In This Investigation
- The Case: A "Pastor" Landlord Who Was 6,000 Miles Away
- Why a Map Catches a Liar the Chat Log Can't
- The Method: Send a Link They'll Actually Open
- Reading the Pin: The Four Tells That Matter
- The Decision Flow: Signal, Not Verdict
- The Honest Limits: When the Map Lies Back
- Doing This Responsibly (and Legally)
- Frequently Asked Questions
The listing looked perfect: a one-bedroom in a good part of Columbus, $950 a month, photos of a sunny kitchen, "available immediately." The renter I'll call Dana emailed, and the "landlord" wrote back fast and friendly. He was a pastor, he explained. He'd relocated abroad for a mission and couldn't show the unit in person, but the place was hers if she wired a $950 deposit plus first month by Zelle today — other people were interested. He'd FedEx the keys.
Every part of that story is a documented rental-scam script: the too-good price, the sympathetic reason the landlord can't meet, the urgency, and the irreversible payment method. But scripts are easy to rationalize when you need an apartment. Dana wanted one concrete fact before sending a dollar: was this man actually in Columbus, or anywhere near it?
So she didn't argue. She asked a normal question — "Could you send me a couple more photos of the bedroom and the lease?" — and delivered them as a tracking link to a shared folder. He clicked. The analytics map dropped a single pin. Not Columbus. Not Ohio. Not the United States. The click resolved to a residential ISP in Lagos, Nigeria — roughly 6,000 miles from the sunny kitchen he was pretending to own down the street.
This is a guide to doing what Dana did: using a tracking link and a map to test whether an online buyer, seller, "landlord," or romantic interest is really where they claim — responsibly, with the limits spelled out, and without turning a fraud-prevention tool into a weapon. Consumers reported losing more than $12.5 billion to fraud in 2024, a 25% jump over the prior year, according to the FTC.[1] A free location check before you pay is one of the cheapest defenses you have.
The Case: A "Pastor" Landlord Who Was 6,000 Miles Away
Dana's case is a composite of a pattern that repeats constantly across Craigslist rentals, Facebook Marketplace, and dating apps, but the mechanics are exactly what a real check looks like. Here is what the map showed versus what the chat claimed.
Nothing in the left panel could be disproved by arguing. The scammer had an answer for every objection — that's their job. The right panel didn't argue. It reported the one thing he couldn't rewrite in real time: the network his device connected from when he opened a folder he wanted to see. Dana stopped replying, reported the listing, and kept her $950.
Why a Map Catches a Liar the Chat Log Can't
Text is infinitely editable. A scammer can claim any city, spoof a local area code with a VoIP number, and even send a photo with the right skyline in the background. What they can't easily edit is the IP address their traffic actually originates from when they click something. That address is assigned by whatever network they're really on, and geolocation turns it into an approximate place on a map.
This is the same capture every website performs on every visitor; the tracking link just makes it visible to you and plots it. For the deeper mechanics of how a click becomes a marker — and why home broadband lands in the right metro while mobile and proxies wander — see our companion piece, IP Logger With a Map. Here we're focused on the narrower, higher-stakes question: is this person lying about where they are?
Create the tracking link before you send a cent
Paste the real folder, photo, or document they asked for, get a short link, and watch where the click lands on a map — city, ISP, and device. Free to start, no signup for your first link.
Create Your Tracking Link →The Method: Send a Link They'll Actually Open
The whole technique rests on one principle: send something they genuinely want to open, for a reason they already have. You're not tricking anyone into clicking a fake prize. In a live negotiation there's almost always a natural document to share.
- Find the honest pretext. The buyer wants more photos? Host them and send the link. The "landlord" needs to send a lease? Ask them to review yours in a shared doc. A "recruiter" wants your resume? Send a link to it. The click has to feel like part of the conversation.
- Open the IP Logger and pick "Link tracker." Paste the real destination — the photo folder, the Google Doc, the portfolio page. This matters: the link must land them somewhere real, or the ruse collapses and you learn nothing.
- Get your short link and your private analytics link. Share the short one. Keep the analytics one to yourself.
- Send it naturally. "Here are the extra bedroom pics: [link]." They click, they see the photos, and they're none the wiser — the redirect happens in milliseconds.
- Open your analytics link and read the pin. Country first, then the ISP, then the city.
Reading the Pin: The Four Tells That Matter
A location check is only as good as your ability to read the result. In a scam context, four fields do the work — and you weigh them in this order.
1. Country mismatch — the loudest signal
Country-level geolocation is the most reliable layer there is, accurate in the high-90s percent range. If someone insists they're a local buyer in Chicago and the click resolves to Ghana, Nigeria, the Philippines, or India, you are almost certainly talking to an overseas operation running a domestic-sounding script. This one tell alone reversed Dana's decision.
2. The ISP field — is it a home, or a hiding place?
Before you trust the city, read who runs the network. A residential provider (Comcast, Spectrum, AT&T) or a mobile carrier suggests a real consumer connection. A hosting or cloud company or a named VPN provider means the click came through a data center — the person is deliberately masking their location. For an "ordinary local," routing through a commercial VPN is itself suspicious. You won't get their true city, but you've learned they're hiding it.
3. The city — useful, but the softest layer
City-level accuracy is good on home broadband and shaky on mobile, so treat the exact city as supporting detail rather than a verdict. "Same country, wrong city" is far weaker evidence than "wrong country entirely," because a regional mobile hub can legitimately misplace a real person by tens of miles.
4. The device — the quiet corroborator
The device and browser come from the user-agent, not geolocation, so routing doesn't distort them. A "professional US property manager" whose clicks always come from an Android phone on a foreign network, at 3 a.m. your time, paints a consistent picture. Across repeat clicks, a stable device signature also tells you whether two messages came from the same person.
One more move worth making when the ISP looks like a data center: take the resolved IP and run it through a reputation check. If the address already appears on abuse and proxy blocklists, you've got independent confirmation it's associated with anonymized or malicious traffic. Our IP reputation check guide walks through exactly how to read that.
Know the second they click
Timing matters in a live negotiation. On the free logger you get one link a day, 5-day retention, and an hourly digest. InfoSniper Pro is a one-time $7 pass that unlocks unlimited links, the exact IP, city, ISP, and full map on every click, and — the part that matters here — an instant on-click email alert. The moment your "local landlord" opens the lease, your phone buzzes with where they really are, while you're still in the chat. Plus 1-year retention, custom link codes, and no ads.
The Decision Flow: Signal, Not Verdict
A location tell is one input, not a courtroom. The reason it's so powerful in fraud cases is that scams almost never fail on a single flag — they light up several at once. Here's the flow Dana ran, and the one I'd suggest for any "are they really local?" situation.
Notice that the flow never ends at "the pin proves they're honest." A matching location just clears one hurdle; a mismatched one, or a data-center ISP, is where you stop. The payment method is the other non-negotiable: any push toward Zelle, wire transfer, cryptocurrency, or gift cards for a stranger you can't meet is a scam tell independent of geography. The FTC found that in 2024, bank transfers and payments accounted for the highest aggregate fraud losses, followed by cryptocurrency — precisely the irreversible rails scammers steer you toward.[4]
The Honest Limits: When the Map Lies Back
I'd be doing you a disservice to pretend this always works. A location check is a strong filter, not a lie detector, and a competent fraudster knows the countermeasures. Here's exactly where it fails.
A VPN masks the real country entirely
If the scammer routes through a VPN, the pin lands on the VPN server's city — which might be a convincing US location. VPN use is mainstream now; Surfshark's research puts adoption at roughly a third of internet users worldwide.[5] The saving grace is the ISP field: a VPN exit almost always reads as a hosting company, not a residential provider. So a "local buyer" whose IP maps to a data center in the right city is arguably more suspicious than one who's honestly overseas — a real neighbor has no reason to hide.
A careful scammer simply won't click
Professional fraud operations coach their people to avoid links. If your "landlord" flatly refuses to open the photos or lease he supposedly wants you to see, you won't get a pin. But read that refusal for what it is: someone with a reason to dodge a completely ordinary link is telling you something.
Mobile and privacy relays fuzz the city
Cellular traffic can route through a regional hub far from the user, and privacy features like Apple's iCloud Private Relay deliberately keep only your general region while hiding the precise address.[6] These blur the city, not usually the country — which is why country mismatch, the tell you can most trust, sits at the top of the decision flow.
Doing This Responsibly (and Legally)
This is a security tool, and the difference between self-defense and harassment is entirely in how you use it.
Reasonable and appropriate:
- Sending a genuine link a counterparty asked for, and using the resulting location to decide whether to proceed with a transaction.
- Confirming a "local" seller, buyer, landlord, or recruiter is routing from another country or through a proxy — then declining to pay and reporting the account to the platform.
- If you've already lost money, preserving the evidence and filing with the FTC at reportfraud.ftc.gov and the FBI's IC3 at ic3.gov.
Off-limits — and potentially illegal:
- Impersonating a person or company, or building fake bait pages, to lure a specific individual into revealing their location.
- Using a click's location to confront, publish (dox), threaten, or "show up on" anyone. Geolocation gets you a neighborhood and a network, never a verified identity or a doorstep — and treating it as more than a signal is how innocent people get harassed over a mislabeled IP.
- Any tracking a local law requires you to disclose. Rules vary by jurisdiction; when in doubt, keep it to genuine links and lawful purposes.
Run the location check before you pay
Turn the photos or document they asked for into a tracking link, and see where the click really lands — country, ISP, and device on a map. Free to start; upgrade to Pro for an instant alert the second they open it.
Create Your Tracking Link →Frequently Asked Questions
Sources
- Federal Trade Commission — "New FTC Data Show a Big Jump in Reported Losses to Fraud to $12.5 Billion in 2024" — ftc.gov
- FBI Internet Crime Complaint Center — "2024 Internet Crime Report" (total reported losses $16.6B) — ic3.gov
- Federal Trade Commission — Consumer Sentinel Network Data Book / 2024 fraud category totals (imposter scams $2.95B) — ftc.gov
- Federal Trade Commission — 2024 fraud data by payment method (bank transfer highest, then cryptocurrency) — ftc.gov
- Surfshark — "VPN adoption and usage statistics" — surfshark.com
- Apple — "About iCloud Private Relay" (exit IP maintains only your general region) — support.apple.com
- Federal Trade Commission — "What to know about rental listing scams" (consumer guidance) — consumer.ftc.gov