CAN i CHECK IF A FORWARDED EMAIL IS FAKE?

January 17, 2015 at 08:03:45
Specs: Windows 64
Hi, trying t o find out if I can see if any alterations have been made to an email that was forwarded to me.

I know the person who sent it but I want to ensure the text in the orginal email has not been changed .

Can I tell from the headers.

Thanks

T


See More: CAN i CHECK IF A FORWARDED EMAIL IS FAKE?

Report •

#1
January 17, 2015 at 09:39:24
Possibly - especially if you know how to read the info; and can identify the details that "ought" to be there from your friend...? If in doubt - scan the email fully - before opening it?

What inclines you to have doubts about the integrity of the message via your friend...


Report •

#2
January 17, 2015 at 10:54:04
What we don't know is at what point you feel that the email might have been changed.

Just the same, only servers really have these powers. The header will not show text changes.

Always pop back and let us know the outcome - thanks


Report •

#3
January 17, 2015 at 11:13:13
The email system currently in use on the Internet was never intended as a secure form of communication and lacks these features. If it did we would not have the current problem with SPAM. In a general sense there is no way to tell if an email has been modified.

You could send a copy to your friend and have him confirm it has not been modified


Report •

Related Solutions

#4
January 17, 2015 at 11:29:29
I was thinking in terms of nasties being added by whomever during its forwarding process.

As regards changes to actual test content etc. the chaps above (#3 & 4) are likely more correct/applicable...


Report •

#5
January 17, 2015 at 11:45:57
Thanks for all your comments.

this is actually work related. My supplier has forwarded the email to me but I feel the text may have been altered to his benefit...so I wanted to know if it was possible to obtain the email trail modifications ... from header..or would that only show the header details for the person who forwarded it.

I have never been part of the commination

No tools out there that can help me?.


Report •

#6
January 17, 2015 at 13:10:31
Header details only show what servers have handled the email e-route.

Your server is the only ones who could find out what text changes have occurred on the way but they are unlikely to act for individuals, only the FBI, Police or whatever. No computer program could do this as it is on the internet, outside of your computer. Your only other hope is to go back to source and ask for their email to be sent directly to you.

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#7
January 17, 2015 at 16:18:18
Print out the email and hold it up to the light. You might be able to see if someone erased some text and wrote over it.

See here:

http://sharonsparadise.files.wordpr...

message edited by DerbyDad03


Report •

#8
January 17, 2015 at 16:40:28
Hi DerbyDad,

Thanks for your advice..I wish it was that easy.
However the link below post data or coding ...are you saying this will work?
I appreciate all the advice I have been given so far but I have had conflicting this week so wanted to sign up here and see if I can get an idea.

Any help would be great..


Report •

#9
January 17, 2015 at 16:47:57
The link at the bottom of #7 is for people who want to include code on the programing forum. It is not related to your problem in any way.

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#10
January 17, 2015 at 17:17:34
That link in #7 is a gem...

Report •

#11
January 17, 2015 at 17:31:01
Yes, that link is a corker. I see the VBA link has now been removed.

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#12
January 18, 2015 at 04:32:44
Hey all Thanks for help.

So I assume the bottom line is I have to either go back to the customer (who sent original email and ask them to verify it ) which means going over and above my supplier

I can not check if the text was changed from Headers or Signatures

basically ..no possible way!!




Report •

#13
January 18, 2015 at 05:19:45
Derek,

Your comment: #6 Your server is the only ones who could find out what text changes have occurred on the way but they are unlikely to act for individuals.

Does this mean I can somehow check from my server. We are not a massive company and the value of this project is worth us investigating this further.

How is it possible to check from our servers?

Thank


Report •

#14
January 18, 2015 at 07:35:15
The information you need is on the internet not on your computer. This is why only your server, in conjunction with other servers, are the only people who can track how message texts might have changed en-route. No local program will be able to go back over the path an email takes and provide the texts in order to make comparisons.

As I said, servers are not likely to be prepared to do this unless forced to do so by some government controlled authority. Apart from anything else there are privacy implications.

By "server(s)" I mean those that provide internet service. I have assumed the issue is not within your own company, otherwise you could have gone to the source and checked.

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#15
January 18, 2015 at 09:46:11
If the email was forwarded by a third party, and it was not encrypted or digitally signed, there is no way whatsoever that you can tell if has been altered (other than asking the original sender). Any modification would have happebned on a client PC, so discussion of what happened on servers (and what is in the headers) is irrelevant.

If you have a serious reason to suppose that it has been modified then contact the original sender. All you have to lose is the mutual trust between you and that third party, which seems to have gone out of the window already.

But I doubt that anyone has modified the email; it is so easily checked that it would be an extremely stupid thing to do. And if it's a question of cost or liability then it would probably be a criminal offence (fraud).


Report •

#16
January 18, 2015 at 10:04:24
ijack

"what happened on servers ... is irrelevant"
I agree with much of what you have said. However, if a message is received by someone, then altered and sent on, both versions would be stored on their server. Whether the server would be the least bit interested in making a text comparison is quite another matter - certainly not in a case like this.

Always pop back and let us know the outcome - thanks

message edited by Derek


Report •

#17
January 18, 2015 at 10:12:22
Thanks All.

I guess I will have to contact the client.
I think so headers may have been modified too.. the time and date.

I guess I would only be able to get details for the last header - which is from my supplier.


Report •

Ask Question