 | |
Because computers use special numbers to identify to other machines on the internet who and where they are, its possible to ask your computer for that number. As a result its possible to find some information about you:
Your IP Information |
|---|
| Your IP address: 38.107.179.218 |
| Your numerical IP address: 644592602 |
| Your country name: UNITED STATES |
| Your country code: US |
 |
That series of four numbers at the top is your IP address and identifies your computer and where you come from (IP addresses are specific to certain regions of the earth and are assigned by committees). Any communications between two computers on the internet requires that they share their IP addresses with one another so that they can be uniquely identified.
Because two computers talking to one another have to share their IP addresses it's possible to trace the method by which any message is transmitted across the internet. This is true for any internet traffic, including eMail communications. Indeed, every eMail message you recieve will tell you exactly where it came from and how. This information is contained in the email's 'Header'.
You can therefore decode the information from an eMail to see whether it comes from a valid source or not. The form below will allow you to enter and IP address to see if it is value and to find out which country it comes from. Below I tell you how to use this form to check for potential fraud emails.
If you would like to know the country of origin for an IP address simply either paste or copy into the search box below then click on the 'Search' button. The IP address you enter will be checked for vaildity and you will be told the country of origin and whether or not it is a 'spoof' or fake IP address.
Results for IP Search |
|---|
| Your country name: UNITED STATES |
| Your country code: US |
|
Here I am going to take you through an example of analyzing a real-life scam email. This is an actual email I recieved and though I know it's a scam it does posess a number of features that can be analyzed with the IP search box above.
The actual email follows below:
|
Subject: CHRISTMAS GRANT NOTIFICATION From: FIDELITY FOUNDATION <info@fidelityfoundation.org> The Fidelity UK Foundation, Oakhill House, 130 Tonbridge Road, Hildenborough, Kent, TN11 9DZ 3rd December 2008 Good Day, This is to notify you that You are have been approved for a grant of $750,000.00 in the on going Fidelity Foundation 20 years Aniversary Special Christmas Grant. Do not have doubt over Your participation in this Promotion,as all Participants were selected Through an electronic computer ballot system for all email users drawn From over 2,500,000 email addresses of individuals and companies from America,Asia, Australia,Europe, Middle East, Oceania,North American,and South American. To file in for your claims,Contact the verification officer with the following information: 1.Name: 2.Phone(Mobile): 3.Age: 4.Address: 5.Country: Verification Officer: Mrs Teresa Harris Email:mrs.tharris@windowslive.com Regards Edward C.Johnson Chairman of the Board of Trustees |
This is the email precisely as it appear in your email application. However, all email applications will have an option where you can 'view headers' or 'view source'. This will provide you with information like that below:
|
Return-Path: <info@fidelityfoundation.org> Delivered-To: no-reply@celtnet.org.uk Received: (qmail 43355 invoked by uid 1024); 15 Dec 2008 07:34:30 -0000 Received: from info@fidelityfoundation.org by server25.donhost.co.uk by uid 1002 with qmail-scanner-1.22 ( Clear:RC:0(84.19.163.30):. Processed in 0.052769 secs); 15 Dec 2008 07:34:30 -0000 Received: from unknown (HELO server30737.isdg.de) (84.19.163.30) by server25.lb.donhost.co.uk with SMTP; 15 Dec 2008 07:34:30 -0000 Received: from [78.135.15.152] (helo=User) by server30737.isdg.de with esmtpa (Exim 4.63) (envelope-from <info@fidelityfoundation.org>) id 1LC7yC-0008QM-OV; Mon, 15 Dec 2008 08:34:24 +0100 Reply-To: <mrs.tharris@windowslive.com> From: "FIDELITY FOUNDATION"<info@fidelityfoundation.org> Subject: CHRISTMAS GRANT NOTIFICATION!!! Date: Sun, 14 Dec 2008 23:33:19 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Qmail-Scanner-Message-ID: <122932647067943346@server25.donhost.co.uk> |
At first glance, this may look confusing. But what it is is a history of the way the eMail actually arrived at your inbox going from the destination closest to you at the top, to the one furthest away. If you look at the various IP adresses in the list, from first to last you get the following list:
84.19.163.30
78.135.15.152
OK, so the list here isn't very big, or very long but if you input the IP adresses into the search box above then the first one (84.19.163.30) originates in Germany and the second one (78.135.15.152) originates in Turkey! As IP adresses in email headers go backwards, the eMail was written and submitted in Turkey and was routed via Germany to the UK.
Now, the postal address on the email itself is in the UK and the other adresses present to be in the UK, so if this email was 'genuine' then I would expect nothing but UK routers here. But that's not the case it's a scam email sent by someone from Turkey. In actual fact this is a 419 (or advanced fee) scam where, to get your 'grant' (which isn't real) you have to pay clearance and delivery fees. The only people who make money from these things are the scamsters. Delete any such email instantly.
Of course, any email that does not name you and says 'Good Day' or 'Dear Friend' and the like isn't directly intended for you as a recipient. Someone has bought your email address from a list and the people are trying it on. Another good sign that this is a scam is that the 'reply to' email adress is a throw-away address (windowslive.com in this case). All reputable companies and organizations always use their own email domain names and not throw-away adresses.
Not found what you're looking for? Search the web: