Everything you need to know about IP grabbers

Digital Security

You would never give your personal ID to random strangers, right? So why provide the ID of your computer? Unsuspecting users beware, IP grabbers do not ask for your permission.

22 Feb 2024  •  , 6 min. read

A common message that any user of a social platform like Discord might see sometimes are warnings about IP grabbers being included as links in messages on various servers. For someone who probably had never heard of IP grabbers before, they would probably not think much about it, but the name itself should be a dead giveaway of what they are about –  that is “grabbing,” or acquiring, one’s IP address.

While this might seem innocuous at first, IP addresses can be very valuable, both for legitimate businesses to prevent fraud, but also for some fraudsters. However, to understand the implications, let’s discuss what an IP address really represents.

An IP address is a computer’s online ID

As the header suggests, an Internet Protocol address (IP address for short) serves a very similar function to a person’s identification card; it is a unique string of characters that identifies a computer on a network. Each IP is unique and represents some interesting piece of information, like a computer’s general location (though not precisely, mind you).

This is because for a computer to communicate online, it needs to be identifiable, so that several computers can then recognize each other on a network. Imagine the internet as a chatroom, with all the users using unique nicknames to message each other – this is exactly how it works.

However, compared to an ID, which has a lot more personal data on it, it’s not like your whole computer gets revealed to anyone who acquires your IP address. For example, when several devices connect to the internet using one router, they all have their own unique IPs; however, the connection still uses only the IP of the router itself. But such information is still valuable for a variety of actors, and their intentions might not necessarily be for the best.

Part of a unique fingerprint

As written in a previous WeLiveSecurity blog on browser fingerprinting, the IP address gets included as a unique identifier, among other relevant device details. So, whenever you connect to a website from wherever, said website can tell whether it’s really you, or whether there is a discrepancy in your access activity – which is why many sites log you out and ask for you to re-authenticate yourself when signing in from a different location than usual.

Many internet-savvy people use virtual private networks (VPNs) to mask their IP address, as their connection gets rerouted through servers in several different countries, for harder traceability. This is very useful even for basic users, as VPNs can serve a security function, making it harder for criminals to target your computer’s traffic. Nonetheless, the rest of the fingerprint still gets recorded, unless the user takes further action. 

What is an IP grabber?

Now, onto the juicy stuff. Since we know what an IP is and what sort of data it can represent, it’s time to talk about IP grabbers themselves.

An IP grabber is usually a link that, upon clicking, records your IP address and stores it. What can follow is that someone can use another tool to track that IP across the web, noting its interactions with various web pages around the net.

This is similar to how tracking on phones works, and it also recalls third-party cookies; however, there are some bigger differences between these methods, the chief one being that IP grabbers do not record more than your IP address. Which is great, but hypothetically, knowing said IP could be enough to do a bit of trickery, as they say.

The two sides of IP grabbing

As noted before, there are several reasons why someone would want to record an IP address. First and foremost, some online shops might find it easier to target their guests with advertising, as since the IP gives a general location, shops can customize the ads to be more personal. This is also done by social media websites to record your interests when you click on an affiliated link. 

What’s more, it also helps prevent fraud by asking users to re-authenticate whenever their connection seems to be unusual, like If someone is trying to make a connection from a foreign IP in Thailand, instead of their usual home address in Los Angeles. This is not technically IP grabbing, but it is a similar idea, as it records and verifies a connection.

However, just like a shop or a website can attain your IP, so can other actors. But why would they? Gaining an idea about your general location wouldn’t help much if not connected to other forms of personal information (see the browser fingerprinting example).

There are a few reasons why:

• Targeting and tracking – An IP address coupled with other information can make it easier when targeting a person or a company for malicious reasons since the IP gives away one’s approximate geographic location. Plus, if connected to a compromised public Wi-Fi, let’s say, a crook could track the user’s online activity with it.
• DDOS attacks – By obtaining the IP address of an individual or a company, a malicious actor could use it to overwhelm the owner’s internet connection, causing it to fail.
• Social engineering – A quick-witted crook could use the IP as a means of obtaining more information from an individual, or even a company. This would then probably be followed or accompanied by some other form of phishing, cascading into a potentially larger cyber-attack.
• IP misuse – A smart criminal could misuse your IP address by impersonating your connection, and committing illicit activities without your consent. In essence, it’s as If the crook used your IP like a VPN, masking their own connection with yours.

How to protect against IP grabbing

Now that you understand what an IP address is, what grabbers do, and how they can be misused, it’s time to explore some ways you can protect yourself. 

• Never click on random links online – This often needs to be repeated, but it’s worth doing so, as the link you click on might not be an IP grabber, it could very well be some other form of a malicious link, resulting in a malware infection. 
• Use a VPN – Possibly the best way to protect yourself is to use a premium VPN service that masks your own address by routing your traffic through other nodes, obfuscating your IP and location. 
• Secure your firewall – Set strong passwords for your router and other devices, plus use solutions that can enhance your firewall protection to create a protective barrier between you and the internet.

Of course, there are more ways to protect yourself, but these should be enough to create at least a basic form of protection. 

WLS also recommends that readers stay away from free VPN services, as they are risky due to the possibility of containing malware, opening one up to a security compromise due to weak security protection, or having one’s data logged and sold to third-party advertisers undermining a person’s privacy.

Staying secure

Despite the rather low amount of information an IP can provide, it is still an identifiable piece of data, which can be used for illicit purposes, If one dedicates the time and resources to do so. 

However, by staying mindful of online threats, even those that might seem like innocent users sending you random links, you can stay one step ahead of the attackers. And this, in connection with a powerful and well set up firewall, a security solution, with a VPN on top, can make anyone’s online presence a lot more secure.

Before you go: What you need to know about iCloud Private Relay