skip to main content

Mac OS Sierra – Apple Mail – Find and Reverse IP Address

0

A common method of scamming people is via email.  Today the majority of people access their email on the go using a mobile Phone or tablet. You only get the basic information when using these means.  This mini tutorial will show you how to access email headers using Apple Mail.

I recently published an article on a Gumtree scam where a Nigerian posed as a property owner trying to lease me a house in my UK city. After only using my mobile phone to send emails and thinking something wasn’t right I decided to do a little digging into the email to find out.

Firstly open Apple Mail

Find the email you wish to trace, select the email and there should be a blue outline around it

Apple Mail Interface

 

There is minimal information in the default display so let’s do a little digging. Select the View Menu, hover over Message and click on Raw Source. A new window should open up.

Apple Mail View Menu

The following email was sent by a Gmail Account which automatically hides any source/sender information.  However, if you copy the IP address in the Received section you can track the SMTP server location. Enter the location in IP Location, which is the most accurate IP locator I have tried.

Email Headers

 

Another tell-tale way of seeing if it’s from a different country is checking the date.  All my emails came from 7 hours behind my current destination meaning that the scammer, who was pretending to be the landlord from Coventry, England, was actually in a totally different timezone to the UK.

 

Conclusion

It’s not a 100% proven method as headers can be faked somewhat but it can give you a general idea whether someone is trying to scam you.  As always question the contents of the email and remember if it’s too good to be true it generally is!