How to Trace an IP Address - Lyonswood Private Investigators

How to Trace an IP Address

Show all

How to Trace an IP Address

How to Trace an IP Address

Are you being harassed online and want to know how to discover the location of the person filling your inbox with defamatory, extortionist or vile correspondence? An IP address is the key.

Every day we are approached by people who want to be able to trace the source of an email, a Facebook message, a tweet, some other unsolicited online communication or attempt at computer hacking. Incidences of online threats, defamation, harassment and spyware intrusions are ever-increasing and, in turn, more and more internet users want to be able to work out who is responsible for the offensive behaviour.

The first question to ask is: is the behaviour serious enough to go to the effort of forensically identifying the person responsible? The message may be unpleasant, however, to be able to prove without a doubt who is responsible will take time, effort and (usually) expenditure. If you are suffering an economic loss or serious or continued personal attacks then you may have a reason and a basis for pursuing the matter further.

Internet Protocol: Tracing the IP

The first step, as many people are aware, is finding the Internet Protocol (IP) address of the culprit. Put simply, the IP address is the label assigned to a computer when it is connected to the internet. If the IP address can be identified, there is a chance that the person using the computer attached to that IP address can also be identified and forced to stop the unwanted behaviour. The problem? Usually emails, Facebook messages and tweets don’t show IP addresses. Some other email providers like Hotmail do record the IP address of the sender, but people who want to remain anonymous online usually know this and favour Gmail for conducting their nefarious activities.

Despair not – in some circumstances, through some carefully planned investigative work, it is possible to find the IP address of a sender using Gmail, Facebook and similar seemingly anonymous accounts. We were recently successful in identifying an online bully who used a Gmail account which he thought granted him anonymity. The bully sent emails threatening blackmail to our client and we were able to forensically document his IP address and successfully take matters all the way to the Supreme Court of NSW: AS v Murray , 2013

A Case of Whodunit

Once you have the IP address, you need to be able to link this to a person. Usually this is done through a court order, forcing the relevant Internet Service Provider (ISP) to disclose any information they hold about the culprit. If there is a suspect then it may be possible to get his or her IP address through some other less-expensive means. A court order is only available to those people who would have a legal action available to them if the person were identified.

Evidence in these matters should be gathered properly so that you can ensure the party responsible for the offensive content can be definitively identified. It is important to engage reputable computer forensic experts who are accepted by courts as expert witnesses but IT expertise alone will not necessarily lead to a resolution of your problem. These matters should be managed by an experienced investigation team, such as Lyonswood Investigations and Forensic Group, with broad-based expertise in problem-solving who will understand all the options available to you and who have contacts in the legal fraternity. Lawyers and IT professionals alone are often not cognisant of the full spectrum of techniques available.

The Time is Now

Time is of the essence when trying to identify an online perpetrator. Many IP addresses are dynamic, meaning that the ISPs which record the IPs only retain the information for a short period of time. If you don’t commence action promptly after identifying the IP address then your chances of success decrease rapidly. Another thing to remember is that you should always speak to an expert before asking for content to be deleted from the internet. If there is an offensive tweet for example and you ask Twitter to delete it (and/or the account responsible) before it has been forensically documented, you can probably kiss your chance to identify the malicious tweeter goodbye.

If you are able to identify the user then you have the option of having your lawyer send them a letter, commencing a civil legal action against the person or providing a detailed report to the police in the hope that they will decide to prosecute the person. Sometimes you may be able to get a search order, which allows your lawyer to go into the home of the suspect to gather documents and digital evidence.

In any investigation, it is important to realise you are dealing with the unknown. The anonymity of the internet (and the inability for the law to match the momentum of the digital age) means many people are able to get away with things online that would land them in court offline.

If you’re feeling threatened, pursued or extorted by an anonymous person online a private investigator is often your best bet when it comes to solving your case.

Want to know more about cybercrime? “How to Protect Yourself from Credit Card Fraud”

Lachlan Jarvis
Lachlan Jarvis
Lachlan Jarvis is the owner and director of Lyonswood Investigations & Forensics. He began working at Lyonswood in 2009 and became the owner of Lyonswood in 2013. In addition to being a licensed investigator, Lachlan has completed a Diploma in Law (LPAB) and a Bachelor of Arts (English).