±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35131
New Yesterday: 2 Visitors: 212

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Webinars

Fraud attempt from an IP address in USA - How to deal

Discussion of legislation relating to computer forensics.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
 
  

Fraud attempt from an IP address in USA - How to deal

Post Posted: Fri Jan 25, 2019 11:55 am

Hello Everyone,
According to my investigation, I figured out that an attacker has committed fraud from an IP address in USA. He/She used to use proxy earlier but, as we blocked all them he started using from a legitimate IP address without a proxy. Now that, we figured out the real IP address of the fraudster, how should we proceed legally ?

I tried to look up online but, the forensics stops when they found the real IP. Any ideas or suggestions would be helpful.  

oncusectest
Newbie
 
 
  

Re: Fraud attempt from an IP address in USA - How to deal

Post Posted: Fri Jan 25, 2019 1:10 pm

- oncusectest
Now that, we figured out the real IP address of the fraudster, how should we proceed legally ?


Assuming that you, your company and the suspected attacker are all located in the US, it is a case for law enforcement. Make sure all evidence is checked twice, well documented and acquired in a forensically sound way. Burn all evidence to a DVD and add your report with a timeline to it. Then hand it over to the local police or perhaps the FBI. Consult the lawyer of your company if you have one. Anyway, you should be very sure that you target the right IP address before giving it to the police.

Having this IP address identified does not necessarily mean that this is the source of the attack. By leveraging shodan.io you can see that the Internet is full with orphaned hosts that are hacked and abused for attacks.

regards,
Robin
_________________
--
All opinions are mine and are not necessarily the opinions of my employer. 

Bunnysniper
Senior Member
 
 

Page 1 of 1