Thursday, November 02, 2006

Tracking a User Posing as You on Social Networking Sites - Orkut, Hi5 et al

Tracking a User Posing as You on Social Networking Sites - Orkut, Hi5 et al

Pen and a book (papers get misplaced)
Create a new word/notepad file

This list is by no means complete. It is not a guarantee that you will find the user behind the fake or spoofed account. This is a checklist of to-dos, just so that you can go through before hitting the panic button.

The first step is to note the date/time when you became aware of your fake account. So, if you know about the fake account at 9 in the morning on 1st January, make sure you enter the time in the diary as January 1st, 9AM and _not_ January 1st, 12PM or whatever else comes to your mind.

This will help you backtrack a couple of days and figure out if you pissed off a friend earlier. If you _did_ create foes lately, do _not_ jump to conclusions and accuse them. What you really need is evidence.

You are trying to piece together a puzzle and not accuse.

- How to gather the evidence?

+ Begin by checking the fake profile for patterns.
Look for words and sentences and compare them with emails you received from friends, your ex etc. Check the alphabet case. Are certain words in upper or lowercase and can these be matched with previous emails or letters?

+ Repeat the steps above and check for patterns in scraps (Orkut) and emails or letters received from the creator of the fake account.

+ Note the date/time when you receive messages from the spoofed account.
Does the person reply at a certain time? Does the time correspond with your local time zone? If you send a message at 9 in the morning does the reply come in within a few minutes or at midnight? If the message is received within a short period of time, then most likely the person is in the same time zone as you.

Does the person reply on Sundays? If not, then the person is probably at work and sending the emails or messages from a work computer.

+ You could begin an email conversation with the person behind the fake account and again look for patterns in the replies. Do _not_ ask questions such as, who are you? Where you from? The person has to be a real moron to tell you who (s)he really is.

+ Photos
If the fake account contains your photos, try to think. Do all your friends and family have copies of these photos? Or did you send the photos to a group of friends or a person? Is it possible that the photos were grabbed online from a public space? If so, who had access to them and when?

+ Trace and log the IP Address
Every email sent contains an IP address. The IP address can be used to trace the source Internet Service Provider. Check the email headers for the IP address from the emails received. Trace the IP and find the name of the Internet Service Provider. Pinpoint the telephone if the IP address is in the same city as you.

Does the IP address point to a company? Try to think of people you may know who work there and see if someone can help you out.

Remember to note the IP address along with the sent and received timestamp. An email header is like a diary, it logs detailed information as it makes its way to your Inbox. The time and date that an email was sent could be different from the time and date when you received it.

+ Talk
Bring up the conversation with your friends. Look around and listen to what they say.
Does someone know more than you?
Could a buddy in your group know who is behind the fake account?
Does a person you know have a history of creating fake accounts? If so, watch him/her closely.
Ask questions, look for clues

+ Check the friend list in the fake account
Go through the friend list and check if they were added in the same day?
It is likely that the creator of the account will know those friends.
List the common friends between you and those on the fake account.
Check the messages (for patterns) that your friends received from the fake account.

+ Know your Information Technology laws
Get on a search engine ( and do a search for:
your-country-name information technology law
(substitute your-country-name with your country)
This will help you better understand the issues and discuss with the authorities.

+ Law enforcement
Send an email warning the person that you take up the matter with the authorities. If (s)he does not comply then file a complaint. The email should be sent with your full name and not from the fake account.

No comments: