Helping people with computers... one answer at a time.

Identify theft is a growing problem. Using someone else's credit card illegally is the most common problem. There's not a lot you can do - except prevent it.

My American Express statement showed a charge for software that I had not ordered. I notified Amex and they checked it out and said that the charge appeared legitimate. The problem was that the order data supplied was my card number, my address, and everything else, except the email address was not my email address.

Someone used all of my data and created a special email address to download software and charged it to my account. Amex has turned this over to their Fraud department, and my card number has been changed.

Can an email address be identified as to who originated it?

If a software provider gives a customer a license number for their software, can they revoke that license and make that software inoperable?

Welcome to identity theft. Clearly someone assumed your identity for a bogus transaction, and you're left holding the bag - sort of. (As it turns out, it's the merchant that's often left holding the bag - I've been in the merchant's position.) The opportunities for resolution are few and difficult.

Can the email address be traced?

Maybe. But I would not be hopeful. Here's why.

It's very possible that the merchant didn't require a valid email address. It's obviously not good business practice, but in general a valid email address is typically not part of how a merchant makes sure that a buyer is legitimate. The email address is typically used only to send informational messages like sales receipts and the like. Messages that your thief won't care about at all.

So if the thief used a bogus email address there's simply nothing to trace. Whatever email address they used, even if accidentally someone else's legitimate email, actually has nothing to do with who or where the thief is.

Now, some merchants don't offer the download link directly on purchase, but email it to you instead. In a case like this, then yes, the thief would have needed to establish an email account on which he or she could have received the link to download the software they were stealing. If they're a very stupid thief, they could have used their own email address. More likely, though, they probably just created a one-time use email account with one of the free email providers. Could they be traced? Possibly, but:

"The harsh practical reality is that an email address cannot easily be traced."
  • I believe it would require legal action to force that email provider to reveal any information about that account that could help - like the IP address from which it was created

  • I believe it would require further legal action to force the ISP who owns that IP address to reveal any information that might help - like th physical location of the computer at the time the email address was created

Now, even if both entities were highly cooperative (which is highly unlikely), they may not have the data. That type of logging is enormous, and I'd expect the providers to flush those records regularly.

So while if you're very very lucky it might be possible to trace an email address associated with your purchase, the bottom line is that it's simply too impractical

The harsh practical reality is that an email address cannot easily be traced.

Now, what about that license revocation?

In most cases the answer is no. Almost all downloadable software, once activated, remains activated until it's reinstalled for some reason.

What you've described has been referred to as a "kill switch" - something a vendor can do to render illegal software inoperable. It's actually been in the news lately, since at least one major software manufacturer has apparently built that feature into it's new flagship product.

Apparently Microsoft Windows Vista has a kill switch.

If a Vista install is illegal, Microsoft may be able to cripple it. The facts aren't all in yet, and Microsoft certainly hasn't said that they will do it, but there's a lot of concern that they could.

And, of course, the reason there's concern is the fear that they could get it wrong; the fear that legitimate users could get turned off by mistake.

So if you think a kill switch is a good idea, you may want to reconsider. It could easily fall into the category of "be careful what you wish for".

The real issue to be concerned about is simply this: how did the thief get your information in the first place? Has that issue been corrected, and if not, what's to prevent it, or worse, from happening again? Identity theft is on the rise, and in all honesty, you got off easy.

Article C2879 - December 26, 2006 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

December 26, 2006 5:39 PM

Vista, have a kill switch? Surely not, I thought. But sadly, t'was not to be. Straight from Ed Bott's blog at, Software Protection Platform...

"You'll first lose access to key features, including the Aero interface, ReadyBoost performance enhancements, and Windows Defender antispyware detection. Eventually, if you don't deal with the problem, the measures get more severe and you're kicked into 'reduced functionality mode'."

This mode is described in more detail in a seperate white paper:

"The default Web browser will be started and the user will be presented with an option to purchase a new product key. There is no start menu, no desktop icons, and the desktop background is changed to black. The Web browser will fully function and Internet connectivity will not be blocked. After one hour, the system will log the user out without warning. It will not shut down the machine, and the user can log back in."

(And this hot on the heels of a story that a bug in Microsofts servers caused thousands of genuine copies of XP to be mistakenly identified as pirated (

But the worst is yet to come.

"If the Software Protection Platform determines that the core binaries of your system have been hacked with, you will get a notification that operating system has been tampered with. Reinstallation is the remedy. ... When an anti-tampering warning first appears, you have three days to reinstall or otherwise fix your copy of Windows Vista or shift into reduced functionality mode."

Ouch. Never thought I'd say this, but the Slashbots may have had a point...

Regarding identity theft, I'd always thought that part of the point of using a credit card was that the credit card company were ultimately liable for any fraudulant use of the card. That's definitely the case in the UK -- Consumer Credit Act 1974, reconfirmed by Consumer Credit Act 2006; though I'm not sure whether it's the same in the US.

Bill Russell
December 30, 2006 2:17 PM

Yes, AMEX....I've had dealings with them in the past. They do NOT guarantee their cards against
forged charges the way VISA and MASTERCARD do. I know from personal experience. You can report things to them and they will say they are investigating, but that's as far as it goes. I've cancelled my account with them and will NEVER use them again!

Sebastian San Filippo
December 31, 2006 2:20 PM

I also had problem(s) with AMEX! They showed up on my Credit Report a few months ago - noting that I had an account with them. Well, I notified them I never had an account with them & to correct their records....ALL TO NO AVAIL!! I formally notified them & logged a complaint - all to NO AVAIL!! They really "don't take care of business"!! BEWARE!!

November 23, 2008 5:06 PM

Can someone trace my credit card details through my IP address? I have been billed by some websites like for memberships on websites which I didn't sign up. How did they manage to bill me when no credit card details were provided? I have referred my case to the fraud department of my credit card company but I am not sure what outcome I will get out of it.

No, you cannot get a credit card number from an IP address.
- Leo

November 25, 2008 4:36 AM

Hello i have the same problem but i little more different regarding that on the statement was written and a purchase of $835 and i had to change my card and now i dont know what the bank will do will they track him or should i do something how can i find out where is the thief because i think that is not a internet order seems like a delivery .... i dont know what to do i would like to investigate on how to find out the thief and turn him. Your website is great

raymond hodgson
June 30, 2009 7:48 PM

i bought a camera online with me hsbc credit card.thats the only time i have used it on line.some one opend a account with the company to send money somwere using my card detailes and usuing a email address [email address removed].i asked bookers for detaile of were the money was sent to but the only info they would give was the email used.i have been cedited with the money back by hsbc but no one seems to be interested in trying to trace the fraudster.can this be done

March 5, 2010 10:28 PM

i scheduled my non tourist visa appoint using visapoint of us embassy in manila..on the confirmation email i was only charged 10 dollars but on my card statement i am charged 500 dollars..what can i do to get my money back

Contact your credit card company.

March 31, 2010 5:40 PM

Used My AAA Visa card to purchase a cell phone online with AAA now someone used it to buy $280 worth of phones and contracts..Authorities really aren't doing much to help.I feel it was someone that works at the company I purchased from.

April 9, 2010 7:46 AM

This same thing just happened to me on 3/5/10. I e-mailed the software company after going online to research the charge, and they e-mailed back with the e-mail address that was used, which wasn't mine. I am now disputing it with the credit card company (American Express) and told the software company they need to revoke the license, since this was acquired illegaly. But how did they get the information to do this. Don't they have to enter a pin or security code?

phyllis satterfield
February 22, 2011 4:48 PM

I ordered a work at home web access for 5.94 it was posted on my account the same day and I asked the seller if that was all the charges she said yes but 5 days later i got a 98.26 posted on my bank card i tried to call but the numbers i found were disconnected or they would say leave your name and phone number and we will get back to you.
i called my bank i am filing a fraud report to get my money back.

Sawyer Davis
April 29, 2011 2:00 PM

You say "it would require legal action to force that email provider to reveal any information about that account that could help - like the IP address from which it was created"
Rather than finding the IP adress from the email provider who registered the email, could i take legal action with the company who sold to my card number theif to acquire the IP adress of the computer that it made the purchase with?

You'd need to speak to an attorney on that. I'm most definitely NOT a lawyer.

nichols Blue
January 10, 2012 5:39 AM

I ordered lunch on-line and next thing I know I got illegal charges on my card. what can i do. the resturant told me to call the cc company.

Call the credit card company.
January 10, 2012 7:39 AM

Definitely contact your credit card company. The attack very likely had nothing to do with the restaurant. How protected was the internet connection where you made the purchase? Here's an article that explains how an unprotected internet connection puts you at risk:
How do I stay safe in an internet cafe?

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.