MS Outlook: Zoom into Headers to See Who Is the Sender.
Or
You Pays Your Monies and You Take Your Chances, Pt. 3
In
the previous post, the basics of displaying the Outlook Message Headers
was discussed. And how the Message Headers can
help
verify the email address of a sender. There is, however, more
valuable information contained within the header to help further
investigate and verify the legitimacy of a sender. One valuable
and easy to understand information that can be ascertained from the
message headers is the IP address of the sender. Once we have the
IP address of a sender, free online tools can be used to verify from
where the message in question was sent. And does the domain name
that the IP address point to match the domain name of the sender's email
address.
That said, what is obvious from a cursory look at message headers is that the contents within the headers is difficult to read. One clear problem when working with Outlook Message Headers is that the font in the Message Header is very small. Moreover, since there is no zoom control within Outlook to adjust the font size within the header box, we therefore must take additional steps outside of Outlook to adjust the font size. We use the Magnifier Control from Windows Settings to do this.
The Magnifier Control is located from the menu within the Windows Settings. As you can see from the image to the left, Accessibility is an option within the main Windows Settings Categories. To access the Accessibility tools, simply click Start → Settings → Accessibility.
The Accessibility Tools are intended to help those Windows users with one disability or another. For our purposes here, we will use the Magnifier tool to increase the zoom level within Outlook to be able to better see the contents of the Message Headers dialog Box. And then capture the IP address of the sender.
A note to my Readers. The email address I use here gets almost no spam, and is not in any known database of compromised email address. So when that email address I use is displayed, I redact that address from the discussion. Thus, the heavy black lines shown within the Message Headers. I also redact any other person's personal emails with my own Censored box.
So here are the steps to use the Magnifier to help read the contents of
the Message Headers dialog box.
Table 1
| To Toggle On and Off the Magnifier within MS Outlook 365 |
| From within the Accessibility Settings in Windows, click Magnifier. |
 |
|
There are two controls that to adjust before we use the
Magnifier within Outlook. I suggest for best results, I set the Zoom level be set to 150%. The default value is 200%, which becomes unwieldy for our purpose here. I set the Zoom increment value at 50%. Each click on the zoom control will magnify what is displayed on the screen by 50%. I suggest that you just leave the Zoom level value at 150% to work within Outlook. When these adjustments are made, simply close the Accessibility window. |
 |
|
Open Outlook. Select the message that you want to examine
the headers thereof. To activate the Magnifier, you use the simple keyboard shortcut: Windows Key & The "Plus +" sign key. The Windows Key on the keyboard is located between Ctrl and Alt. It has the Windows logo on it. To type the "Plus +", I suggest using the keypad, and not the top row number keys. No Shift key is needed. |
 |
|
Once the Magnifier is engaged, it will be easier to see and work with the text within the Message Headers dialog box. The email that I have chosen as our sample is from a known entity. The person sending me the email is. however, not known to me. Now that I have captured the IP address of the sender (212.227.15.52), I can verify its authenticity. |
 |
There are many "Whois" web and IP address lookup tools available for free use on the Internet. These IP lookup tools are the cyber sleuth's best friends. My favorite is the lookup tool provided by Domain Tools. The URL is https://whois.domaintools.com/.
What the Whois search will tell me is whether or not the IP address that I just captured from the Message Headers dialog box is matches the domain name of the sender. The domain name is legitimate; but that domain name could also be spoofed. So, if the two match that is some assurance that the sender and the email are a legitimate.
Using Whois Lookup
Table 2
| Using a Whois lookup is quite
simple. Go to the website, in this case domaintools.com. Type either the domain name or the IP address you wish to query. Click Search. You may be asked to verify your humanity with a Captcha. I am a frequent user. So I was not confronted with Captcha. |
 |
| The results that are retuned
from the lookup will vary depending on how much information is
available about the subject of the search. In this case, I simply want to verify that the domain name of the message sender matches the domain name returned by the IP address search. The sender's email address says the email came from 1and1.com; and so does the IP address. |
 |
So, the next time you receive an email that looks promising, but also might be threatening, you have tools to verify the veracity of that email. This is especially critical in business where a valuable offer might come in an email from a possible new vendor or customer.
The crooks bet you do not know about these tools, or how to use these tools. Now you do.
Gerald Reiff
| Back to Top | ← previous post | next post → |
| If you find this article of value, please help keep the blog going by making a contribution at GoFundMe or Paypal | ||