hmm.. I am software engineer so it might be abit difficult for non-IT ppl.
I created a fake website and ask the UML to click it when they ask for deferment payment. when they clicked it, it will show error page, then apologies say that u upload the receipt to the web but not working
e.g.
http://xxx.com/payment-receipt
After they click from their mobile phone, I am able to get their real IP address and mobile phone model from my hosting server log (IIS).
Sample of the log:
2020-03-24 07:48:56 192.168.0.166 GET /favicon.ico - 9088 - 119.56.105.230 Mozilla/5.0+(Linux;+Android+9;+SM-G965F)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/80.0.3987.149+Mobile+Safari/537.36 500 19 3 27
Mobile phone model: SM-G965F
IP : 119.56.105.230
Then go to IP Tracker website:
https://www.ip-tracker.org/ to find out their proximity location..
Later you need to trick them to say that you got hacker friend alrdy know their location and the mobile phone they using is xxx.
you wont report to police if they drop the issue. otherwise, if all their bank account and mobile phone banned, dont come and find me..
immediately block them.. dont give them chance to create more fear to you, then the ball is in your hand alrdy..
btw, i reported to police the ipaddress but they wont do anything one, cos spf no power over crime located in foreign country.. we, the victims, are the one suffering instead of the mastermind..