• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
Fraud Guides

Fraud Guides

Investment Schemes, Internet Scams & Consumer Fraud

  • Car Scams
  • Consumer Fraud
  • Internet Fraud
  • Investment Scams
  • Tax Scams
  • Telemarketing Scams
You are here: Home / Internet Fraud / Detect Spoofed Emails

Detect Spoofed Emails

Detecting spoofed emails is one of several methods you can use to identify a phishing attempt before you become a victim

The most obvious method for detecting “SPOOFED” email is to look in the FROM field of the email. If the e-mail address displayed is different from the known e-mail address of the person who supposedly sent it, then you know it’s a spoof. These emails come to a lot of individuals quite frequently and appear to be coming from legitimate companies like eBay, PayPal or a major bank. It is also referred to as “PHISHING”. It is really easy for con artists to send spoofed email, but there are ways it can be detected.

Before we take a look at these methods, tip #1 is that your bank or eBay or PayPal will never ask you for your personal information through an email. If you do get an email from one of them asking you to send personal information you know that they already have it’s a safe bet the email is not genuine.

Picture of woman looking at email

Let’s take a look at Email 101:

The basic flow if email goes like this:

  1. Your email is sent via the email program you use (i.e. Microsoft Outlook, Hotmail, SmarterMail, etc.) to a Simple Mail Transport Protocol (SMTP) server.
  2. These servers send your email message from SMTP server to SMTP server from one end of the Internet to another.
  3. Then it arrives in the email inbox of the person you sent it to where it resides until the recipient uses their email program to retrieve and read your message.

Another method you can use to detect “SPOOFED” is by taking a look at an email message’s “header”. The header contains information on the route the email message took as it was being transmitted across the Internet on its way into your email inbox. This is the place where you should be able to track down the original email that sent the dubious message.

Here are some ways to access the headers in some well known email sources. If yours is not listed here you can check the help file for information on how to review the headers.

Outlook: select View/Options

Outlook Express: select Properties/Details

Eudora: click on the “Blah Blah Blah” button

Pine: type H

Hotmail: go to Options/Mail Display Settings/Message Headers and select “Full.”

Yahoo! Mail: select “Full Headers.”

Netscape: select View/Headers/All

Look for any differences between the name that looks like the name of the person you know and the actual e-mail address in the FROM field. If the friendly name is “BIG BANK of US” but the e-mail address is jimmy@con_artists.com, or if the name in the FROM field is missing or spelled incorrectly, the e-mail is probably spoofed. The experienced email spoofer won’t make this mistake though.

Next, you can review the Received fields. Every time the mail gets passed on from SMTP server to SMTP server, a new Received field is added. They need to be read from the bottom up to the top. The bottom Received field might look like this:

Received: from HarryPotter ([1234.1234.1234.1234]) by HarryPotterMail

(MyMailProgram v3.7) with SMTP id 9-2-7-1-6HarryPotterMail@Theaters for < Bobby Jones >; Sun, 24 Apr 2004 08:23:47 +3251

This is meant to describe the original mail coming from the person sending it through their email program to the SMTP server being used by their ISP’s (or company’s) server. However, keep in mind that this too can be forged. If the mail purports to be from HarryPotter.com but you see names like “con_artists.com” you have reason to be skeptical. Additionally, it’s a good idea to review the IP address from the person sending the email. This is the four numbers separated by dots in the “Received:” line.

If the person sending the email has an IP address of 1234.1234.1234.1234 then at the Windows command prompt (Start, Programs, Accessories, Command Prompt) type:

Nslookup 1234.1234.1234.1234

This should reveal the name of their SMTP server. You can also use:

Tracert 1234.1234.1234.1234

The Tracert command with display the route, along the network, from your computer to the IP address specified. Things to look for are dubious names of servers or signs that indicate geographical locations (e.g., SEA for Seattle). Again, the thing you should be focusing on is any unexplained interruptions in the network route. However, if the IP address is useless, don’t be surprised. Spoofers can and do use Internet “magic” in their bid to hide their electronic tracks.

Using your detective skills along with a bit of luck, it’s possible to track down the email address of the ISP used by the correct sender of the email message. You’ll need to continue to review each of the different “received” fields until you get to the end. If you’re able to get to the original ISP, you can send them an email message with a copy of the email received and try to get them booted off of their ISP. How do you know the email address of the ISP? If the email came from the ISP provider fastnet.com, the email address would be postmaster@fastnet.com.

Unfortunately there’s really not much that can be done to thwart email spoofing these days. Mail server security can be tightened and many companies have done just that. One product we recommend is PGP (Pretty Good Privacy). And appropriate to use when the legitimacy of the email sender must be ascertained and the person sending the email is someone you’ve already exchanged email messages with. There are other good encryptions programs available for exchanging email. If you’re unfamiliar with the term “encryption”, it’s a special type of security protocol used to protect email or other transactions over the Internet from being tampered with. In email, it identifies the sender completely.

Good luck with your detective work and be very careful of “Spoofed” email.

Subscribe
Login
Notify of
0 Comments
Inline Feedbacks
View all comments

Primary Sidebar

  • Car Scams
    • Buying a Used Car
    • Car Airbag Scams
    • Car Dealership Scams
    • Car Insurance Accident Scams
    • Car Insurance Company Practices
    • Car Insurance Referral Scams
    • Car Leasing Scams
    • Car Prep Fee Scams
    • Car Repair Scams
    • Car Title Loans
    • Car Title Washing Scams
    • Car Warranty Scams
    • Curbstoning Scams
    • Finance A Car
    • Gas-Saving Scams and Tips
    • Odometer Rollback Scams
    • Parking Lot Scams
    • Risky Credit Rating Car Financing Scam
    • Spot Delivery Scam
    • Towing Scams
    • Water Damaged Cars
  • Consumer Fraud
    • Affinity Fraud
    • Airline Ticket Scams
    • ATM and Debit Card Fraud
    • Bankruptcy Fraud: The Ultimate Guide
    • Bird Flu Scams
    • Check Fraud
    • Consumer Credit Fraud
    • Contest Scams
    • Credit Card Fraud
    • Credit Card Skimming
    • Credit Card Validation Code Scam
    • Debt Elimination
    • Food Stamp and SNAP Fraud
    • Fraud Protection Tips
    • Gift Card Fraud
    • Home Business Scams
      • Assembly and Crafting
      • Envelope Stuffing
      • Medical Billing
      • Multi-Level Marketing
      • Reshipping
      • Turnkey Websites
    • Home Repair Scams
    • Hospice Medicare Fraud
    • Hospital Billing Errors
    • Hotel Scams
    • Identity Theft
    • Improving Credit Score
    • Inheritance Scams
    • Living Trusts
    • Locksmith Scams
    • Lottery Scams
    • Manufacturer Rebate Fraud
    • Medicaid Fraud
    • Medical Insurance Scams
    • Modeling Agency Scams
    • Mortgage Appraisal Fraud
    • Mortgage Foreclosure Rescue
    • Moving Company Scams
    • Mystery Shopper Scams
    • Online Banking
    • Optoutprescreen.com
    • Phony Charities
    • Product Counterfeiting
    • Real Estate Closing Fees Kickback
    • Rent to Own
    • Rental Scams
    • Scholarship Scams
    • Sweepstakes Scams
    • Travel Scams
    • Weight Loss Scams
    • Welfare Fraud
  • Internet Fraud
    • Advance Fee Scams
    • Adware
    • Auto Dialers
    • Counterfeit Money Orders
    • Craigslist Scams
      • Craigslist Apartment Rental Scams
      • Craigslist Car Scams
      • Craigslist Escrow Service Scams
      • Craigslist Ticket Scams
    • Detect Spoofed Emails
    • Ebay Scams
    • Fake Escrow Sites
    • Firewall
    • Internet Security
    • Lottery Scams
    • Nanny Scams
    • Nigerian Check Scams
    • Nigerian Email Scams
    • Online Auction Scams
    • Online Dating Scams
    • Phishing
    • Spyware
  • Investment Scams
    • Bank Fraud
    • Bulk Mail Ponzi Schemes
    • Business Opportunity Scams
    • Forex Currency Trading Scams
    • Gold Financing Agreement Scams
    • Investment Scams Targeting Seniors
    • Mining Investment Scams
    • Multilevel Marketing (MLM) Plans
    • Oil and Gas Investment Scams
    • PIPs PureInvestor Scam
    • Ponzi Schemes
    • Prime Bank Scams
    • Pump and Dump Schemes
    • Pyramid Schemes
    • Short and Distort Stock Scams
  • Tax Scams
    • Abusive Roth IRAs
    • Corporation Sole Statutes
    • Credit Counseling Tax Schemes
    • Dodging Your Taxes
    • Home Business Tax Schemes
    • Illegitimate Trusts
    • IRS Scams
    • IRS Audit Red Flags
    • Not Withholding
    • Offshore Tax Havens
    • Offshore Tax Shelters
    • Sharing Tax-Credit Dependents
    • Tax Fraud – Terminology
    • Tax Professional Preparer Scams
    • Tax Protesting
    • Tax Refund Anticipation Loans
    • Tax Return Fraud
  • Telemarketing Scams
    • 809 Area Code Scam
    • Boiler Room Schemes
    • Do Not Call Registry
    • Fax Scams
    • Federal Telemarketing Regulations
    • Government Grant Money Scams
    • Magazine Sales Scams
    • Office Supply Scams
    • Phone Phishing
    • Phony Charity Telemarketing
    • Recovery Room Scams
    • Rip and Tear Schemes
    • State Do-Not-Call Registry
    • Telephone Company Cramming Fees
    • Travel Scams
  • Lemon Laws
  • Report Fraud
  • Sitemap
  • Contact Us

Scam Alerts!

  • Bank Fraud: The Ultimate Guide

  • Bankruptcy Fraud: The Ultimate Guide

  • IRS Fraud and Scams: The Ultimate Guide

  • How to Avoid Paypal Scams and Protect your PayPal Account

  • Craigslist Ticket Scams

Copyright © 2021. Fraud Guides. All Rights Reserved.

  • Privacy Policy
  • Sitemap
  • Contact Us
wpDiscuz