14 DAY TRIAL // Cybercriminals aren’t the only ones using the Internet to commit their crimes. “Traditional” criminals often rely on the Web to stalk their victims and kidnappers send ransom notes to the families of individuals they abduct.
In the past, the abductor would send a ransom note back to the victim’s family made of newspaper clippings and police had to physically investigate the pieces of paper in hopes of finding a small clue that could lead to the culprit.
Nowadays, the ransom note is sent via email or social media websites, because most crooks believe that by creating a fake email address or profile they can keep their identities hidden.
However, as Kaspersky experts point out, non-cyber criminals are not as smart as cybercriminals when it comes to hiding their online trail.
While the easiest way to track down a perpetrator would be to get a social media network or an email service provider to reveal their IP address, it’s not always easy, even with a court order in hand.
On the other hand, their lack of information security knowledge makes criminals easy targets for social engineering attacks.
In one particular situation, while helping authorities investigate a kidnaping, one Kaspersky researcher utilized a clever technique to get the kidnapper to reveal his IP address.
He sent him a link to a specially crafter GIF image file. While the crook didn’t think much of it because it appeared to be a randomly changing image, in the background, a script collected User agent, operating system versions and the IP address of the one visiting the site.
This way, authorities were able to pinpoint the criminal’s location in no time.
“The arrest was so quick that as I was chatting with the criminals, police arrested them with their hands on the keyboard. The victims returned home safe and sound. The rescue operation was a complete success!” the researcher explained.