How to Reverse trace emails on the internet – Complete Guide

trace emails

If you wanted to feel like a real ethical hacker and trace emails or track emails as they show in the movies and Tv shows using header information or god-level techniques (just to track email), then you have come to the right place. Today we will show you how exactly you can trace email and all the information from an email you have received. Now you might be wondering why do I care about tracing email and it’s information? Like who cares really?

Well, it turns out you should care about it mainly because emails are the number one source of phishing. And you can guess the importance of knowing everything you can about the bank email you just received asking for account information.

So let’s start with how exactly track email and tracing works?

Emails, when received, contain a lot of raw network information which is generally hidden from the user. By using the hidden information popularly known as raw information, we can effectively track an email and find in-depth information about the source of the email.

The way this works is we copy the raw header information (exact steps will be shown below). The tools and websites given below will use this IP and header information to trace the origin of the email address and the geographical location from where it was sent from. Tracing the information is legal since you have every right to do so. Still, you might want to check your country’s laws regarding the same just in case.

Trace Emails-

For this tutorial, I will use a phishing email that was sent to me as an attempt to compromise my amazon account. Luckily I used my email tracking skills to find out the truth about the email source. So let’s begin

Step 1: Getting the raw information to trace emails

Open the mail and check the raw information to track email t. For convenience, I will show how to do this on Gmail. Since it is the most popularly used email service:

Open the email you want to trace:

phishing mail i will trace

Click on more and “show original” option as shown below:

show header information for tracing email

Once you have the data just copy it and follow step 2.

email header information for tracking mail

Step 2: Open the email tracer application or websites.

Installing so many apps is a hassle, so I have decided to show two of my favorite websites for tracking and tracing emails.

Link: https://www.ip2location.com/free/email-tracer

Link: https://whatismyipaddress.com/trace-email

Both of them work the same way. For this tutorial, I will use ip2location.

tracing email

Copy the email header information from step 1 and copy-paste it in the header section as shown in the images below.

trace mail

Once you are done. Click on the lookup button to track email.

Step 3: Analysing the output.

You will get a lot of information, as shown below:

Note how the information shows that the original source is not amazon.com but wowrack.com.

This proves that this was a phishing email targeted at me. The second IP was a fake amazon server intended to trick me into believing that the email was from the actual amazon.com.

IP Address216.244.76.116
Country United States
Region & CityWashington, Seattle
Coordinates47.620620, -122.310960 (47°37’14″N   122°18’39″W)
ISPWowrack.com
Local Time21 Sep, 2019 09:37 AM (UTC -07:00)
Domainwowrack.com
Net Speed(COMP) Company/T1
IDD & Area Code(1) 206
ZIP Code98168
Weather StationSeattle (USWA0395)
Mobile Carrier
Mobile Country Code (MCC)
Mobile Network Code (MNC)
Elevation47m
Usage Type(DCH) Data Center/Web Hosting/Transit
IP Address15.164.56.245
Country Korea, Republic of
Region & CitySeoul-teukbyeolsi, Seoul
Coordinates37.568260, 126.977830 (37°34’6″N   126°58’40″E)
ISPAWS Asia Pacific (Seoul) Region
Local Time22 Sep, 2019 01:37 AM (UTC +09:00)
Domainamazon.com
Net Speed(COMP) Company/T1
IDD & Area Code(82) 02
ZIP Code100-101
Weather StationSeoul (KSXX0037)
Mobile Carrier
Mobile Country Code (MCC)
Mobile Network Code (MNC)
Elevation54m
Usage Type(DCH) Data Center/Web Hosting/Transit

In my case the original source message was from wowrack.com and from there it went to a fake amazon server. Then from the fake amazon server, an email message was sent to me asking me for information and login.

You can see how easily someone can be fooled thinking this mail is from amazon. That is why we need to be careful, especially with emails and attachments. Make sure you report spam and phishing messages as they will make Google spam detection that much better.

Conclusion:

We have learned how to trace emails to the source. We have also learned how to identify phishing emails and prevent hackers from gaining sensitive information about us.

Use fake emails where your real email address is not required.

This is one of the methods hackers use to hack your accounts by sending fake emails claiming to be the bank or service you regularly use. This is just one of the ways to detect phishing. Soon I will write a dedicated article on detecting phishing attacks. Keep supporting the hacking world till then.

Also read: How to secure and recover your Gmail account?

Commonly asked questions 

Q1. Is this tool foolproof?

There is no such 100% guarantee. Instead, my recommendation is to use two or more tools. If both the tools show that the email cannot be trusted then report it as spam and block the sender.

Q2. Can I only use the email address without header information for tracing emails?

Yes, but it will be inaccurate and frankly useless in my frank opinion. Try to get the header information or simply ignore the mail. Check your main account instead. Never trust emails unless they are properly verified.

Q3. Are these email tracking and tracing tools and websites legal to use?

Yes, they are legal. Since you have the right to know where the message you received came from. Some country laws might not agree with me. So I suggest checking your country’s laws just in case.

Q4. I use antivirus. Do I still need to be worried about emails?

Antivirus generally does not check phishing emails and phishing pages. Even if they do, their ability is fairly limited since hackers keep making new and convincing phishing pages. For this reason, trust only yourself. To install a good antivirus but also keep good vigilance while clicking on emails and attachments.

Hopefully, you guys liked the article do share the articles as much as you can. You can always make custom requests on the custom requests page. Tracing Email can be done in many other different ways.

Do share this article with your loved ones. Happy hacking.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top