Hacked Email, Trace Ip

[Boz]

Hey,

a friend's yahoo account was recently hijacked with that "Mugged in London" scam. From the email headers I've seen that they used your-freedom.de to disguise their IP address. As I'm new to all this computer forensics/security I was wondering if there was any way to trace this back further.

I assume not as that would defeat the purpose of these services, but just wanted to ask some more knowledgeable people.

Anyway, Thanks guys.

[Infiltrator]

Since the hijacker used a proxy server to conceal his ip address, it could become very difficult to trace back to the original ip address.

1. You will need to know the real proxy server ip address is.

2. You will also need to know the geographical location of the ip address.

4. You will need to know who is the owner of the ip address (eq, Internet Service Provider)

3. I don't want to discourage you, but I hardly doubt the proxy administrator will be willing to contribute, unless you take the matter to a legal court.

4. There is also the question, of whether the proxy server keeps a log of all the original IP addresses. In some cases, it does and in other cases it doesn't

All I can recommend is to, change the password to a more complex password, and do not use easy to guess security questions. If willing to change over email provider, use gmail.

Edited August 8, 2010 by Infiltrator

[Mr-Protocol]

There really is no point to tracing back further.

1) It's a well known scam so the government knows about it

2) They used a proxy and the proxy service wont be tellin' who it was. Best off just reporting it to them as scam/spam based off of the full header info they can track it down on their end.

3) What would you do if you found out whom sent it?

Now say if someone sent you an email from their house without a router hooked up then yeah you could "respond" using their IP from the header.

[Infiltrator]

Moral of the story, it will be useless for you to try to trace back the ip address. Its gonna be a waste of time and resources. I am sorry to say this, but that's how it works.

[Sparda]

You could call the cyberpolice.

[Infiltrator]

You could call the cyberpolice.

Can they really help, I mean it was just an email account that was hacked.

I know how it important it may be to the OP, to find who did this.

But what are the chances of a CyberCop really digging into it.

[Sparda]

They can backtrace it.

[Mr-Protocol]

If I was a cyber investigator. I would not even consider the job. There are higher priorities out there than someone's email. Unless it's a celeb or gov't official.

[Sparda]

If I was a cyber investigator. I would not even consider the job. There are higher priorities out there than someone's email. Unless it's a celeb or gov't official.

but if he did... the consequences would never be the same.

[Alias]

These spammers dun goofed.

[Infiltrator]

If I was a cyber investigator. I would not even consider the job. There are higher priorities out there than someone's email. Unless it's a celeb or gov't official.

What if the owner of the email account, paid you top dollars to find out who did this?

[Sparda]

[Infiltrator]

Where do you get this cartoons from?

[Mr-Protocol]

What if the owner of the email account, paid you top dollars to find out who did this?

Would not happen. It's just not do-able without going through courts and a lot of proof to get the courts to view ISP logs... Not worth the time. Pick your battles wisely.

[Infiltrator]

Would not happen. It's just not do-able without going through courts and a lot of proof to get the courts to view ISP logs... Not worth the time. Pick your battles wisely.

I conquer and you do have a point.

[Anonymust]

I change my passwords every month :)

And i dont click on crap emails (besides i use gmail better spam protection)

if i ever get email from someone (that i know of course) i ask them WTF was that email you sent me :)