How We Traced a Business Impersonator: An OSINT Walkthrough
If you have ever wondered how to find who is impersonating my business, this article walks through exactly what we did when a copycat website began using our company name and address in Fremont, California. We used the same open-source intelligence (OSINT) techniques anyone can apply: reverse phone lookups, WHOIS records, and hosting checks. Everything below relies on publicly available listings and records, and we have stuck to what those records actually show.
The real business is Austin's Affordable Garage Doors, owned by Austin Little here in Fremont. Our only real phone number is (510) 694-9699. We are not affiliated with a copycat number or with anyone else using our name.
Step 1: We Noticed Our Name and Address Being Reused
The investigation started the way most of these do, with a customer mix-up. A website at austinsaffordablegaragedoors.com displayed our real business name and our real address (40735 Creston St, Fremont CA 94538), but listed a different phone copycat number. When the name and the street address match a real local company but the phone number does not, that mismatch is the first red flag worth chasing.
Step 2: A Reverse Phone and WHOIS Investigation
A reverse phone whois investigation is simply checking what a phone number and a domain name reveal about who is behind them. We looked up the substituted copycat number, and it traces back to a VoIP (internet calling) line, with carriers reported as Bandwidth.com and Onvoy. A VoIP number is not a smoking gun on its own, but it is notable: a long-established local trade business typically uses a normal landline or mobile line, not a routed internet number that can be spun up and discarded quickly.
Next we ran a WHOIS lookup on the domain itself. WHOIS is the public registration record for any website address. Here is what it appeared to show:
- Registration date: September 17, 2025 — recent, not the years-old footprint you would expect from a long-running local company.
- Registrar: WebNic.
- Registrant identity: privacy-redacted, so the actual owner's name is hidden behind a privacy service.
A brand-new domain plus a hidden registrant plus a VoIP number is a pattern worth treating with caution.
Step 3: Checking Where the Site Is Hosted
The next OSINT step is to see where a website physically lives. Hosting and nameserver records are public. According to those records, the clone site appears to be hosted on HosterPK using Pakistan-based nameservers. There is nothing wrong with overseas hosting in general, but for a business claiming to be a local Fremont garage-door company operating from a Creston Street address, the disconnect between the claimed local identity and the actual infrastructure is significant.
Step 4: The Detail That Confirmed It Was Copied
The strongest clue came from the clone site itself. While it swapped in the a copycat number number on most pages, it still leaked our real number, (510) 694-9699, inside one link. That kind of leftover is the digital equivalent of a forger forgetting to remove the original signature. It strongly suggests the content was copied directly from our material and then edited, with one reference to the genuine number missed.
We also reviewed the testimonials on the clone. Names presented there, including a "Director" testimonial under the name "Josh Keeton" (also rendered "Josh Keaton"), along with "David Martinez" and "Michael Turner," appear as reviews we cannot connect to any real customer of ours.
Step 5: Watching for Hijacked Listings
Impersonation does not stop at a website. We found that our Yelp listing had been made to display the a copycat number number rather than our real line. Our Nextdoor profile, by contrast, still shows the correct (510) 694-9699. The lesson for any business owner: regularly audit every directory listing where your name appears, because a single changed phone number can quietly reroute your calls.
Why This Pattern Matters for Consumers
What we observed lines up with a documented industry problem. The company "Neighborhood Garage Door Service, Inc." in Texas has drawn heavy BBB complaints alleging overcharging and the targeting of seniors and women. A broader scheme reported as "Garage Door Services of Texas / GDS" reportedly operated more than 1,000 domains and fake map listings that funneled callers to a central call center dispatching gig workers. That "scam mill" model — many lookalike sites, hijacked listings, and disposable phone numbers — is the same shape we appear to be looking at locally. Such operations are known to close and reopen under new names.
How to Run This Check on Your Own Business
- Search your exact business name and address and see whether any unfamiliar site reuses them.
- Run a reverse phone lookup on any number you do not recognize attached to your name; flag VoIP lines.
- Do a WHOIS lookup on suspect domains to check registration date, registrar, and whether the owner is hidden.
- Check hosting and nameservers for a mismatch with the claimed local identity.
- Audit every directory listing (Yelp, Google, Nextdoor) for altered phone numbers.
If you are in Fremont or the East Bay and want the real Austin's Affordable Garage Doors, owned by Austin Little, the only number to call is (510) 694-9699. We are not affiliated with a copycat number or anyone else using our name. This article is general consumer and business information, not formal legal advice.
Talk to the Real Austin's Affordable Garage Doors
Locally owned by Austin Little in Fremont, CA. Our only number is (510) 694-9699. Senior & military discounts.
Call (510) 694-9699https://www.yelp.com/biz/austins-affordable-garage-door-fremont-3
Public WHOIS record for austinsaffordablegaragedoors.com (registrar WebNic, registered 2025-09-17, registrant privacy-redacted)
Public hosting/nameserver records (HosterPK, Pakistan-based nameservers)
Reverse phone lookup for a copycat number (VoIP; carriers Bandwidth.com / Onvoy)
BBB complaint records for Neighborhood Garage Door Service, Inc. (Texas)
Public reporting on Garage Door Services of Texas / GDS multi-domain scheme