I'm by no means a Computer Guy LOL & was wondering about IP addresses (or whatever it is they are called) My Q is "How easy is it to track someone to their exact location via the address on their Comp?" I ask becasue there seem to be lots out there that seem to think just because they don't use their real names or say where they are from etc. that no one can find out who/where they actually are. So all you folks that know how to do it, how easy is it to actually track someone to the computers location. Mark :confused:

Well... You can get pretty granular...
You can track that person down to an ISP.. and possibly region depending on how much info the ISP gives in its DNS records for that IP...

BUT... if you wanted a civic address, you would need to either work for or know someone that works for that person's service provider

So like you say above it is totally possible then? As long as you can access the info like have an insider or say even a court order? I say court order because lots of folks seem to think it OK to openly discuss laws they knowingly break because they think they can't be found via the net. So if someone had the access or authority it is totally possible then? THX Mark

if for example u had a person most frequently trying to hack you and Norton Anti-Virus picked up his IP address, you would not be able to find out by your self where he lives, only what provider he uses (for example his internet provider is Sympatico Ottawa, then it would show that on the map)

Yes, if an ISP is presented with a court order, they can release the data to lawyers / law enforcement.

In fact, law enforcement often do this for snooping...

So ABSOLUTELY it can be done.

Ummm in the case you mention, NO they would not release the data to you or law officials... what the proper thing to do is to complain to that ISP's abuse dept and they will take action. In fact, most cases of hacking are due to trojan's / virii... so the owner of the system doing the hacking is usually unaware...

here's a neat little program that will show you geographically where the person's IP address is connecting from (down to the ISP of course)

www.visualroute.com

I know what Gonesnakee is talkin about is people saying they have illegal animals etc.. What happens if you sign on, on 3 diffrent computers.

Thats 1 thing I was getting at Yup. I'd say with 3 different comps they would be able to track you to the 3 different locations. Most instances authorities couldn't be bothered I'm sure but its there for them if they want it basically, Mark

Yes... if an ISP wanted to.. they can track you to any location on their network :) Thats a fact :D

Thanks for the reply, like you I also dont know to much about computers...LOL

If you use 3 different comps and they are all using the same isp (I have a wireless network in my house), having 3 or 100 comps wouldn't change a thing.

I know that but I use comps in totally diffrent areas of the province. I geuss I should have been more specific..Sorry

even if you were in different areas of the province.. so long as its the same ISP.. they got ya... and even if not.. ISP's work together on matters like this.. You are NEVER anonymous :D
Big BROTHER is always watching ;)

Cool enough, I was just asking.. Like I said I dont know to much about comps. Thanks for the info though.

i was gonna ask the same question cause i wwas givin an ip address from paypal saying that my account was trying to be hacked into... and i had to go through some steps to varify my account... i could do it so i emailed them...


well i just downloaded a program and its someone from Dortmund Germany that tryin to get into my paypal...

does anyone have any suggestions on what i should do.. it twice now.. one yesterday and once today...

yea... all u can do is report them to their ISP's abuse dept... if u post the IP I prolly can give u their abuse email addy...

Also report the incident to paypal

Thing is... the hacker might be using a box in germany to attack yer accnt, but could be hopping between a number of servers to hide his/her tracks :)

paypal is the one who emailed me about.. here is an example of the paypal email except they had there naim stamped all over it...

Information Regarding Your account:
Dear PayPal Member:

Attention! Your PayPal account has been violated!

Someone with ip address 149.225.126.87 tried to access your personal account!

Please click the link below and enter your account information on the following page to confirm that you are not currently away. You have 3 days to confirm account information or your account will be locked.

than some personal info.. the mail was from
Anti-fraud@paypal.com

What info do they want u to confirm? U sure its from paypal? SHOW me the email header...

Could be a phishing attack :)

Anywho:

Here is the info for that IP... its on UUnets ip network, there is emails and phone numbers listed :)

remarks: netname: CUMULUS-1
descr: EUnet Deutschland GmbH
descr: Emil-Figge-Str. 80
descr: D-44227 Dortmund
remarks: country: DE
admin-c: UH266-RIPE
tech-c: UH266-RIPE
remarks: changed: hostmaster@arin.net 19970728
remarks: changed: hostmaster@arin.net 20030121
remarks: **** INFORMATION FROM RIPE OBJECT ****
netname: CUMULUS
descr: UUNET Deutschland GmbH
descr: Sebrathweg 20
descr: D-44149 Dortmund
country: DE
admin-c: HE15-RIPE
tech-c: HE15-RIPE
status: ASSIGNED PI
remarks: date of original assignment unknown, possibly 1991-1992
mnt-by: UUNETDE-I
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-lower: RIPE-NCC-HM-PI-MNT
changed: hostmaster@de.uu.net 19991022
changed: hostmaster@ripe.net 20001114
changed: er-transfer@ripe.net 20031016
source: RIPE

route: 149.224.0.0/13
descr: UUNETDE-AGG-149.224
origin: AS702
member-of: AS702:RS-DE,
AS702:RS-DE-PA,
AS702:RS-DE-PULLUP
mnt-by: WCOM-EMEA-RICE-MNT
changed: rice@lists.mci.com 20040102
source: RIPE

role: Hostmaster UUNET Deutschland
address: UUNET Deutschland GmbH
address: NIC & DNS
address: Sebrathweg 20
address: D-44149 Dortmund
phone: +49 231 972 00
fax-no: +49 231 972 2082
e-mail: abuse@de.uu.net
trouble: abuse reports to abuse@de.uu.net
admin-c: AW-RIPE
admin-c: USB1-RIPE
tech-c: AW-RIPE
tech-c: USB1-RIPE
nic-hdl: HE15-RIPE
remarks: role account for the Hostmaster at de.uu.net
remarks: could be Andreas Wittkemper, Ulrich Schulze-Boeing,
remarks: Frank Eckermann or Daniel N. Rasmussen
remarks: e-mail : hostmaster@de.uu.net
notify: hostmaster@de.uu.net
mnt-by: UUNET-P
changed: Ernesto.Halbach@Germany.eu.net 19950705
changed: hostmaster@de.uu.net 19971205
changed: hostmaster@de.uu.net 19980408
changed: usb@de.uu.net 19990107
changed: aw@de.uu.net 19990309
changed: usb@de.uu.net 19990518
changed: usb@de.uu.net 19990702
changed: ts@de.uu.net 20001004
changed: ts@de.uu.net 20001120
changed: usb@de.uu.net 20020408
changed: usb@de.uu.net 20021001
source: RIPE

person: UUnet-DE Hostmaster
address: UUNET Deutschland GmbH (formerly EUnet Deutschland GmbH)
address: Emil-Figge-Str. 80
address: Dortmund
address: D-44227
address: DE
phone: +49 231 972 0
fax-no: +49 231 972 1177
e-mail: hostmaster@de.uu.net
nic-hdl: UH266-RIPE
mnt-by: RIPE-ERX-MNT
changed: hostmaster@arin.net 19960508
changed: hostmaster@arin.net 19971024
changed: er-transfer@ripe.net 20030917
source: RIPE

oh ya im sure they have security links and comfirmation passwords ect. ect

they give you this little statement.

Protect Your Account Info
Make sure you never provide your password to fraudulent websites.

To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal login page (http://paypal.com/) to be sure you are on the real PayPal site.

PayPal will never ask you to enter your password in an email.

For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips


Protect Your Password
You should never give your PayPal password to anyone.
--------------------------------------------------------------------
paypal email id's ect...

i dont know how to get you the email header...

and what am i supposed to do with all that info.. .email it to who.. i know what email to use (i think) but do i email all that info or just the ip address

looks legit.. but until u see the headers.. no way to know :).. even though they using URL's... if yer PC was compromised at all they could poison DNS lookups on yer computer and make it look like its paypal... ;)

Anyhow.. sorry if I made ya paranoid... U can always email me the entire email that was sent to ya :D bpaolucc@rogers.wave.ca :)

Yea just like Shadow was saying "if you wanted a civic address, you would need to either work for or know someone that works for that person's service provider."

It would be pretty hard to find it out on your own without working for that person's ISP or know someone that works there. You can always hack their ISP account, but that is no easy task lol.

If you have a laptop you can drive around looking for their network only if you know what city they are in and narrow it down from there.

I say it is possible, but i would take a lot of work.

LOL.. drive around??? yer assuming its wireless?
and some ISP's use proxies... so u could never tell :D Unless u have access to the proxy logs :D And some IP leases are very short.... say 8 hours ;)... then what? Uless u have access to logs.. yer not gunna find a thing :D And even so... u would have to know something about how the ISP has their lines wired... ie.. how layer 1 logical maps are set up to civic addresses :)

deleted... why take up space

but what and who do i email...

LOL yea thats not the header... the header is not visible via a standard view... it would show u the original Ip the email was sent from and all the servers that the email traversed to arrive in yer inbox :)

how do i show you that then.. im in way over my head

From : Anti-fraud@paypal.com <Anti-fraud@paypal.com>
Reply-To : Anti-fraud@paypal.com
Sent : Thursday, February 17, 2005 12:03 AM
To : peterm15@hotmail.com
Subject : Warning! Your account has been violated!


is that what you mean

Okay with hotmail,
go to options... and there u will see message headers... select advanced... and ull see :)

No... what you posted is not what I meant :)

Looks more like this:

Message-ID: <BAY15-F300E9E58D98CEED7EA9FB2BF6D0@phx.gbl>
Received: from 64.229.185.206 by by15fd.bay15.hotmail.msn.com with HTTP;
Thu, 17 Feb 2005 05:57:33 GMT
X-Originating-IP: [64.229.185.206]
X-Originating-Email: [blah@hotmail.com]
X-Sender: blah@hotmail.com
From: "Josh k" <blah@hotmail.com>

LOL Shadow, yea you would have to be very knowledgeable to do it.

I think pretty much all ISP's have their networks proxied. But you would be grabbing the information before it got there. Plus if its wireless it's easy to get access, 95% of people dont secure their WAN properly, so you can even figure out the person's name and stuff haha.

Even if their network wasn't wireless, the IP will give you a good idea of where they are. And for *cough *cough Rogers, you would have to tap the Roger's cable box which I have heard is easy to do.

Haha all I'm saying shadow is it is still very plausible with the right mind and with a little luck lol.

LOL... I can tell u from experience... tapping a rogers cable box or modem will get u nothing even if you tap a line itself.. Ull see nothing but RF signals... I talk as an expert in this area ;)

I challenge anyone that does not have access to their internal servers to trace anthing down to a civic address :) I know for a fact that even law agencies cannot do it unless the data is provided :)

MIME-Version: 1.0
Received: from ws9.surf-town.net ([212.97.132.109]) by mc3-f16.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 16 Feb 2005 16:03:36 -0800
Received: by ws9.surf-town.net (Postfix, from userid 398)id 8F2E77470AC; Thu, 17 Feb 2005 01:03:34 +0100 (CET)
X-Message-Info: JGTYoYF78jFlIRIhbGqSmo5SOzjZOXZT1iKf1wR3YRM=
Return-Path: httpd@ws9.surf-town.net
X-OriginalArrivalTime: 17 Feb 2005 00:03:36.0746 (UTC) FILETIME=[20BD90A0:01C51484]

that was right on the main page.. lol.. sorry for my stupidness :D

peterm15, did you switch it to advanced? we wanna see the x-originating-ip section :)

ya im on advenced.. below there is a link that says view email message source.. when i click it gives me this...

sans-serif;
font-size:12px;color: #000000;}
</style>

<table width=680 align=center>
<tr><td><A target="_blank"href="https://www.paypal.com/us"><IMG src="http://images.paypal.com/en_US/i/logo/email_logo.gif" alt=PayPal border=0></A></td></tr>
</table>
<table width="100%" cellpadding=0>
<tr><td background="http://images.paypal.com/images/bg_clk.gif" width=100%><img src="http://images.paypal.com/images/pixel.gif"height=29 width=1 border=0></td></tr>
</table>
<br>
<table align=center>
<tr>
<td width=400>
<table>
<tr><td>Information Regarding Your account:</td></tr>
<tr><td><b>Dear PayPal Member:<br><br>Attention! Your PayPal account has been violated!<br><br>Someone with ip address 149.225.126.87 tried to access your personal account!</b><br><br>Please <b>click the link below</b> and enter your account information on the following page to confirm that you are not currently away. You have 3 days to confirm account information or your account will be locked.<br><br>
<table width="80%" cellspacing=0 border=0 bgcolor="#FFE65C" align=left>
<tr><td>
<table width="100%" cellpadding=4 bgcolor="#FFFECD" align=center>
<tr><td class="pp_sansserif" align=center><a target="_blank" href="http://account_verify.web.aplus.net/">Click here to activate your account</a></td></tr>
</table>
</td></tr>
</table>
<br><br><BR>You can also confirm your email address by logging into your PayPal account at <a target="_blank" href="http://account_verify.web.aplus.net/"><br>http://paypal.com/</a>. Click on the "Confirm email" link in the Activate Account box and then enter this confirmation number: <br><br>Thank you for using PayPal!<br>The PayPal Team
</td></tr>
<tr><td><hr class=dotted></td></tr>
<tr><td>
<tr><td class="pp_footer">Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, <a href="http://account_verify.web.aplus.net/">log in</a> to your PayPal account and choose the "Help" link in the footer of any page.<br></td></tr><tr><td><img src="http://images.paypal.com/en_US/i/scr/pixel.gif" height=10 width=1 border=0></td></tr>
</td></tr>
<tr><td>PayPal Email ID PP059</td></tr>
</table>
</td>
<td width=190 valign=top>
<table cellspacing=0 cellpadding=1 bgcolor="#cccccc">
<td>
<table cellspacing=0 cellpadding=0 bgcolor="#ffffff">
<tr><td>
<table width="100%" cellpadding=5 bgcolor="#eeeeee">
<tr><td align=center>Protect Your Account Info</td></tr>
</table>
<table cellpadding=5>
<tr><td>Make sure you never provide your password to fraudulent websites.<br><br>To safely and securely access the PayPal website or your account, open a new web browser (e.g. Internet Explorer or Netscape) and type in the PayPal login page (http://paypal.com/) to be sure you are on the real PayPal site.<br><br>PayPal will never ask you to enter your password in an email.<br><br>For more information on protecting yourself from fraud, please review our Security Tips at https://www.paypal.com/us/securitytips<br></td></tr>
</table></td></tr>
<tr><td>
<table width="100%" cellpadding=5 bgcolor="#eeeeee">
<tr><td align=center>Protect Your Password</td></tr>
</table>
<table cellpadding=5>
<tr><td>You should never give your PayPal password to anyone.<br></td></tr>
</table>
</td></tr>
</table>
</td></tr>
</table>
</td></tr>
</table>
</xhtml></span>

wow that cant be it.. lol... i just cut and pasted.. other wise thats all the new info that was collected...i would email it too ya im just kinda iffy about giving out that confirm number

Whats up with the return path of:

httpd@ws9.surf-town.net

Im highly suspicious of the email...
Why is the return address to a place in amsterdam?

Non-authoritative answer:
Name: ws9.surf-town.net
Address: 212.97.132.109

shad0w@linux:~> whois -h whois.arin.net 212.97.132.109

OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL

ReferralServer: whois://whois.ripe.net:43

NetRange: 212.0.0.0 - 212.255.255.255
CIDR: 212.0.0.0/8
NetName: RIPE-NCC-212
NetHandle: NET-212-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
NameServer: NS-PRI.RIPE.NET
NameServer: NS2.NIC.FR
NameServer: SUNIC.SUNET.SE
NameServer: AUTH03.NS.UU.NET
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
NameServer: TINNIE.ARIN.NET
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at http://www.ripe.net/whois
RegDate: 1997-11-14
Updated: 2004-03-16

# ARIN WHOIS database, last updated 2005-02-17 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.


Found a referral to whois.ripe.net:43.

% This is the RIPE Whois query server #1.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

inetnum: 212.97.132.0 - 212.97.133.255
netname: SURFTOWNDK
descr: Surftown A/S
descr: Lyngby, Denmark
country: DK
admin-c: FS1470-RIPE
tech-c: FS1470-RIPE
status: ASSIGNED PA
mnt-by: AS9120-MNT
mnt-lower: AS9120-MNT
changed: akp@cohaesio.com 20041201
source: RIPE

route: 212.97.128.0/19
descr: Cohaesio A/S
origin: AS9120
mnt-by: AS9120-MNT
mnt-lower: AS9120-MNT
mnt-routes: AS9120-MNT
changed: akp@solit.dk 20010107
changed: akp@cohaesio.com 20031024
source: RIPE

person: Frederik Schouboe
address: Maglebjergvej 5 D
phone: +45 45 93 77 34
e-mail: fs@surftown.dk
mnt-by: AS9120-MNT
nic-hdl: FS1470-RIPE
changed: akp@cohaesio.com 20030331
source: RIPE

thats not a good thing eh...

Looks like a phishing scam... someone trying to coax yer paypal info out of you.... dont respond to it.

so what can i do now... i got 2 of them one on the 16 and one today..

delete them... email paypal yourself to be safe... thats your safest bet... paypal would NEVER ask you to send account info over the internet...

Originally posted by Shad0w
I challenge anyone that does not have access to their internal servers to trace anthing down to a civic address :) I know for a fact that even law agencies cannot do it unless the data is provided :)

I'll get right on that now ;)...

i couldnt.. it even says not too.. i did the part where you confirm your email while logged into pay pal and i couldnt do it...

You can also confirm your email address by logging into your PayPal account at
http://paypal.com/. Click on the "Confirm email" link in the Activate Account box and then enter this confirmation number:

Thank you for using PayPal!
The PayPal Team

after that i contacted the help area of paypal... asking what was goin on..

and they didnt ask for the info.. they asked me to log into my account then confirm my email... plus i did that through a new window.. didnt use the link...

LOL :)

I have NO doubt that the email u got was a phishing scam.. u see that link for activating your account? Look at where it leads to:

http://account_verify.web.aplus.net/

WTF is that :D certainly not a paypal domain :)

And it says...

Please click the link below and enter your account information on the following page to confirm that you are not currently away. You have 3 days to confirm account information or your account will be locked.

U HUH :)
U just dodged a bullet my friend ;)

oh crap... ok say wort case senario.. they get into my account.. which i can still get into... so they havent changed passwords.. is that the basics of what will happen or can they get in now without my password.. should i change it to be on the safe side..

oh i hope im not screwed.. well i have a friend that i think ill have to look back up.. give him a little homework.. thanks for your help...

they wil get in with your password using that scam or would collect enough info to pose as you and have paypal give them the password... and if you had funds.. they might have initiated transfers to accounts...

U didnt respond to them did you?
Uggg.. I got this feeling u did....

If you did... contact paypal right away and tell them...

no.... im just really nervous... there was no way to respond.... thats why i logged into the account too see what was goin on.. and when i did what they said to the mgs came up "email already confirmed" all that was done throuhg paypal while i was logged into my account..

here this was taken from paypal security...

Greeting: Emails from PayPal will address you by your first and last name or the business name associated with your PayPal account. Fraudulent emails often include the salutation "Dear PayPal User" or "Dear PayPal Member".

i really should read this stuff more often..

Cool... Welp, now ya know what a phishing scam looks like, and you have an idea how to verify where an email is comming from :)

This sort of scam hits allot of average users :(

Drop me an email if you ever need help with this stuff again :)

i just fowarded the email too paypal.. spoof@paypal.com from there security section.. luckly i dont have much.. .so if it is hacked then ahh well.. im gonna change my password daily for a few days.... you think that will help...

Nice work Shadow. You RULE!!!!

thanks alot... youve helped so much.. i couldnt even begin to tell ya.. i just hope nothin happens... and yes you do rule... thanks so much

Too bad you can't get help that good when you call Rogers tech support eh? :P

-Matt

peterm15, I would change yer password if I were you for sure... make sure to use at least 8 characters, alpha numeric and try to include symbols...

easy to remember examples.. pick a word and sub in numbers and symbols for the letters...ex:

snowballs = 5n0w8aLL$
something like that is a good strong password :) and is very hard to crack.
(dont use what I posted though) :)

Hey Matt :)

Im not in tech support
Server Operations here buddy :D Me no talk to customers... me talk with other operations / engineering folk :D

Woops.. I read yer comments wrong bro ;)
Okay.. my secret is out.. LOL

LOL, it's okay man, I bug Matt about it everytime I see him.. I HATE having to call Rogers for anything.. Now if I need help, I just get in touch with Marisa and then Matt. :D

Much easier that way and no BS.

-Matt

Dont blame ya :)
Im sure myself and Matty could help ya out ALLOT more than tech support ever could :)

ok changed.. wow.. its a good one 2... lol... thanks again.. and ya too bad you dont get service like that...

oh and i guess your a computer engineer.. my sises b-friend is one 2 and he goes on and on and on about things i dont understand.. lol.. hes actually building me a temp controll system to controll all my herps...well hopefully.. hes done it before so..

;)

Heh... yea read Matt and my posts above about what I do... thatll give ya an idea :)

an idea for what...

U said U guess Im a computer engineer... I said read the above post Ull get a better idea of what I do :)


Matt posted the following.. u have to read into it:
Too bad you can't get help that good when you call Rogers tech support eh? :P
-Matt

Then I wrote:

Hey Matt
Im not in tech support
Server Operations here buddy Me no talk to customers... me talk with other engineers
Woops.. I read yer comments wrong bro
Okay.. my secret is out.. LOL


Get it? :D

well you said you talk to other engineers... so to me that means your an engineer too.. for rogers is my guess.. and i know com engineers can work in a whole bunch of different areas.. like lawrence ( my sises b-friend) works at a bank and his job is basically to crash programs all day.. which to me is easy cause i crashed my old com like 10 times.. lol..

but in sept im going to school to be an engineer too, a mechenical engineer but its an engineer...

I was going to go for computer engineering....but I'm not THAT good in math so I will settle with computer science instead ;).

Shadow why are you misleading these nice people? You and I both know you "engineer" for the 24 hour street meat cart near the Rogers building :P :P :D :D


Marisa

Originally posted by Asian Jon
I was going to go for computer engineering....but I'm not THAT good in math so I will settle with computer science instead ;).

well for me math is my life... i can do it all.. and its all i can do, that and build stuff.. lol... when i was in gr 11 i was "teaching" gr 12 functions and relations, which in my school was the hardest course. i was in an alt ed corse so you kida teach yourself.. so.. but even the teach couldnt do it.. and i was only working in tech math... lol.. the only thing i have troubles in are quadratic equasions, it takes me a while. and my times tables... lol ok dont laugh.. i can do math... i cant do them in my head..

Originally posted by marisa
Shadow why are you misleading these nice people? You and I both know you "engineer" for the 24 hour street meat cart near the Rogers building :P :P :D :D


Marisa

REALLY!!!! sounds like an even better job :D :D ;)

Yeah, he's all about the street meat.. ;)

-Matt

Thread Jackers! LOL Mark

Hey Peterm, yea math is easy with practice, I think anyone can do it. It's all formula and steps and can easily be learned with a bit of time. As for becoming a mechanical engineer, good luck, I tried my hand at engineering and figured it wasn't for me.

As for the IP address and people talking smack, you can't find out where they live with an IP alone, but once you have an IP, what is stopping you from finding out where they live via their computer.

Mike

MMMMM street meat... sounds like Lunch for Matty and I :D

It all depends on the security of the ISP in question. Most IPS don't leave information lying around that would let you track someone down, but in the past I've managed to get info on people from loopholes.

One involved getting the IP of a person on IRC who was harassing a friend and then logging in as a guest to their ISPs telnet service, and using the who command to see who was logged in where. They also had a telnet accessible matchmaking service that was linked to that users account. He freaked when we told him his real name, height, weight, hair color, etc. Don't know if he ever clued in.

A little social engineering works as well. I showed a girl in the states how she should be more careful with the info she gives out in a public channel by sending her a map to her doorstep. From her IP address, and the fact that she'd given her first name to one person and last name to another, it was an easy task to track her down. She was shocked.

ISP security is typically much better these days (both these events happened in the mid to late 90s), but people will give up all kinds of personal info if you ask the right questions.

When it comes to receiving emails from companies that you deal with (Paypal, ebay), unless you know how to read email headers for IP addresses and such, never click on them. Just type in the URL of the main site yourself, and if necessary contact customer service.

There are a few methods out there of disguising links to look like one thing when they're really another. And you can end up on the most legitimate looking site you've seen and still get screwed.