I will explain first, the you can scroll down and see my “evidence”. Please note that I have no paid advertising on this site at all, so I am not doing this for profit. This really happened and I want everyone to know.

Last Saturday, on September  27th, 2008 I was doing my usual Saturday morning routine. I was walking by my home office when I heard the distinct sound of a receiving email. I took a gander and it was an email from my printing website.

Any time a customer goes through the ordering process, the first thing they have to do is create an account. When this account is created they get a “Welcome To PAWS” email. Well, the odd things was I was getting it, I looked a bit further into it and realized someone had created an account with all of my information like my home address and phone number, and they used my email.

As I was reading the email an order came in from this person for 1,000 vinyl window lettering. They used all my information and they used “a**wipe” for a company name. I actually thought it was kind of funny because stuff like that happens often, usually from some dumb kid.

Then my email inbox chimed again. This time it was an email from this customer saying “A**hole..be careful”. Now I’m getting mad because I looked at that as a threat.

The first think I did was log on to my website’s back-end. I immediately found the offending IP address.

What this clueless moron didn’t realize was we have a lot of tracking software in the backend of the website. We use oscommerce so we have a feature called “whose online”. This will list every person on our webpage (screen shot above) by IP number, what page they’re on and what action they do. We saw the offenders IP Address instantly. Even without this I would of found them, but it made it easier for me.

Then I went to my weblogs to download the evidence. You see, every action on a website is

recorded on weblogs. Every single click that is done is recorded. I called my internet guru and web designer Patrick Bennett of Modern Blue Web Design and he told me exactly where to find them. As I was reading it, Tracey (my wife) went to a website that shows where IP addresses originate from. Now if this was a person at their house, it wouldn’t tell me much. When it’s a building of a larger company it says it all. The below screenshot shows the name of the company who owns that IP Address, and they are located in downtown Lakeland Florida. Now the town say “Seminole Fl” because that’s where their ISP is located. As soon as I saw the name of the company I put it all together.

About a week before I started a website in Lakeland Florida where all used car and buy here pay here dealers can post their vehicles online for free. The offending company is located throughout the East Coast and they offer low quality dealer websites for a cheap price. What I mean by “low quality” is the website itself will never show up in a search on any search engine because of it’s lousy coding. If the dealer doesn’t spend money advertising this website, they’ll be lucky if they get 5 visitors a day. The bottom line is they try to hard to be like autotrader or cars.com. Apparently they felt threatened by what I was doing.

I immediately picked up the phone and called the building. Now as I was dialing the number I started getting many confirmation emails for newsletter sign-ups. So now this nerd’s plan was to aggravate me by signing me up for spam. A woman at the building answered the phone. This is how the conversation went as far as I can remember it:

Me: “Hi, is your Internet Department working today”?

Her: “Yes They are”

Me: “Can I speak to the person that just sent me a threat and signed me up for spam please:?

Her: “Can I ask whose calling”?

Me: “Yes, it’s Mike from PAWS Printing”

Her: “And who would you like to speak to”?

Me: “The person who just sent me an email threat and signed me up for spam”

Her: “Can You Hold Please”?

At this point we could see that the offender was back on our website. Then, he disappeared very quickly. Tracey and I were now laughing and we’re like BUSTED! Now she comes back on the phone

Her: “Who is this calling again”?

Me: “Mike from PAWS Printing here in Lakeland”

Her: “What seems to be the problem”?

Me: “One of your employees just sent me a threat from your building. I tracked your IP address and it is coming from your company. So, could I speak with the person please”?

Her: “Can you hold again please”?

Me: “Absolutely”

About 20 seconds later she comes back on the phone.

Her: “Sir, you’re going to have to call back on Monday and speak to the internet manager, his name is Drew”

Me: “No, why don’t you have Drew call me. Here is my number……….”

Now Tracey and I were high-fiving each other because the person knows they just got busted!

Here Are A Couple Of Screenshots of my weblogs, recording every action they made:

He’s (or she) obviously a coward. When they sent the threat they created an account using my information to let me know that they knew where I lived, and my phone number. Well, it’s  been six days. When should I expect you?

I’m really not sure how I should handle this, but if this happened to you, What would you do?

I’ve been getting a lot of emails from tech saavy people saying “anyone can do that”.  This article really isn’t for you because you already know it. There has been over 30,000 people who read this article so far with some great feedback. I never say that I am a “security expert”, like someone implied. This is just a simple short story showing how a “non-IT Person” was able to track this behavior.

Posted under Uncategorized