Skip to content

Menu

HomeAboutSolutionsContact
RSS Twitter
Charles Griffin Intelligence LLC. logo

The Divorce Asset Hunter

Home » How to Read Email Headers: Where Did That Email Come From?

How to Read Email Headers: Where Did That Email Come From?

By Philip Segal on February 26, 2018
Posted in Banking and Investments, Finances

Just as it’s nice to know what number someone is using when they call you, wouldn’t it be useful to see where someone was when they sent an email? That information is often contained in the “fine print” of an email known as the “header.”

In brief, the header describes the route an email takes from sender to recipient, sometimes bouncing eight or ten times across the internet in the space of a second or two. It’s composed of a series of internet protocol (IP) addresses –unique numbers assigned to servers that handle your computer traffic.

Most people don’t know the header is there and how to read it but it’s worth learning and it doesn’t take long.

Imagine you are looking at the computer you and your husband share, and you see that he received an email that says: “Sounds good. We’ll transfer the funds when you get over here. Have a good trip. –Tony.”

Wouldn’t it be nice to know if Tony is in Bermuda, Isle of Man, Grand Cayman or Cyprus? Figuring out where to look at overseas assets is sometimes a crapshoot because the money could be anywhere. If you knew where someone banked abroad, you would have a wonderful head start.

It sounds too good to be true, and while header information can be a goldmine, there are some cases in which it won’t cough up the full story.

If your subject is using a virtual private network (VPN), he is able to mask the true location of his computer at the time he sends the email.

Also, even without a VPN a Gmail account will often suppress the IP address linked to the sender of the email (but sometimes the location of the sender’s cell phone or server will come through even with a Gmail account).

On the other hand, in the example above a Bermuda banker is unlikely to be using a Gmail account, because Google admits to reading the contents of Gmail for marketing purposes. Not what a secretive offshore banker would want.

Most importantly, you must remember that to see the email’s header, you need the original email. If someone forwards you an email the header information from the one they are forwarding will be lost to you. You will only see the header information of the forwarder.

For someone to send you header information from an email they have received, they need to capture the header information and then send that to you. There are lots of free header analyzers available to decode the information. Once you have the IP address of the sender, you can do a reverse Google search for the location.

But it may not end there. Say the IP address of the sender turns out to be a hotel in Paris. Only the IT department of that hotel will be able to tell you who was registered to the room responsible for sending the email from the hotel. For that you may need a court order or an investigator in France who can ask the hotel nicely.

This is why we always recommend that when it would be helpful, clients in discovery ask not only for emails, but header information from those emails.

One final word of caution: in the example above when you are looking at someone’s computer, you should only be looking at electronic information to which you have a right. Your lawyer can advise on that.

As we tell our clients, if there is any doubt about whether you can look at a computer, you always have the choice of gathering the evidence without reading it and then asking a judge if you may look at it. If so, go ahead. If not, your damages will be much lower than if you plow ahead into forbidden territory.

Tags: asset search, asset searches, bank account, bank records, divorce asset search, divorce assets, email headers, email tracing, finances, hidden assets, hidden money, investments, marital assets, matrimonial asset search, offshore banking, offshore companies, secret bank account, secret trusts, tax haven
Print:
Email this postTweet this postLike this postShare this post on LinkedIn

Subscribe to email updates from this blog

The Divorce Asset Hunter

Charles Griffin Intelligence LLC. logo
Charles Griffin Intelligence
420 Lexington Avenue
Room 300
New York, NY 10170
RSS Twitter
DisclaimerPrivacy Policy

About our Firm

Charles Griffin Intelligence offers an approach to investigation that combines the abilities of good reporting with the thoroughness and concern for evidence integrity that attorneys demand in their fact-finding.

Read More...

Recent Posts

  • Would an Artificial Intelligence Asset Search Help?
  • When in Divorce Do You Need an Asset Investigator? A Forensic Accountant? Or Both?
  • How Long Does a Divorce Asset Search Take? “You Should Have Called Me Sooner”
  • The Valuation Hints Are There: Good Financial Investigators Follow Them Up
Copyright © 2023, Charles Griffin Intelligence LLC. All Rights Reserved.
Law blog design & platform by LexBlog LexBlog Logo