Identify and trace the originating IP of fake mail

How to identify the fake mails

Today one of my friends received an email from with message that he has to go to Mumbai Microsoft office for appearing in interview. He was not sure for the mail that he received came really from Microsoft or it was a fake mail from any one. He called me and asked me if I can help him to identify if it was a real or fake email. I traced the email and found it was generated from Indore (my town) and I know very well that we do not have any office in Indore so I had no other option that

I did that earlier also so it was not a big deal for me to trace the emails originating place and to conclude it’s real or fake but I thought I should explain this to my readers so I am here with my new post.

There are many ways that you can use to trace the email id but I am going to show the simplest way that needs only internet connection nothing else.

We will trace the email in three easy steps.

1) Extract the header of the mail.

2) Trace the complete email route using a tracer

3) Conclude you result.

First thing that we need to do is we have to find the header of the email. There are different ways to get the header from each mail provider. From here you can understand how to get the email header from popular mail provider or email client.

In few providers you may get lot of details but email header start from the Return-Path: and ends at Content-transfer-encoding: 7bit if it ends at Content-Language: language name no issue in that also.

Copy all the data between these two lines and paste that in the text box in this link.

Now click on Get Source.

In next 10 second it will give you a complete route of the mail. It’s originating location, originating time and all the required details that you might need in a table.

Just after the table you will see host name and source IP address from where mail originated.

And after this line you will find geo-location information of the IP address.

By all the information that you get after email tracing you can easily understand this is a fake email or real because in host name it would be Microsoft if it came from Microsoft and similarly it goes for others mail box also.

I hope it was useful and you can trace and identify any fake mail in future.

Above information is just to give you an idea of the same and I hope you would not use it in any of the illegal task if you do so it would be sole responsibility of yours

In next post I will show how to send fake emails without having any programming knowledge.

Thanks for being here


Read More......
Clicky Web Analytics