Police in Biloxi, Mississippi received a disturbing report in the summer of 2011: someone using the e-mail address firstname.lastname@example.org had been contacting young girls in the area through Facebook. “Dalton” said he was new to Biloxi and was looking for friends. When girls aged 9-16 responded, he struck up conversations. These led quickly to a question game in which he asked the girls about their bra sizes, sexual experiences, and bodily imperfections.
When girls responded, Dalton then demanded that they go further and send him topless images. If they did not, he would take the information provided by the girls themselves and send it to their parents, friends, and school officials. Numerous girls complied, though some could only bring themselves to pose in their underwear. Nearly every shot came from the cameras on the cell phones each girl owned.
Of course, a single picture wasn’t enough. Dalton demanded that those in their underwear send him topless shots, that those already topless send him fully nude shots, and that those who had posed nude send him live webcam footage of sexual activity. Some girls, even very young ones, did so in order to avoid further embarrassment.
Parents complained to police after several girls revealed what had been happening. “They didn’t want to play his game anymore,” Biloxi police Detective Donnie Dobbs told a local paper recently.
Connecting Facebook accounts and e-mail addresses to an IP address is trivial; connecting those IP addresses to real-world Internet subscribers is no harder. So the Biloxi police had little difficulty tracing Dalton to a house on Melbourne Circle in Montgomery, Alabama.
The only problem: while IP address lookups may be accurate, they never identify people. And the family living in the house on Melbourne Circle certainly hadn’t been conducting criminal extortion on Facebook. So what was going on?