Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
  • Post
  • Reply
Gorson
Aug 29, 2014



Not sure where else to go with this.

I work for a small Mom n Pop IT shop doing work for business clients. Yesterday, we had some strange behavior going on a client's server. It turned out that someone had RDP'd into it using an old account with a weak password. Well, this person did not cover their tracks and left a web browser window up with many tabs open. Most of these tabs were dating sites. The intruder was phishing for information from these women, and by the looks of it, he was doing pretty well for himself. One of the tabs was an email, evidently sent to himself, with information from one of the women he was targeting including name, address, routing info, bank, username, password, and security questions and answers. It is not entirely clear from this email if this is legit information and how he got it, but it would appear to me he is sending himself that information to an email account for archive purposes.

Long story short, we did some research based on a few key pieces of information in the email and believe we have tracked this gentleman down. I have his Facebook page, "hacking" website, Twitter account, and full name and location (city). I have IP addresses leading to his home country but have no way of verifying those are legit or proxies. What should I do with this information? I'm not into counter-terrorism and I don't have the time or desire to further this investigation myself. Turn the information into local police? FBI? Do nothing?

Adbot
ADBOT LOVES YOU

Gorson
Aug 29, 2014



We've decided to give it to the local detective. If they want to run it up the chain, they can. This guy's a pretty small fish but if he's scamming routing information from someone he is racking up some fed charges, who knows maybe someone already has a case on him and our evidence could help. Thanks for the advice everyone.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply