Where did this email come from?

Tracking down the origin of email messages has become a staple of many Private Investigators. Without getting into  mind-numbing technical details, here are the steps I take to find the origin of anonymous email missives.

  1. Search the sender’s email address using Google, Bing, and other search engines to see if it appears. Next search using Intelius’ reverse email lookup.  If the email appears registered to a name, you can pay a fee of $4.95.
  2. Even when a misleading email address is the origin, read the IP addresses in the header from bottom to  top. The IP address in square brackets is the origin IP.  Or, use IP tool to track the IP address. Copy the headers into the box and select your email system.
  3. Go to What Is My IP Address and enter the IP address to see where it originates.
  4. Search the email address using Spokeo.
  5. Try ReadNotify.com and email the anonymous correspondent. If he opens your message, then it will notify you and send back the reader’s IP address, the date and time the message was opened, location of recipient, map of location, apparent email address of opening (if available), referrer details (ie; if accessed via web mail etc), URL clicks, how long the email was read for, how many times your email was opened and if your email was forwarded, or opened on a different computer. If he opens your message in his office, then you will know where he works. However, this seems to only work with HTML enabled email programs. Remember, the header data from the original message will probably tell you what email program sent the message. NOTE: This does not work if the recipient opens the email in the Web version of Gmail. If he receives it in a desktop client that polls Gmail, then it will work.



One thought on “Where did this email come from?

Comments are closed.