Identity theft on Hotmail

[brucemacdonald]

I have just read on another forum that somebody has set up a Hotmail account in the name of a high-profile UK bushcrafter and is sending abusive emails and postings to various forums. Hopefully not this one, as it is so well-moderated!

The bushcrafter in question has contacted the Police and the Metropolitan Police Computer Crime unit and as far as I know has passed on the IP Address of the abuser. If the person masquerading as somebody else ever tries to access websites or send unsuitable or illegal material they will get a visit and will be prosecuted.

I hope that nobody on this forum ever condones such abuse of another's identity and that they would report this to the Moderators or to the Police. I also hope that anyone who does this and is caught is banned from BCUK.

 

[Tony]

We're already aware of the situation and if we come across anything we'll deal with it appropriately The person involved isn't a member of Bushcraft UK and so it should be easy to spot any untoward activities on here

 

[g4ghb]

not happy at all! - out ebay account got hijacked and they started selling things - took us ages to regain control!!!the blaggards! - string em up!

 

[ilovemybed]

So you mean you can actually prosecute someone for hijacking an email account and sending spoof emails?
Curses! Someone did that to me a few years ago and sent abuse to all the people in my address book. I found out who it was too, but never thought I could have had him collared, the fiend!

 

[Ahjno]

not happy at all! - out ebay account got hijacked and they started selling things - took us ages to regain control!!!the blaggards! - string em up!

Last thursday I had a "Spoof" mail. It contained a "message" from Paypal (I found out you can use a bankaccount aswell) that I succesfully added another e-mail to my account - Which, of course, wasn't true. In the message was a link, to go directly to the Paypal login page
Immediately checked my Paypal account, true the normal route (and thus not using the link in the mail) - but found nothing unusual.

Notified PP by forwarding the e-mail to their spoof@ thingy account. Within an hour had a reply: thank you for notifying etc. and the mail was indeed a spoof.
They would undertake appropiate action :AR15firin

 

[brucemacdonald]

So you mean you can actually prosecute someone for hijacking an email account and sending spoof emails?

Alas no, but if that person then tried to do something illegal over the net their IP Address would have been alerted to the authorities.

 

[steve a]

But if they were presenting themselves as that person and they wrote content that was defamitary or libellous then surely they would be breaking the law and as such could be prosecuted.

 

[Ed]

But if they were presenting themselves as that person and they wrote content that was defamitary or libellous then surely they would be breaking the law and as such could be prosecuted.

In law it comes down to evidence and proof. Yes you can trace the ip address and find the computer it was written on, but it is very hard to prove who was actually sitting at the keyboard typing at the time.... therefore in cases like this, its the site admin and hosts who tend to get into trouble as they are the publishers of the defamitary / libellous material, not the person who wrote them.

Ed

 

[steve a]

Thanks Ed for explaining that.

 

[ScottC]

I hope the person responsible is found and punished to the full extent of the law.

 

[Slimey]

In law it comes down to evidence and proof. Yes you can trace the ip address and find the computer it was written on
Ed

How successfull would that be though? I'm only asking because hardly any ISP's use static addressing, the only one I know that does by default is Demon. In the days of dialup you were likely to get a different IP each time you connected, some broadband is the same, NTL for example.

I guess that ISP's would keep a log of who got assigned what addresses, but whether you can get access to those logs is anyones guess, probably different for the authorities though.

In my experience ISP tech staff are about as much use as a bicycle to a fish.

End of teccy stuff, sorry.

I hope whoever has done this gets identified and suitably punished, its a very underhand thing to do.

Simon.

 

[pierre girard]

But if they were presenting themselves as that person and they wrote content that was defamitary or libellous then surely they would be breaking the law and as such could be prosecuted.

Not sure how the law works in the UK, but in the US, the above would be a civil matter - not a criminal matter. The involved party would be liable to civil action (a law suite), but not to criminal penalties.

PG

 

[Stuart]

Not sure how the law works in the UK, but in the US, the above would be a civil matter - not a criminal matter. The involved party would be liable to civil action (a law suite), but not to criminal penalties

if somone hacked a hotmail account surely hotmail/microsoft could pursue legal action against the hacker under the approprate laws?

 

[Tony]

I think you'll find that it's not been hacked, just set up. There's nothing illegal about that, it's just the use of it that could be dodgy

 

[Ed]

I was talking to the admin of one of the forums earlier today who gave me some details. Someone signed up to his forums using a hotmail account under a certain instructors name (not sure if it was said instructors account, or someone just registered a hotmail account under his name, so not sure if it was cracked)..... the post had links to a right wing forum on which this instructor is mentioned.

If it was hacked/cracked or not, posing as someone else online and providing links to racist material is just not on, it could seriously damage his reputation and business.

Ed

 

[Grooveski]

I've seen that happen . Set up an e-mail account and use it to register on a forum so the mods are as convinced that the person is legit as as everybody else is(at first).

Happened when a forum I was on went down and everyone had to set up again on the new one. Didn't really work out for the chump who done it even though he played it well and only used cafes to log on under that name.
He used a hotmail account too and was at home with the chat thing running. One of the mods spotted him and started chatting, offered him a file, checked the ip against records of the old forum and publicly shredded the poor sap.

Oh how we laughed....
He did cause merry mayhem for a few days though, and it certainly wasn't fun for the guy he had it in for.

 

[bambodoggy]

Oh the darkside of British Bushcraft!

I'm sickened and very saddened that somebody from within the Bushcraft community (whether a bcuk member or not) is even capable of doing this, it couldn't be any further away from what my own personal view of what the ethos of bushcraft is all about.

Truely a sad sad sad day for bushcrafting in the UK.

Bam.

 

[falcon]

A dark deed indeed.....and difficult to believe that while we've all enjoyed each other's enthusiasm for bushcraft at Gatherings and moots up and down the country there's a cranky individual somewhere who wants to plunge to such insidious depths.

 

[Martyn]

Oh the darkside of British Bushcraft!

I'm sickened and very saddened that somebody from within the Bushcraft community (whether a bcuk member or not) is even capable of doing this, it couldn't be any further away from what my own personal view of what the ethos of bushcraft is all about.

Truely a sad sad sad day for bushcrafting in the UK.

Bam.

I wouldn't worry about it Bam. As you know, it's the policy of this site to ban anyone who sets up a false identity for whatever reason, but we are particularly strict if the reason for the fake account is deception or malice. We have IP logs for all members and can spot dodgy accounts pretty well.

 

[Martyn]

How successfull would that be though? I'm only asking because hardly any ISP's use static addressing, the only one I know that does by default is Demon. In the days of dialup you were likely to get a different IP each time you connected, some broadband is the same, NTL for example.

I guess that ISP's would keep a log of who got assigned what addresses, but whether you can get access to those logs is anyones guess, probably different for the authorities though.

In my experience ISP tech staff are about as much use as a bicycle to a fish.

End of teccy stuff, sorry.

I hope whoever has done this gets identified and suitably punished, its a very underhand thing to do.

Simon.

Many ISP's dont use static IP's but they do have specific blocks of IP's allocated to them. You can trace accurately, any and all IP's back to an ISP - and therefore back to an individual user. If you have had any legal issues, then yes the ISP can pull the logs and trace back an IP in a moment of time to a specific computer in thier network. They will do it too if they are required to by law.

It is possible to make it very, very difficult to trace though, IP spoofing by using multiple anonymous proxies bounced through China is one example. It's still technically traceable but It's unlikely you'll get the sysadmin of an anonymous Chinese server to cough up his logs for all the tea in, erm ...China. A determined individual could hide themselves pretty well. It's lot of hassle to go to though, pretty unlikely I think.

I dont think what we are talking about here is illegal though. You can simply register with hotmail with any name you like and dont forget, there are often more than 1 person with the same name. That's not illegal. Unless this person actually pretends to be someone they are not, and causes harm through this action, I dont think there is any law broken.