been an impossible situation, a disgruntled staff member broadcasted defamatory material to over 1,000 clients of a training Academy to all its’ past and present students stating that the male teacher is a paedophile. In desperation, the owner came to me for help.

“After tracking the attack which was sent out to the companies mailing list by ‘SurveyMonkey’, and using my techniques to get an IP address (which was not easy) I felt a sigh of relief. However, only to find he had used a VPN service with a no logging policy that literally never kept logs. Through strategic investigation I monitored the banking records of the company and the staff member had used the company credit card to subscribe to a VPN service”, he purchased a lifetime subscription many years back and ‘forgot’ about it (human error is one of the biggest slip ups) Mr. Smith said.

Mr. Smith went on to say, “human strategy and psychology is part of the game in Cybercrime. So I thought I would download the client and give some of the servers a test to see what IP addresses I might find. SurveyMonkey were helpful by providing me with the USER-AGENT request variable which came in handy, because when I connected to the very VPN service that the only other staff member who had access and control to whom had suddenly quit, not only did I get a match on the IP, but a match on the USER-AGENT. The computer he used was one of the  company’s property. The only one that was a MAC, and therefore led  to be able to convince a court beyond reasonable doubt on the chances of allocation of IP, date/time of connection to that server, User-Agent, the date he was sacked matching the date of the conduct and more.

So that’s Reverse-IP Tracing even if you have a VPN for you.”

 

“Case Closed! Busted”, said Mr. Smith.

 

The moral of the story is, you are not always protected if you commit a crime behind a VPN that contains no logs of your identity. There are many other things cyber investigators use to track you down.

 

If your just trying to protect your privacy for many other legitimate reason not to commit crimes then a VPN is still what you should be using.

 

via:  linkedin


Save pagePDF pageEmail pagePrint page

Leave a Reply

Your email address will not be published.