webmail

Is there anyway an investigation could determine who setup a web based mail account, i.e. who is the actual person behind adjsdjasp@particulardomain.com

I beleive I no the answer but thought I'd check...
LVL 3
pma111Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Cameron_SConnect With a Mentor Commented:
What warturtle is saying is that the webmail (say Hotmail in your example) server administrators could see that the person using the webmail account was using AOL broadband. AOL Broadband admins could then in turn track it down to a physical location (house, internet cafe).

The e-mail header will simply state the server of origin, i.e. Hotmail.
0
 
Cameron_SCommented:
The short answer is yes. The long answer is that the originating account creator could be traced to a specific IIP address. That IP address could then translate to an address and individual workstation. However, a direct correlation between Bob Ross and bobross@domain.com would be hard to determine outside of computer forensics on the actual workstation in question.

If an ISP is willing to cooperate with an investigation, you could track down to an individual machine. In turn, LEO could obtain a warrant and seize the machine, if they have reason to believe it was used in a crime. This is how things like child pornography and pirated software are tracked.
0
 
warturtleCommented:
Email headers will tell you of where the message originated from (webhosting company) and if a legal agency approaches the webhosting company for more information, they can provide details of IP address that was used to logon and can help with investigations.
0
 
pma111Author Commented:
Could you ellaborate warturtle, are you saying if someone had say aol broadband as their internet service provider, but say the suspect email account was a hotmail email account suspect@hotmail.com, would the email header have some refernce to aol somewhere?
0
 
warturtleConnect With a Mentor Commented:
Yes, that is exactly what I was trying to say. Thanks, Cameron_S :)

Just to explain by taking your example - if someone uses AOL Broadband and accesses their hotmail account - suspect@hotmail.com to send an email to innocentyou@gmail.com then you can see the email headers and find out that the email actually came from hotmail.com (sometimes this is simply visible in the email address that the mail came from in this case its hotmail).

But, if the email came from asfdasd@askjfhasd.com , then you can see the email headers to see the IP address or the domain name of the actual server that sent the email. Then, you can do a tracert to find out which webhosting company has that IP address. And then, after that you can follow the advice from Cameron_S to take your investigations further ;-)

Hope it helps.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.