hi i'm writing this and i think there is no exact solution. it is kind of sharing ideas. anyway, the story is as following:
two day ago my friend wrote an announcement on facebook that his email has been hacked. and he asked me to do something about it.
I tried to chat with the "thief" as I know nothing. the thief was IM'ing me with links to a fake site that asks for email & password (the mistake my friend had done). actually, for me, it was so obvious that page was fake.
so, (1) i figured out the way my friend got hacked and I have the link.
yesterday, while chatting with the "thief" i sent a file so i figured out the IP address through netstat.
also, i've received an email from the "thief" and also i confirmed the IP address.
(2) i have an IP address, ISP and time of email sending.
the interesting part of the story:
i retrieved the country and ISP using that IP address and i got the same country i live in as foreigner, my point 'what a coincidence!' since I and my friends are from another country.
I linked this 'coincidence' with my using to the neighbors' (two) unsecured WiFi. I thought there was someone who's sniffing on me and I think was collecting email addresses and sends fake links (may be was doing more than that).
however, there's no confirm to this assumption but it is the only thing i can think of. anyway, i still using one of the unsecured wifi :) since i feel that i'm secured myself. but, i feel guilty about my friend :( and there are may be more friends got hacked because of me.
questions: assuming my assumption is true.
1. in modern countries can IP be an evidence? i mean what can be done to such thief? (no electronic crime law is applied here).
2. how secured is my https connections? (regardless other unencrypted connections) i'm only concerned about doing e-banking (HTTPS) on my neighbors' unsecured wifi network.
3. is hotspotshield is a secure VPN freeware with no ad-ware, or there's a better choice?