How the FBI Obtains Genuine IP Addresses of Criminals Using Tor, VPN, or Proxies

---

Life in cyberspace goes on: criminals commit crimes, and FBI agents try to catch them. But before a cybercriminal can be caught, their identity or location must be established. And here lies the problem, as cybercriminals do not want to share their genuine IP address, which can be traced, and use various means of concealment such as VPNs, Tor, and proxies.

FBI agents are constantly looking for new effective methods to de-anonymize users who hide their IP addresses. Of course, establishing identity does not guarantee arrest; for example, the identity of Slavik, the developer of the ZeuS Trojan, has long been established by the FBI, but they still cannot apprehend him, as Anapa is not Alaska, and U.S. laws do not apply in Russia.

Usually, after successfully de-anonymizing a cybercriminal from Russia or Ukraine, the FBI waits for their visit to a vacation destination in a country with which they have established cooperation, and then the cybercriminal is taken to trial in the U.S.

This was the case with Roman Seleznev, who flew with his family to vacation in the Maldives, and from there he did not return home to Russia but was accompanied by FBI agents to the U.S. There, federal judge Richard Jones sentenced him to 27 years in prison.

Some cybercriminals are imprisoned, while others take their place. One of the most popular methods of cybercrime is sending fraudulent emails. It does not require special technical skills; the main thing is to be able to compose competent letters and to keep trying.

Typically, scammers send letters to companies with fictitious fines, issue invoices from partners, or ask on behalf of a bank to transfer funds to a new account. Out of 1,000 companies, perhaps one will make a mistake, but sometimes such mistakes can cost a lot of money.

At one time, the famous Italian football club Lazio decided to acquire Dutch national team defender Stefan de Vrij from Feyenoord. The deal was valued at 7 million euros and was divided into several tranches.

And so, an invoice for 2 million euros from Feyenoord arrived at the official email address of Lazio, and, of course, it was paid promptly. As you might guess, this invoice was sent by fraudsters.