Any cyber-sleuths on here?

[Nineline]

Looking for a little n00b help from those who have the interweb skillz....

Yesterday I found out that I was the victim of debit card fraud after noticing some unauthorized charges in my checking account. After calling the merchant where the fraud was generated, I was able to convince him to give me the IP address from the fraud source: 173.234.216.236. Other than having it included in a police report, what else can this be used for?

-9-

[BQZip01]

Looking for a little n00b help from those who have the interweb skillz....

Yesterday I found out that I was the victim of debit card fraud after noticing some unauthorized charges in my checking account. After calling the merchant where the fraud was generated, I was able to convince him to give me the IP address from the fraud source: 173.234.216.236. Other than having it included in a police report, what else can this be used for?

-9-

Start with reporting it to the local authorities and get a case number. Then report it to your bank/credit union (they will likely want the case number). It is HIGHLY unlikely that the police or FBI will ever even pursue the case since it has a relatively low success rate, but your bank should refund the money once they can confirm you never got what you asked for.

As for the IP address, you can use a number of utilities to find out more about the source of that IP address. For example, Wikipedia provides about a dozen links for any IP address (look at the bottom of this page): http://en.wikipedia.org/wiki/Special:Contributions/173.234.216.236

Good luck!

[damastas]

http://whois.arin.ne...234-216-0-1/pft

Quick whois from ARIN shows that the physical address is in Atlanta and that the POC for whoever owns the network is in Arizona. Unfortunately you can't get much more information than that. If you had the date/time that whatever fraud was committed, the ISP could easily pull up their logs and see what physical location that IP address belongs to. But chances are, the ISP won't just hand you that info without a search warrant, and no law enforcement office is gonna bother getting a warrant for something that minor. Which really, even if they did, there are so many other variables - just because they find the physical location of that IP address and who it belongs to, doesn't mean that was the one who committed the crime. Could have had an open WiFi access point that anybody could have done it from, somebody could have proxied it through his computer.. just too many variables.

EDIT: 1-480-212-1710 is the ISP's POC number, could always call them and see what they say. :P

Edited September 24, 2011 by damastas

[BQZip01]

http://whois.arin.ne...234-216-0-1/pft

Quick whois from ARIN shows that the physical address is in Atlanta and that the POC for whoever owns the network is in Arizona. Unfortunately you can't get much more information than that. If you had the date/time that whatever fraud was committed, the ISP could easily pull up their logs and see what physical location that IP address belongs to. But chances are, the ISP won't just hand you that info without a search warrant, and no law enforcement office is gonna bother getting a warrant for something that minor. Which really, even if they did, there are so many other variables - just because they find the physical location of that IP address and who it belongs to, doesn't mean that was the one who committed the crime. Could have had an open WiFi access point that anybody could have done it from, somebody could have proxied it through his computer.. just too many variables.

EDIT: 1-480-212-1710 is the ISP's POC number, could always call them and see what they say. :P

FWIW, It the actual net traffic looks like it came from Atlanta. Contact the service provider and could probably get some more info pretty quickly. You'll need to have the date & time available and you can probably narrow it down to a hundred or so customers.

[M2]

Trust me, that IP address is not likely to be the source of the crime. Cyber thieves know how to cover their tracks pretty well, so the best you can do is contact your financial institution and get things resolved from your side and make sure it has been reported to the authorities. Unless you are well-skilled and experienced in such matters, you'll have zero chance of tracking the culprit down..

[Masshole]

Looking for a little n00b help from those who have the interweb skillz....

Yesterday I found out that I was the victim of debit card fraud after noticing some unauthorized charges in my checking account. After calling the merchant where the fraud was generated, I was able to convince him to give me the IP address from the fraud source: 173.234.216.236. Other than having it included in a police report, what else can this be used for?

-9-

Not a whole lot. You used to be able to easily break into people's computers, but most new laptops and computers have so many firewalls that it is difficult to penetrate (sts) without them being able to reverse track to your relative location. Basically it is kind of pointless to do that anymore because you are most likely going to get caught. You can try to track where they live, but it is easy for hackers to hide their IPs under layers of proxies. You cannot get a full name and location unless you have a legal reason to (which you seem to have). A quick search says Druid Hills, GA (??).

[rancormac]

Also, they most likely did it from an unprotected wifi they hopped onto. The IP address was probably assigned to some 90 year old grandma's unsecured wifi.