An Investigation into the Vogel/Reeves Emails

An Investigation into the Vogel/Reeves Emails

A report by a professional investigator

As both a professional investigator and member of the local Stafford GOP, I have followed the back and forth of the anonymous attack emails targeting Bryce Reeves and his campaign staff since the story broke in the Washington Post on New Years Day. I’ve taken an in-depth look at the evidence available to better understand what’s plausible and what’s not plausible in this particular case, and I feel compelled to share my professional opinion with you.

I bring more than a decade of online investigative experience and more than four years of experience as a Registered Private Investigator in Virginia. I have worked with and alongside federal, state and local law enforcement agencies to conduct online sexual predator sting operations and currently work as a Consultant with Chris Hansen, Investigative Journalist, on his new Hansen Vs. Predator show, as well as run a small Private Investigation firm in Stafford, Lorelei Consulting L.L.C.

While no case is completely open and shut, some are more straightforward than others. My experience tells me this case is fairly simple to understand. The evidence, provided by Google (the email provider) and CenturyLink and ViaSat (owners of two separate IP addresses used to send the emails in question), is clear.

In my 10 years of working in this field, I have had the need to create hundreds of email addresses, specifically, Gmail addresses. Each and every time, there are key pieces of personal information that Google requires for the creation of an account. Granted, anyone can lie about their name or their age and they can even provide a bogus or disposable email if they choose. However, the one piece of information that must be ‘true’ is the phone number used to create the account. Once you provide that number, an SMS text message, containing a verification code, is sent to that cell number. In order to complete the creation of your Gmail account, you have to enter the correct verification code.

I was presented with the results of the subpoena request from Google and, based on the number used to register the account, I ran the cell phone number through a few tools that I have and was able to confirm, via three different sources, that the owner of the cell phone used to create the email account Staffordforfreedom@gmail.com was Alex Vogel.

One tool that I employ allows the user to hear the outgoing message on the “target” phone without alerting the phone’s owner. The audio recording of that query can be found here. Anyone can clearly hear the outgoing voicemail message stating that “Alex Vogel” owns the number in question.

The other interesting findings from the Google subpoena response involve the IP addresses used.
screen-shot-2017-01-10-at-10-40-12-pm

On 9/22/2016 – The account was created at 1:57PM from the IP address beginning 72.165.xxx.xxx. We know from the other documents shared on The Bull Elephant that this IP address belongs to the Gable Family, next door neighbors of Jill and Alex Vogel.

Anyone can clearly see that the email account was accessed several more times on 9/22/2016. However, the oddity is that the only time the account is accessed from the IP address 162.72.xxx.xxx is at 2:40PM and it is accessed three (3) times in the span of 40 seconds.

According to an article at the Northern Virginia Daily, “Gable said neither she nor her husband were in town at the end of September when the emails were accessed.”  

The access from the IP address 162.72.xxx.xxx logged at 2:40PM almost seems accidental. But if the Gables were out of town, who, then, would have access to their WiFi signal?

On 9/30/2016, the account was accessed again, from the Gables IP address, and the slanderous email was sent out. At 12:49PM, Pastor Witt receives the email while Delegate Freitas received his copy of that email at 12:51PM.  

Later on 9/30, Pastor Will responds to the email but does not receive a reply.

The owner of the account logs in again, on 9/30, at 4:41PM and 4:46PM. When the account is accessed on 10/1/2016, at 11:32PM, the account is “deleted” from Google, or so the owner thought. Google doesn’t forget.

In following some of the comments over the last few days, there has been discussion about “hackers,” mysterious people that “could” have driven up to the residence and used the unprotected WiFi signal, and “wardriving.”

First and foremost, the purpose of “wardriving” isn’t for hacking. It’s simply to develop a map of unprotected networks.

Secondly, as a resident of rural Virginia, I can attest that the average home WiFi signal isn’t going to span a 260+ acre estate. One would have to be very close, like near the front door, to access a home’s WiFi signal. The average home router only has a range of 150 ft indoors / 300 feet outdoors. If there were a booster or extender on their network, they may be able to achieve an extra 75 +/- feet of range.

I’ve never been to the estate but I would have to imagine that, as at my home, when a strange vehicle comes down the drive, someone would be aware. And especially so given the times of the day that the Gable’s WiFi was accessed, mostly between 2:00-6:00PM.

Lastly, “hackers” aren’t going to hack without a motive.

Which brings me back to the investigative questions. Who has the means, motive and opportunity to do this?

Means: One would have to have physical access to Alex Vogel’s personal cell phone and access to the Gable family WiFi. Motive: Clearly, the Lieutenant Governor’s seat provides a motive. If not financially, then certainly for ego. And finally, Opportunity: who could access Alex Vogel’s phone, and then create a Gmail account on both the Vogel and Gable WiFi signal?

At the end of the day, I think everyone wants the same thing… to know who, factually, did what.  The only way to do that would be to turn over the devices in question to any number of reputable forensic specialists. Not only is the working relationship between Senator Reeves and Senator Vogel at stake, but I have to imagine that the friendship between the Vogels and the Gables has become strained with the Gables’ home address and names being cast all over the internet as part of a dirty political game.

If for no other reason than for the sake of the Gable family and their peace of mind, I would strongly encourage the Vogels to take Senator Reeves up on his generous offer to fund/help fund the forensic review of the devices.

12 comments

Latest Articles

  • Connie S.

    Wow, VERY interesting; thank you for sharing your technical & investigative expertise!

    This matter is not just between the Vogels and the Reeves: all of Virginians have the right to know the facts behind this mess. Ethics and principles of our potential representatives – or their lack there of – are important factors for us to consider.

    • Reinhardt Reganbacker lll

      1) Who is paying the author of this thread?
      2) Are the allegations against Reeves true or false?
      3) Who is really behind BE being involved in breaking the Reagan rule about mudslinging another Republican? Why?
      4) Why is BE now apparently vying to become Gillespie (establishment) campaign headquarters?

      • old_redneck

        Simple. There is no honor among thieves.

      • Jeanine Martin

        This has nothing to do with Gillespie. Are you saying Vogel is tied to Gillespie? I don’t think so.
        In a primary Republicans have to make a choice between two or more Republicans. If one has cheated and attempted to deceive the voters that’s news and should be reported.
        IF the allegations were true (which they aren’t) does that justify cheating?
        No one is paying the author.

  • old_redneck

    Meanwhile, there’s this:

    John McCain has turned over to the FBI a 35-page dossier compiled by
    British intelligence services on the Trump-Russia-Putin connection.
    Someone — probably on McCain staff — leaked the 35-page document —
    here it is:

    https://assets.documentcloud.org/documents/3259984/Trump-Intelligence-Allegations.pdf

    My favorite part is about Trump engaging in “sex parties” in Moscow and St. Petersburg hotels with Russian hookers . . .

    Here’s a quote:

    — quote


    According to several knowledgeable sources, his (Trump’s) conduct in
    Moscow has included perverted sexual acts which have been
    arranged/monitored by the FSB.”

    (NOTE: FSB is Russian foreign intelligence service.)

    — end quote

    — and here’s a REALLY good quote, page 2, paragraph 3

    However, there were other aspects to Trump’s engagement with the Russian
    authorities which had borne fruit for them was to exploit Trump’s personal obsessions and sexual perversion in order to obtain suitable “kompromat” (compromising material) on him. According to Source D, where s/he had been present, Trump’s (perverted) conduct in Moscow including the Presidential suite of the Ritz Carlton Hotel, where he knew President and Mrs. Obama (whom he hated) had stayed on one of their official trips to Russia, and defiling the bed where they had slept by employing a number of prostitutes to perform a “golden showers” (urination) show in front of him. The hotel was known to be under FSB
    control with microphones and concealed cameras in all the main rooms to record anything they wanted to.

    — end quote

    And it gets better and better — we learned Tuesday night the FBI was so convinced
    of the accuracy of this dossier, they applied to the FISA court for a warrant to conduct electronic surveillance on members of Trump’s personal, business, and campaign teams during their travels outside the US and during their contacts with foreigners inside the US.

    Your boy trump needs to resign now and save us the trouble of impeaching him.

  • old_redneck
    • Jeanine Martin

      Once again, completely irrelevant to this thread.

  • Larsele

    I wish some of the IT mavens who have opined on this issue would volunteer their services to the Loudoun County Sheriff’s Dept. to help determine who emailed death threats to every member of the Loudoun County Republican Exec. Committee and the Trump Victory Office. At this point Detectives have only traced it through a server located in Iran.

    • Patrick Siewert

      The problem is when people use proxy servers in various locations around the world. The LCSD and the Commonwealth Attorney’s Office have no authority to compel an entity in Iran to comply with a subpoena, therefore the investigation stymies there. Besides, that rabbit hole would likely only lead you to another proxy server.
      The LCSD has people on-staff to investigate these incidents who are very well trained and knowledgeable, but they can only operate within the bounds of their statutory authority. It’s also doubtful the Feds would take up the issue for a number of reasons…
      And thanks for the promotion to “IT maven”. 🙂

Fun Stuff

Advertisement

Advertisement

Sign-up for Email Alerts

Select list(s):

Advertisement