Where that email is really coming from

Today we’re going to tackle a common trick that scammers use to get you to look at emails. It’s called spoofing. Spoofing is when you make an email, message, or phone call appear to come from a legitimate account or phone number.

To be clear, you don’t need to hack an account or have any access to it in order to spoof it. You just need to know the email address, the name of the person, or the phone number. A spoofer could send an email that says it’s from the IRS, Microsoft, your bank, or even your own email address.  Here’s how to check where that email is really coming from. I’ll show you using some popular services, but the technique is pretty similar from email to email.  If you’re using Outlook online, click the three-dot iconar next to the Forward and Reply buttons in the message and choose View from the menu. Then click on View message source.

Scroll down through the full header and look for the words From. Does the From match the Reply to?


In Gmail, select the three-dot icon next to the Reply arrow and choose Show original.

Then scroll down through the info and look for the Return Path. Make sure it matches the From address.


If you’re using the Outlook email client that’s part of Office, you can open the message and click on File.

Then choose Properties.


In the Internet Headers box, arrow all the way down to the Reply-To address and make sure it matches the sender. If it’s too tiny to read, you can copy and paste the info in Notepad and enlarge the text.

The Windows Mail app doesn’t offer a feature like this.

Of course, if you think something is suspicious, your best bet is to contact the alleged sender. Not by clicking on any link in the message, calling any number in that message, or replying to that message. Instead, independently look up the contact information for the agency, bank, or person and contact them to see if they’ve contacted you.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.