What if they're actively connected and you get a subpoena? On Mon, Mar 21, 2022 at 1:30 PM TJ Trout <t...@pcguys.us> wrote:
> ExpressVPN does NOT and WILL NEVER log: > IP addresses (source or VPN) > > Browsing history > > Traffic destination or metadata > > DNS queries > > We have carefully engineered our apps and VPN servers to categorically > eliminate sensitive information. As a result, ExpressVPN can never be > compelled to provide customer data that does not exist. > > On Mon, Mar 21, 2022, 7:11 AM Andrew G. Watters <and...@raellic.com> > wrote: > >> Nutshell version: a group of criminals who appear to be in Mexico have >> created an entire fake law firm and deal flow in the U.S., with >> Photoshopped notary seals and wire instructions. They reportedly use >> ExpressVPN-- the owner of the IP block used by the suspects states that >> it leased the IP block to ExpressVPN under a Letter of Authorization. >> >> The suspects make money by causing victims to wire advance fees to >> Mexico as part of selling their timeshares, and possibly other >> transactions. My client has lost $70k or so thus far. He has received >> legit-looking documents, but upon even a cursory electronic inspection >> they are obvious forgeries. So this gang is savvy enough to steal >> money, but really reckless as well, which may explain why they are >> risking clicking on my links as well. I spoke with the lawyer who they >> are impersonating, and it was news to him that he is in New York City >> running a law firm considering that he retired in another state many >> years ago. >> >> So the suspects are offshore and I'm not sure what I can do. But I >> would still rather have their IP addresses than nothing. Can I have a >> recommendation on the best way to pursue user data from VPN providers >> such as ExpressVPN? I already sent in a notice to preserve logs for the >> involved ASN, and I'm headed to Federal court in the next few days to >> see if I have a chance to get even some of the victim's money back-- or >> at least an injunction shutting down the suspects' online presence. Any >> tips on getting VPN user data (or best practices in this type of >> situation) would be greatly appreciated. >> >> Best, >> >> Andrew Watters >> >> -- >> Andrew G. Watters >> Rællic Systems >> and...@raellic.com >> +1 (415) 261-8527 >> https://www.raellic.com >> >
