Many of the spam emails you receive are identified and sent to your spam folder. However, there are still some that make it through to your inbox. The spammers are getting better at making these fake emails look real, so it’s easy to mistake one for a legitimate correspondence. If you have doubts about the validity of an email, you can check the original IP address. The IP will help you by showing where in the world the email came from. Locating the IP does not guarantee that the email is valid, but it will give you more information about the sender to help you decide whether to trust it or not. Note: the Internet Protocol address, or IP address, is a number that identifies a device that is connected to a network. The IP address allows the device to communicate with other devices over the Internet. It identifies the computer in a similar way to how a street address identifies your house. You won’t see the IP address listed on the visible header you see when you open an email. It takes a little more digging, but there are several easy ways to locate the information.
Use the header
The header of the email that is visible when you open the message is only a small part of the information that accompanies it. You usually see the “To” and “From” address fields and the subject line. To see the rest of the information and find the IP address that was the source of the message, you need to see the rest of the header. To open the complete header:
In Gmail
- Open the message in your browser.
- Click on the three dots in the top-right corner.
- Select “Show original.”
In Outlook
- Click on the message you want to check.
- In the View pane, click the Action menu (three horizontal dots).
- Select “View message source.”
In Yahoo!
- Open the email.
- Click More (the three horizontal dots) at the top.
- Select “View raw message.”
Other email clients work in a very similar way to find the full message header. No matter which email client you use, the result of clicking on the command to show the full header will give you crazy looking text that won’t make much sense to most people. It’s computer code and jargon relating to the email.
Finding the source IP address for the email isn’t difficult. Press Ctrl + F to search for the text “Received from.” Once you find it, you will see the sender’s email address followed by their numerical IP address.
Use a site to decode it
Once you have located the email header, there are several sites you can use to find the source IP instead of searching for it yourself. Copy the complete header into the text box on the site and click on the button to let the site evaluate the header and find the IP address for you. Some of these sites include: MXToolbox-Analyze Headers
GSuite Toolbox Message Header
IP-Address Email Header Trace
Look for a Physical Address
Once you have found the IP address, you may want to search for its geographical location on sites such as whatismyip.com or IP Tracker. Type the IP address from the header into the search box, and you will see either a table of information about the IP source or a map showing the location. Once you know the IP and the location where the email came from, you can check it against legitimate emails you have received from that company. Although looking up the source IP can be a great help in determining the legitimacy of an email, don’t believe everything you see. It’s not difficult for spammers to use proxy servers to hide their IP address or add multiple Received from fields to confuse you. If you are still in doubt about the actual source of the email, it’s probably best to ignore it and delete it.