I received a message from my IP claiming that they can see me doing P2P downloads and they are asking me to stop doing so. I wonder if they are bluffing based on download patterns, can actually see me despite my VPN use, or are somehow infiltrating my system.
I have been using PIA as a VPN and have qBitTorrent set up to terminate a stream if my VPN stops working. I have tested it a long time ago (>1y ago) and it works reliably–such that if, for whatever reason, my VPN fails, then the download does indeed stop immediately. Moreover, my VPN connection doesn’t tend to fail.
My internet access is unique in that I use a small dish on my roof with a line-of-sight connection to a local tower (I live in a rural area with a good view to downtown, but no service by a typical internet provider, so this is currently my best option). This requires their hardware and modem, but then my internet signal is distributed through the house by ethernet and/or wifi, all beginning with a modern router (asus xt8) with an active firewall via the router.
The only possibilities I see are:
They send this message to every user as a blind bluff (I doubt it, they’d get a lot of confused tech support questions that they wouldn’t want to troubleshoot)
They send this to every user who downloads significant amounts of data as a bluff, guessing that this is a possible cause and hoping to get a few to stop so they don’t waste bandwidth
My VPN failing lets small amounts of transfer data through (I doubt this, I tested that it works to shut down when VPN is off and my VPN seldom fails)
They monitor download patterns and criticize a certain pace/pattern/time of download that might be consistent with P2P downloading (this seems most likely to me, thus it would still be a bluff)
They somehow can actually see my internet use directly in my home, despite the working VPN, by direct or indirect means with whatever hardware settings they use (spooky, I don’t understand how this is possible with a reasonable quality VPN which I think PIA is)
Are they bluffing? Should I ignore this message? Should I wait a couple months and resume? I’d love some feedback from those smarter than me on this, thanks!
Have they told you they’ve gotten an actual letter from a content provider? Whenever my ISP has reached out to me they’ve been told me the exact file I was downloading. The first time was before I had a VPN. Had another time where my VPN was leaking my IP address without me realizing it. Got that fixed and haven’t heard a thing since. I’m guessing your IP address is leaking, or you’ve downloaded without realizing while your VPN is down.
My usage can get high when I’m streaming 4K Netflix content or just downloading a game to my XBox, so not sure usage is really a red flag on its own.
Can’t say for sure whether or not it’s a bluff, but the couple of times I got dinged by my ISP before I got a VPN, they told me the exact file name they’d caught me sharing. So this sounds different from my experience, whatever that’s worth.
As some other people have pointed out, this is a bluff. It’s most likely not your ISP actually tracking you, it’s a third party who track common P2P routes and whatnot.
The internet companies let them operate as bounty hunter basically, and they get to keep a cut of what you are charged. If you pay up or respond your basically admitting guilt or spark actual interest from your ISP.
Most likely not a big deal, but just to be safe, be a little more careful.
There’s a name for this scam but I forget it, I learned about it back when the same thing happened to me.
So yeah your two options are
Your ISP somehow outsmarted you
It’s a scam run by third party trackers with permission from your ISP.
Torrenting/P2P is not illegal. They can’t make you stop doing it. If they have proof of you doing it, they realistically don’t even care outside of keeping up their end of the deal. The reason that people get letters in the mail is because either they don’t have a VPN and get flagged on their home network which gets a letter sent to your ISP in which they forward it to you. Or, you do have a VPN and the DNS is leaking and therefore you are able to be seen by your ISP/copyright holders. I wouldn’t personally worry about it past checking to see if your DNS is leaking. If it is, I would get that fixed. If it isn’t, let them know where to shove it.
Ultimately I think they are guessing… It’s possible I’ve hit a torrent site without vpn on, but never did p2p without VPN.
The ISP is a pretty small local organization and I suspect they are just hoping to limit bandwidth. Moreover, the email I received from them seems generic like a form letter rather than specific. I suspect they have software looking for patterns and then they send a low risk letter to hope tp reduce bandwidth.
If they are snooping every website I browse it wouldn’t surprise me, but it would certainly bother me.
I checked the dnsleaktest site, it only shows an IP as sharktech, which seems to be a PIA VPN owned thing…
Ok, so I ran a few more links as above, leak test sites and such.
All turned out fine/secure, except for the ipmagnet link.
When I did the test in that link with my VPN on, I see “user agent” as “qBittorrent/4.3.0.1”
I’m certainly not sophisticated enough to fully understand this, but does that mean my ISP can see my user agent, thus their message? If so, can I change my user agent potentially? I’ll keep reading on my end as well.
This is interesting… I’m using IPVanish but I’m getting throttled recently ONLY when using a torrent (I have killswitch enabled as well). IPTV gets through OK if torrents aren’t on but struggles massively if torrents are running on the other machine. I also have a different work VPN that actually does use a heck of a lot of data that doesn’t get throttled.
They can probably see that you’re doing it but not what you’re doing. The VPN will keep the information hidden but not that it’s happening. Long story short, it’s like the police saying they know you robbed a bank… They just don’t know which one. Soooo you’re in the clear unless you’re like a massive hub for P2P then no matter what, if they want to find you? They will. But if you’re just a little guy tryna get that HBO show? Fret not.
All my ISP notifications explicitly stated the copyrighted materials downloaded. I’ve never received a message such as the OP’s, both pre- and post-VPN.
Why would the ISP be concerned if they haven’t received a copyright violation to forward to the OP and the OP isn’t exceeding bandwidth limits? The ISP can suspect but suspicion is not sufficiently actionable. I mean, what recourse does the ISP have if the OP dismisses or rebuffs their missives?
they are just seeing that your downloading large files on there network. they dont know what though. the are trying to fool you into telling the truth. they do this to save money on there server cost