THE LIBRARY

            Silence is fraud's best friend.  Word of mouth is fraud's worst enemy.  Pass the word!

Home

About Us

FAQs

Search

Site Map

Contact us Report Email Fraud Scam Solution Center Volunteers

Custom Search

ScamSpeak© Home page

 

 

 

 

Dictionary of Financial Scam Terms©

 

List of scams (partial)

 

Payment Processing & other Counterfeit Draft Scams / Work at home jobs: processing payments, collections, donations, investments, forwarding checks and money orders, forwarding packages, forwarding money received by Western Union, writing and signing checks, Secret shopper jobs, forwarding cash received in packages and envelopes

 

Lottery Scams

 

Green Card Lottery Scam: Truth and Lies in simple words

 

FDIC Special Alerts List of Counterfeit Checks

 

SCAM VICTIM SOLUTION CENTER

 

The Fraud Victim's Manual

 

The Backstage Tour

Fraud secrets con artists don't want you to know!

 

 

 

 

 

 

top

Translate this page: Farsi

 

How to find the Full Headers in your Email service

Brought to you by Visualware and Fraud Aid, Inc.

 

We cannot accept scam email reports without the full headers

WE CANNOT ACCEPT SCAM EMAIL REPORTS SENT AS AN ATTACHMENT

 

Explanation   •   Brief Headers   •   What Full Headers look like

Filing Scam Email Reports with Fraud Aid

Find the Full Headers in your email service

Explanation:

Full Headers (aka Message Source, Details, Internet Path, Origin, Original Message, Properties, Options, Email Message Source) show the entire path an email

Western Union and MoneyGram were designed to send money to friends and family, not to send money to strangers.

NEVER WIRE MONEY TO A STRANGER!

 traveled from the author's computer to yours.  It is at least 2" to 3" long.  When we track an email, we work back down the path to the author's computer. 

Without the Full Headers, it's impossible to report Spam or scam email to anyone since the Brief Headers (just the From, To, Date, and Subject lines) don't provide any information that can be used to find out where the malicious email came from.

This is a sample of a Brief Header.  A Brief Header does not give us any useful information:

When reporting Spam or scam email, the Full Headers should be placed above the email text.

We cannot accept scam email reports without the full headers above the text message

This is what tracking information looks like: This is a sample of a Full Header.  This provides lots of useful information but, not by itself.  The email message must be included beneath it.

Received-SPF: pass (mx03.csee.siteprotect.com: domain of myway.com designates 207.159.120.60 as permitted sender) client-ip=207.159.120.60; envelope-from=kobik@myway.com; helo=myway.com;
Received: from myway.com (nn6.excitenetwork.com [207.159.120.60])
by mx03.csee.siteprotect.com (Postfix) with ESMTP id 70DA0D80BE
for < scamreports@fraudaid.com>; Mon, 1 Jan 2007 22:14:11 -0600 (CST)
Received: by mprdmxin.myway.com (Postfix, from userid 110)
id 5276D233CF; Mon, 1 Jan 2007 23:14:22 -0500 (EST)
To:
Subject: ***SPAM***FAMILY BESINESS INVESTMENT (COMPLIMENT OF THE SEASON)
Received: from [196.1.186.22] by mprdmailfe9.nwk.myway.com via HTTP; Mon, 01 Jan 2007 23:14:22 EST
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: ID = b0d4916511ebd978decbebf5f7fa0f17
Reply-To: k0000mathias@yahoo.co.in
From: "Mathias Kobi Kabila" <kobik@myway.com>
MIME-Version: 1.0
X-Sender: kobik@myway.com
X-Mailer: PHP
Content-Type: multipart/alternative; boundary="MYWAYBOUNDARY_000__afaaf06d5e0a5d93a49f28ede842b7bd";
Content-Transfer-Encoding: 7bit
Message-Id: <20070102041422.5276D233CF@mprdmxin.myway.com>
Date: Mon, 1 Jan 2007 23:14:22 -0500 (EST)
X-Virus-Scanned: CleanMail 2.5 at mf10
X-Spam-Status: Yes, hits=10.508 required=6 tests=[FORGED_RCVD_HELO=0.05,
HTML_MESSAGE=0.001, HTML_TAG_EXIST_TBODY=0.233, MILLION_USD=1.29,
NIGERIAN_BODY1=2.914, NIGERIAN_BODY2=0.489, RCVD_IN_BL_SPAMCOP_NET=1.832,
SARE_FRAUD_X3=1.667, SARE_FRAUD_X4=1.667, SUBJ_ALL_CAPS=0.365]
X-Spam-Level: 8/5
X-Spam-Flag: Yes
X-Spam-Report: CleanMail Spam detection software has identified this
incoming email as possible spam. Content analysis details: (10.5 points)
pts rule name description
---- ---------------------- ------------------------------------------
0.1 FORGED_RCVD_HELO Received: contains a forged HELO
0.4 SUBJ_ALL_CAPS Subject is all capitals
1.3 MILLION_USD BODY: Talks about millions of dollars
0.2 HTML_TAG_EXIST_TBODY BODY: HTML has "tbody" tag
0.0 HTML_MESSAGE BODY: HTML included in message
1.8 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?196.1.186.22>]
2.9 NIGERIAN_BODY1 Message body looks like a Nigerian spam message 1+
0.5 NIGERIAN_BODY2 Message body looks like a Nigerian spam message 2+
1.7 SARE_FRAUD_X3 Matches 3+ phrases commonly used in fraud spam
1.7 SARE_FRAUD_X4 Matches 4+ phrases commonly used in fraud spam

NOTE:  You may have emails set for "Forward as an attachment."

If this is the case, please change your email setting to "Forward as inline text" when filing malicious email reports to Fraud Aid or other reporting agencies.

PLEASE DO NOT FORWARD SCAM EMAIL REPORTS AS AN ATTACHMENT.

We cannot accept scam email reports without the full headers above the text message

Filing Scam Email Reports with Fraud Aid: Once you have learned about finding the Full Headers in your email service, you can forward your emails to our research database where the gathered information is sent to and used by law enforcement in the US and abroad.  Please forward scam emails to scamreports@fraudaid.com.  Thank you for your crime-fighting efforts.

Click on the email service you are using (below) and you will be taken to step-by-step instructions with graphics for finding the Full Headers:

 

Click HERE to see what the tracking information looks like

AOL

Cox.net - see Outlook, Eudora, or one of the other email services on this list.

Eudora

Gmail - old and new

Hotmail & MSN/Windows Live

NOTE TO HOTMAIL USERS: Full Headers are only accessible in the full Hotmail version

Lotus Notes

Lycos

Mail.com

Mozilla Thunderbird

Netscape

Outlook

Outlook Express

Rediffmail

Thunderbird (Mozilla)

Yahoo Classic

Yahoo NEW (Yahoo 7.0, aka Yahoo Beta)

Other: Look through the above samples since they pretty much cover the gamut of Full Headers access or click on the Help or Options for your email service.  If you still cannot find what you are looking for, contact your email service's Support.

NOTE: In some email services, including web-based email services such as SiteMail, the Full Header option is located in plain view once the email is opened.  Be sure to look around for any of these or similar terms: Full Headers, Details, Properties, Message Source, Origin, Original Email, Options, Original Message, Email Message Source, Internet Path.

 

 

 

 

We are not attorneys and don't pretend to be.  In our experience, the information and guidance offered on this site have proven to be effective; however, we always recommend that you consult with an attorney.

If you have doubts about Fraud Aid, Inc. do not hesitate to contact federal (FBI, Secret Service, RCMP) Scotland Yard, or local law enforcement to check us out.

Information provided about lotteries and lottery scam: Fraud Aid, Inc. is not affiliated with any pay-to-play or free online lottery or Sweepstakes games and derives no income from any pay-to-play or free online lotteries or Sweepstakes or any of their participating sponsors with the possible exception of a sponsor's independent advertising unassociated with any drawings promotion; nor does Fraud Aid promote or sponsor any lotteries or Sweepstakes or numbers drawing of any kind.

Reporting, crime-fighting, and victim resource links

Copyright ©2000 - 2011 Fraud Aid, Inc.  -  All Rights Reserved

Privacy Policy Disclaimer • Spam Policy