How to Verify That an Email From Me is Genuine

01 Jan

Over the years, I’ve found people who have attempted to impersonate me via fake email addresses to scam companies out of free products.  This short tutorial will help you ensure that an email that appears to be from me is genuine.  You should be aware that it is entirely possible for someone to spoof the “From” field in an email, but I have set up my email system through Google Apps in such a way that it should be virtually impossible for someone to successfully spoof my email.

At the very least, after reading this article, you will be able to identify a spoofed or genuine email from me. This information may not apply to others who have not set up their email in the same way.  Of course, you can always send an email directly to my posted email address to verify.

Step 0: The ‘From’ Field

If the ‘From’ field does not say @ThioJoe.com, you can be assured that it is fake.  Please forward me any scam emails you receive that claim to be me.  If it does appear to originate from my domain, but you have reason to believe the email is suspicious, follow the next steps.

 

Step 1: Find the Email Headers

Email headers contain the “raw” data that the computer sees in an email that gives it all sorts of information about who sent the email, how it was sent, and other useful info.  Every email program will have the ability to view the raw headers, but the process will be different for each program (such as Outlook, Gmail, Yahoo, etc).  This website has guides for almost every email software out there, so go here to find the process specific to your inbox software: https://mxtoolbox.com/Public/Content/EmailHeaders/

 

Step 2: Use Google’s Header Analyzer Tool

Google has a very useful tool for analyzing headers, which can be found here:  https://toolbox.googleapps.com/apps/messageheader/

Copy the entire header text you found from the email in question, then on the page linked above, paste it into the box and click “Analyze the Header Above”.

Optional: Use Gmail / Google Apps Built in Header Analyzer
If you use Gmail or Google Apps, you can open any email and click the drop down arrow (next to the reply button), and click “Show Original.”  This will save you from having to copy and pasting the headers.

 

Step 3: Look at the Results

Hopefully, the results will look something like this. Notice that all three authentication tests (SPF, DKIM, DMARC) all pass.

Google’s header analyzer tool results:

messageheader

Authentic email passes SPF, DKIM, and DMARC

 

Gmail / Google Apps built in “Show Original” analyzer:

Gmail's built in analyzer will also show passed tests

Gmail’s built in analyzer will also show passed tests