Do you need to trace an email address to locate or identify the sender? You can still achieve this even if the email account is now closed and no longer active. It may be a bit more difficult, but it is still possible to identify the person behind that email address. In this article we will attempt to address the additional issues an investigator faces when attempting to investigate an old or state email address that has been deactivated.
First, what we have to do is find out if the email address we are trying to investigate is still active or has been closed. If the email address we are investigating was opened for the sole purpose of contacting our customer and then closed immediately after sending an email, then it will be difficult to track. But if the account has been used for years, but only recently deleted after sending the offending communication, it can be a very simple investigation. In fact, the email address can be found in an instant database service.
To determine if email is active, you need to test it using one of the many online services that will tell you if email is active. You can also email the account from a fake email account and see if it bounces. Of course, there are many more technical methods you can use, but in this article we cover the basics.
If we have determined that email is inactive, this cuts our investigative techniques in half. Because we can only analyze incoming data from email. In an ideal investigation, we will be investigating the sender’s computer by analyzing the information that we can capture when they open a pretext email that we send to them.
So we will have to analyze the incoming headers and extract the IP address, use geo tracking, IP address location and good Whois to identify the sender’s ISP. We can also investigate the IP address to see if it is associated with any other online activity. But in addition to the IP information, we may be able to inform the sender’s email program, such as Outlook Express.
We can send the email to a database search to see if it has been used online in the past. We can search the deep web, member submission sites, online billing, and payment services to see if the email address has ever been used in a financial transaction. Social networks also have an email search feature to find or add friends.
There are also paid searches, such as Online Infidelity Investigations and Online Gambling Investigation searches, that can trace an email to an online gambling site or a secret online personal ad on a dating site. This type of email investigation can actually return a picture of the person behind the email address.
As you can see, it is possible to trace an email and locate or identify the sender even if the email address has been deactivated or removed.