I get questions like this all the time.
Individuals’ accounts have been hacked and they want to know who did it, or they already believe they know. And with that knowledge they want to do something. Typically, they want to see the offender get punished in some way.
Sadly, life on the internet just isn’t that easy.
Become a Patron of Ask Leo! and go ad-free!
My big, fat caveat
You probably know this part’s coming, but I have to include it for your protection as well as my own.
I am not a lawyer and nothing I say here, or anywhere for that matter, should be taken as legal advice. I’ll certainly share what I would do in situations that might be similar, and perhaps even hypothesize on some of the options you may have available to you. But ultimately, it’s all opinion and in many ways conjecture on my part.
If you have what you believe is a serious legal issue or question, I strongly encourage you to contact a legal professional in your area that is well versed with the laws that may apply to your situation.
Finding the perpetrator
I want to back up to a question that’s very common, which in this case has already been determined: who did it?
You need to realize that your life and mine, also known as the real world, is not like television or the movies. It take’s a lot more effort than a quick click or backdoor hack here or there to trace the source of harassing emails, malware or active account hacking activity. It’s just not as easy as the entertainment media would make it out to be.
Further, to the extent that this kind of tracing is possible, it’s not something that is available to you or me. Depending on where you live, typically the only resource you have available to you is local law enforcement. If they have time, if they have the expertise, and if the issue is deemed serious enough for them to spend time on, then they can investigate.
I think you’ll find that unless financial fraud has been committed, you’re not likely to get any help from law enforcement for a simple case of email account hacking. It’s not that it’s not important; it’s that they simply don’t have time compared to more pressing issues that they need to deal with.
The internet is global
One of the harsh realities of illegal activity on the internet is its global nature.
This manifests in several different ways:
- Things that are illegal in one country may not be in another.
- The country in which the perpetrator might reside may simply not have the resources, or expertise, to deal with this type of issue.
- To be even more blunt: the country might simply not care about something as simple as an email account being hacked.
To further complicate the issue: when issues are serious enough to warrant investigation, you’re now looking at having to coordinate different agencies in different countries to make it all happen. Even in the best of circumstances, those wheels of bureaucracy turn very, very slowly.
So you think you know who it is
In your case you’ve saved the investigators some time. Shouldn’t that get you some extra consideration?
No.
First, do you have proof? Proof that would stand up in a court of law – in the country where the perpetrator resides? I’m guessing you don’t, really. Without such proof, it simply boils down to a case of two people disagreeing without evidence of a crime.
So you’ll need proof; hard evidence. That brings us back to local law enforcement who may or may not help you out, or hiring your own investigator, which of course will not be cheap.
Ultimately knowing the source of the hack doesn’t really help, unless things are really serious.
When things are serious
Contact local law enforcement. Get your issues on record. If they agree that your situation is serious enough, then you’re on your way.
In the U.S., and particularly when your issue crosses state or international boundaries, it’s the FBI that investigates issues relating to cybercrime. And yes, I have heard of successful results from having contacted the FBI when the issue is serious enough. A hacked email account probably doesn’t qualify.
If you’re not in the U.S. then you’ll need to determine which local law enforcement agency is appropriate.
What would Leo do?
I don’t know all the specifics of your situation, nor do I really want to. But in a situation where I found my email account and or phone being hacked by a family member, ex-family member or friend, here’s what I would do:
- If I needed to keep the email account I would secure the heck out of it. That means everything listed in my article Email Hacked? 7 Things You Need to do NOW as well as enabling two-factor authentication, or any other additional security measures available.
- If I didn’t need to keep the email account, I’d switch, perhaps phasing in a new email account over time. And of course I’d secure the heck out of that new account from the start.
- I’d talk to my mobile phone provider about what could be done to secure that from attack. The options vary depending on phone and carrier, but the carrier is the place to start.
- I’d consider changing my mobile phone number at the same time.
And yes, I would report the abuse to both my email service provider, and the mobile phone provider. I wouldn’t expect much action based on that, but I would at least want to have it on record in case more action was needed later.
What should you do?
I don’t know. I can’t know. There are simply too many important specifics in situations like this for me to make any specific recommendations, other than to consult a legal professional if you feel the situation warrants it.
In the mean time what I can tell you to do is this: keep your online accounts, your mobile phone, your digital life as secure as you know how.
If you’re not sure how, then learn how. That, at least, is most definitely important.
My experience is that In general law enforcement will take on a case that involves endangerment of children, loss of more than about $500 in property (this changes from jurisdiction to jurisdiction and can include intellectual property), a believable threat to Homeland Security, or a clear threat to the safety of your person – like a death threat, for instance. May I offer some additional tips from an article of mine? http://burgessforensics.com/article_been_hacked.php
All good points – in the US. Ask Leo! gets a very high volume of visitors from outside the country, though. Unfortunately depending on the country the laws are typically different, and legal recourse may be even more difficult to come by if it’s available at all.
Yes ,, it is a nuisance at best ,, E-mail mischief ,, I’ve been subscribed to many Gay dating and Porn websites by an EX’s family member ,, as long as no theft or secure identity info is not compromised then “Forget It” ,, “As I did” let that person no yu really dont give a Hoots butt sooner or later they will stop !!
One thing I have though for a long time now, is a “Paid” Email acct ,, click the junk button a few times or the “report phishing” option, and the E-mails notifications from these sites seem to reduce and find their way to the junk mail. then as Leo suggests ,, update yur security options !!
By no means open them to try and find more info about yur perpatrator
If you are truly faced with a nasty hacker, and you can find out who it is. Keep your notes. At some point in the future, you will probably meet a foreign software developer, or even a hacker in person. Explain to this person the situation that calls for justice that the “system” is unwilling to deliver. Let human nature take its course and you may see justice done.
Otherwise just turn to prayer and ask whatever deity that you believe in the bring judgment on the savage. You would be pleasantly surprised to see how often Karma finds balance.
I keep going thru phones they still get in it eating my data as we speak tried to get. Help from the cops nothing I’m crazy they must not watch and read the news they are spying 27/7 sick of this lap top 3 times fixed tooled device out of my iPad 4 phones using my phones on here in his IP I’m lost HELP he is in y email fixed to where I can’t get to it