advertisement


Tracing addresses for malicious email?

Michael L

pfm Member
Somebody has sent a malicious email to my boss. alleging all sorts. I'm not officially aware of this, but have been tipped off.

I have been told that a fake email address was used; is it possible to find the actual source of the email?

TIA

MIke
 
You should be able to access the email headers for a start. For example with outlook you right click on the email entry and select options.

Here is part of a header:-

Received: from 127.0.0.1 (EHLO smtp3.easily.co.uk) (95.130.72.151)
by mta1023.bt.mail.ukl.yahoo.com with SMTP; Tue, 13 Dec 2011 22:40:23 +0000
Received: from [87.194.207.72] (port=56891 helo=AnthonyPC)
by smtp3.easily.co.uk with esmtpa (Exim 4.43)
id 1Rab1K-0002xn-66
for
Then you can do a whois lookup like so:-

Host name: 87-194-207-72.bethere.co.uk
Country: United Kingdom
B Class: 87.194.0.0 - 87.194.255.255
Region: N7
City: Camberley
Latitude: 51.35

We also know the name of the users PC if you look carefully.

That'll do for astart.

Cheers,

DV
 
Mike - I hope things turn out ok.

Would it be useful for you to exercise a bit of 'frame control' here?

A person could approach the boss with a confidential request:

"I could use a bit of advice here - I heard that someone from my past is circulating malicious and untrue information about me over the internet. I've been told that they're using a spoof email address but I can trace them through the header if I get a copy of what they've sent and then get the police involved. I want to put a stop to it so they don't damage themselves even more. Who should I speak to so I can give them a heads-up and make sure I'm informed if anything like this turns up at work? Obviously I want to make sure this kind of thing doesn't reflect on me."

You get to set the frame, show your concern for another, your concern for your employer and your determination to confront it and address it by getting the Bill involved. If anything turns up you're in the driving seat.

I don't mean to interfere but these thing rarely improve as they age - they're better dispatched early IME.
 
You should be able to access the email headers for a start. For example with outlook you right click on the email entry and select options.

DV

Thanks for this - bone of me I know but I've tried that and don't seem to be able to see an "options" entry - where should I right click?

M
 
Hi Mike, Sorry to hear about your problem.

Somebody has just done something similar to my sister in law using Facebook - they have sent a VERY malicious message through Facebook to all her family and colleagues listed on her Facebook page.

She contacted Police last night but they said they can't do anything because her Facebook account has been hacked?
 
DV

Thanks for this - bone of me I know but I've tried that and don't seem to be able to see an "options" entry - where should I right click?

M

You need to right click the email in the inbox rather than from within the message window. The header should then appear at the bottom of the options window in the 'internet headers' box.
'Course, all of this assumes the the sender wasn't in an internet café or another method of hiding their location.
 
Mike, assuming my image piggy-backing work this is how to get to the message options:
view_outlook_message_options.jpg


And this is the header data:
email_header.GIF
 
Hi Mike, Sorry to hear about your problem.

Somebody has just done something similar to my sister in law using Facebook - they have sent a VERY malicious message through Facebook to all her family and colleagues listed on her Facebook page.

She contacted Police last night but they said they can't do anything because her Facebook account has been hacked?[/QUOTE]

That sounds to me like the police don't want to know/can't be bothered. It's still illegal.

Michael - get the police involved, they will be able to trace it. If there is a suspicion of who it might have come from, a visit from the law even if it is just 'making enquiries', might well 'dissuade' them from any more nonsense
 
Somebody has sent a malicious email to my boss. alleging all sorts. I'm not officially aware of this, but have been tipped off.

I have been told that a fake email address was used; is it possible to find the actual source of the email?

TIA

MIke



Hi yes sure you can easily find the source of that email just by finding the ip address from that mail id ...You can trace the ip address from e-mail id using the site http://aruljohn.com/info/howtofindipaddress/#ipdetect here they help you to trace ip address from the e-mail header .You just copy the e-mail header from the received mail and paste it in the text box found in the above site which i posted here .Then they display the Ip address of the particular e-mail header along with information like country ,ISP name .Then to get exact location of that ip user you can do whois search for the ip at Whoisxy.com here they display details like ip owner name ,address and so on ....
 
It is good to see these posters from days gone by making a comeback with their 'thread from the dead' resurrections is it.

It seemed we even had Prowla posting about Prog in the Music room there.

And The MPP dribbling about brainz.

DS
 


advertisement


Back
Top