Avatar of Now Then
Now Then
Flag for United Kingdom of Great Britain and Northern Ireland asked on

How to determine whether an email is a spoof or whether the email account has been hacked into.9

My brother-in-law has forwarded an email conversation to me that was initiated by a request for the payment of an invoice that did not exist. The spam email appears to have come from his email address and was sent to people in his address book. I was wondering if someone could help me to recognise whether the spam email is a spoof or whether someone or something has managed to hack into the email account. I have no real experience of reading email headers so please be gentle.
Thank you in advance.
Email ClientsEmail ServersEmail Protocols

Avatar of undefined
Last Comment
Now Then

8/22/2022 - Mon
Andrew Leniart

My brother-in-law has forwarded an email conversation to me that was initiated by a request for the payment of an invoice that did not exist.
I frequently see these myself. They are scam emails sent in the hope that some lowly paid accounts payable clerk at a company (or the owner himself) will just assume the invoice is valid and pay it.

I was wondering if someone could help me to recognise whether the spam email is a spoof or whether someone or something has managed to hack into the email account. I have no real experience of reading email headers so please be gentle.
Who are the participating authors of this conversation? Does he recognize any of them? It's highly unlikely anyone has managed to hack into your brother-in-laws email account just because he got an email like this. A hacked account would almost certainly have other indications of unauthorized use.

If you want to be on the safe side, advise your brother in law to change his email account password and ensure his account recovery options are valid.

I hope that's helpful.

Regards, Andrew
Now Then

ASKER
The spam email purports to have come from my brother-in-law. It has been sent to people in his address book.
David Johnson, CD

really without the headers there isn't much anyone can do from afar. you could try pasting the header into https://mxtoolbox.com/EmailHeaders.aspx
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Now Then

ASKER
Are the email headers from the original email still visible when the email has been forwarded?
Andrew Leniart

Yes, if an email has been forwarded, the original email headers should remain. If you could tell us which email client are you using, we can help in how to extract the email headers.
ASKER CERTIFIED SOLUTION
Andrew Leniart

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Now Then

ASKER
Well, it seems that forwarded emails do not contain the headers from the original email. I am waiting now for someone to provide me with the original headers. That could take a while.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.