| An Email header trace is where you take an incoming | | | | especially with the addition investigative tools such as |
| email. Locate the header information. Take that header | | | | an Email Header Comparison. |
| information analyze it and attempt to determine the | | | | Let's say you have a suspect in mind who is sending |
| origin of the email. | | | | the emails you want identified. Lets say that suspect is |
| Many times when you see the question asked about | | | | an ex boyfriend or girlfriend. In that case a trained |
| how to trace an email back to the sender they will | | | | investigator experienced in email tracing can take the |
| answer by telling you how to trace a header. | | | | header that needs to be identified and compare it |
| While a header trace is often helpful in identifying the | | | | forensically to the suspects email header and |
| sender usually the only thing you can determine is the | | | | determine if they come from the same computer. With |
| senders ISP. | | | | a basic email header comparison investigation you can |
| If you are working on a case that involves civil litigation | | | | either rule in or rule out the person as a suspect. But a |
| you may be able to serve the ISP with a subpoena | | | | trained investigator can take it even further and use |
| duces tucem. | | | | little known methods to obtain more information about |
| A command to a witness to produce documents. | | | | the senders and suspects computers including the |
| The ISP will send their custodian of records to testify | | | | operating system, browser and even the MAC ID. |
| and identify the account information they have on | | | | This kind of detailed comparison could prove beyond a |
| record. | | | | doubt whether or not your suspect is the sender of |
| If you are working on a criminal case you can get a | | | | the email. |
| search warrant signed by a judge and serve that on | | | | Most private investigators you'll find in the local yellow |
| the ISP. The ISP will be required to turn that information | | | | pages will be unfamiliar with this field of investigation. |
| over to law enforcement. | | | | They will think it involves illegal computer hacking or |
| Many times the recipient of an email will want to | | | | that the only method is through subpeona or search |
| perform a header trace to identify who sent an email | | | | warrant. |
| but there is no civil or criminal case pending and they | | | | Thats why you need to hire a private investigator that |
| cannot obtain either a warrant or subpoena. | | | | is an expert in email tracing and Internet investigations. |
| Unfortunately in most cases a simple header trace will | | | | Do a Google search to find a qualified professional to |
| not reveal the identity of the sender. But at the same | | | | handle this type of investigation. |
| time the information it does provide can be useful, | | | | |