Phishing emails: How to check email headers
There is no email address holder who hasn't received spam emails. Still there are a lot of phishing emails that are aimed at stealing important information or money. Emails can also be forged by scammers to make people send funds to thieves. How to understand that it is forged email or not? How to prevent cyber crime? The following article will describe easy steps to understand it.
Emails usually contain a "header" which shows the following items:
- From: sender's email address or name
- To: email address(es), optionally name(s), of the receiver(s)
- Subject: Topic of the letter (can be inserted or not)
- Date: local time and date when email was sent
- Received: shows the route of email when it was sent to you (it is important to trace the origin of the email)
- Return-Path: shows the real email address to which you will reply
- Cc: carbon copy
- Bcc: Blind Carbon Copy
- Content-Type: Information about how the message has to be displayed, usually a MIME type
- X-Spam-Status: determines the probability of that message being spam
"To" field doesn't always relate to the address to which the message is sent and delivered. Real delivery list is provided in the SMTP protocol. So the "To" field is like greetings in formal letters.
Be informed that "From" field doesn't always contain the real sender's name or email address. This is the reason why this kind of cyber crime is so popular.
The field “Received” shows the route of the email. It enables users to trace email to its real sender. When sending email address at least 4 You can check IP address from which the email was sent to check whether it is original email or scam.
Field "Return-Path" shows the actual email address of the sender. So it is vitally important to pay attentoin to this field if you want to check the origin of your email. When you check your email header, always make sure that you have found this field and examined it carefully. It has to contain same email address as the field "From". If email addresses are different - be sure email was sent by a scammer.
Other header fields include the following items:
Here are the instructions how you can check in the most widespread email boxes and mail programs.
Check Email Header in Google Mail (GMail) Webmail: Login to your account on the webpage and open the message (click on it). Click on the "down-arrow" on the top-right of the message and select "Show Original". Now you will see the complete message source.
Check Email Header in Yahoo! Mail Webmail: Login to your account on the webpage and open the message (click on it). Click on "Actions" and select "View Full Header".
Check Email Header in Hotmail Webmail: Login to your account on the webpage and go to the message list. Right-click on the message and select "View Message Source".
Check Email Header in MS Outlook 2010: Open the message in MS Outlook. Now go to "View" and select "Message Options" - or "File" -> "Info" -> "Properties". Look at "Intenet Headers".
Check Email Header in MS Outlook: Select the message in the list, right-click and select "Options" or "Properties". Look at "Intenet Headers". Check Email Header in Thunderbird: Open the message, then click on "View" and select "Message Source".
Check Email Header in MS Windows Mail (and MS Outlook Express): Select the message in the list, right-click on it and select "Properties" and go to "Details.
If you find email suspicious please check field “From” and "Received" and check headers online to prevent scam.