Do you need to trace an email address to locate or identify the sender? You can still accomplish this even if the email account is now closed and no longer active. It may be a bit more difficult but it is still possible to identify the person behind that email address. In this article we will attempt to deal with the additional problems an investigator faces when he is trying to investigate an old or state email address that has been deactivated.
First this we need to do is find out if the email address we are attempting to investigate is still active or has been closed. If the email address we are investigating was opened for the sole purpose of contacting our client and then closed immediately after sending an email then it’s going to be difficult to trace. But if the account has been used for years but only recently deleted after sending the offending communication it may be a very simple investigation. In fact the email address may be found in an instant data base service.
In order to determine if the email is active you need to test it out using one of the many online services that will tell you if the email is active. You can also email the account from a fake email account and see if it bounces. Of course there are many more technical methods you can use but in this article we are dealing with the basics.
If we have determined the email is inactive this cuts our investigation techniques in half. Because we can only analyze incoming data from the email. In an ideal investigation we will be investigating the senders computer by analyzing information we can capture when they open a pretext email we sent to them.
So we will have to analyze the incoming headers and extract the IP address, use geo tracking, IP Address locating and good old Whois to identify the ISP of the sender. We can also investigate the IP address to see if it is associated with any other online activity. But besides the IP information we may be able to tell the senders email program such as outlook express.
We can submit the email to a data base search to see if it has been used online in the past. We can search the deep web, member ship sites, online billing and payment services to se if the email address had ever been used in a financial transaction. Social networks also have an email search feature to find or add friends.
There are also pay searches such as Online Infidelity Investigations and Online Gambling Investigation searches that can trace an email to an online Gaming site or a secret online personal ad on a dating site. This kind of email investigation can actually return a picture of the person behind the email address.
So as you can see that it is possible to trace an email and locate or identify the sender even if the email address has been deactivated or deleted.