- This person is using a perfectly legitimate company to act as a front for his operation.
- This person is with the company and is working from the inside to launder and embezzle money.
The tech-fu technique!: Using email headers to track down the original sending location of an email.
If you ever have doubts about someone suspicious sending you emails claiming that they are in a specific country and you want to verify the emails are in fact originating from that country. Here is one technique anyone can do fairly easily that will help you verify if your sender is who they say they are.
An email header is a record of information contained in every email. With the information you access in an email header you can find out how long your email took to get to you, what services the email used to get to you, what networks it passed through, and where it originated. Be aware that spammers are well aware of email headers and will falsify them to mask their personal information. There are a few great tutorials on how to access an email header and interpret exactly what your reading. emailaddressmanager.com has some great tutorials and info on how to access an email header email and how to interpret the information your looking at. Be sure to check this out first and read up on the basics. Otherwise the rest of today's entry isn't going to make a lot of sense.
You will be happy to know that most email services on the web are great at protecting your location and personal information. It use to be fairly easy to get information about a sender based on their email address. Now, web based email like gmail, yahoo! mail, and hotmail will mask several key pieces of email header information that help keep your location anonymous and safe. Unfortunately, this is also true for fraudulent senders that wish to remain anonymous. In this situation, the best thing you can do is to look at the senders email address and compare it to the "message-ID" or "sent from" sections of an email header.
First, if someone is sending an email from say " sender@yahoo.com", and after examining the email header you find there are several areas in the email header that state the email is from "gmail.com", you can be sure this email has been falsified in someway and its best to not respond to it at all.
Secondly, take a look at the first header entry at the bottom of the list (remember, header information reads bottom to top. Last entry in the list is the original sending location.) and check for a a 4 digit number that looks something like this +0000 or this -0800. This is noting the "Email Time Zone Indicator". You can compare this 4 digit number to a list of time zones at sites like artistrelations.com or timeanddate.com.
You can take this information and use it to find out what country the senders email was sent from.
Well thats it for today. Tomorrow I'll have more on the scammer but I'm also going to talk about a piece of malware that has been circulating the internet for awhile now and has infected 3 friends' computers in as many weeks. Ill include some nice pieces of free software I've found you can use to get rid of all sorts of infections and keep your computer safe and some pretty basic things you can do to keep your computer squeaky clean.
No comments:
Post a Comment