Jeff Minakata
For this article, we will be performing an OSINT investigation on an email that was sent to see what information we can find by verifying parts of the email’s content. This is a scenario based on real email investigations. As with any investigation, I do recommend exercising precaution (use a VM, sock puppet accounts, VPN, etc.). In terms of this article, you can assume that the previously mentioned precautions are already being exercised. For this article, we will be using the fictional email: [email protected]
Figure 1. Investigation clipart
Figure 2. E-mail clip art
From time to time, I get some very interesting emails in my personal inbox, as was the case with this one. While I won’t be going into the specifics of the email, the email itself had the following characteristics: well-thought-out content and composition, racist comments, names, addresses, apparent social security numbers, etc. This was more than enough to prompt a look into the content of the email.
Figure 3. Email header
The email appears to have come from a Yahoo address. To verify this, and to see if there is any fascinating information to be found, we open the original email and view the email header. On inspection, we find that the email was indeed sent from a Yahoo address. Since this came from a Yahoo address, I am not going to try and use an MX header tool....
Author
Latest Articles
BestOf2024August 26, 2024LeakSearch
OfficialJune 6, 2024Searching the Darkweb
OfficialMarch 21, 2024Maigret
OfficialFebruary 22, 2024Artificial Intelligence and Image Manipulation