Archive for the ‘Career’ Category

You receive an e-mail from a prospective customer – requesting information on your products, price etc. or placing order. Normally, you would like to find out more information about this customer before parting with requested information, especially if the information is of sensitive nature like price list, discount rate etc. There may be other occasions when you want to find out more information about e-mail sender – for example, to locate the identity of a spammer or someone whose identity is suspicious. How do you go about it?

I belong to a closed network of CEOs who share information with each other regarding international finance and trade deals worldwide and every month we share notes in our own blacklists as well as high level messages carrying “red flags”. Since I achingly encounter fraudsters (and lately some cyberbullies) on a weekly basis, I decided to write about one simple technique we do that I tell our employees worldwide in how we do business within MJS companies.

E-mail is perhaps the easiest thing to acquire in the Internet. Though Internet is anonymous – there are few tools with which you may dig out some information about your customer before entering into a negotiation. For example – if you receive an e-mail from a ‘customer’ with US postal address but discover that the e-mail has been sent from an African country – you´ll  know what to do with the help of these steps.

Analysis of Given Details

Every e-mail has at least three distinct elements:

From: (e.g. abcd@whyme1234.com)

To: (e.g. seller@products.com)

Subject (e.g. Want to buy Your products)

The simplest test is to put the tail of sender’s e-mail address (e.g. www.whyme1234.com for abcd@whyme1234.com) in your browser’s window and check if there is a web-site at this URL. If you find a valid and business like web-site at this URL – your job becomes easier. One can dig out significant details from web-site as also other sources. Please see Faida article – ‘How to evaluate a business web-site’ for details. 

However, if you can not find e-mail sender’s web-site at URL – do not jump to conclusion that the sender is phony. Lot’s of people use business e-mail address without web-site. In such cases, you need to determine if this guy is one of them or is using an anonymous web-based free e-mail, disguised as business e-mail. Your next task is to find out ownership details of the domain name.

Tracing Owner of Domain Name

Internet Corporation For Assigned Names and Numbers (ICANN) is the nodal agency that supervises registration of domain names. Information on ownership of domain names can be located from ICANN approved registrars, who maintain public access database (called whois) on ownership of domain names.

Please visit such a whois (e.g. http://www.internic.net/whois.html) and check ownership of domain name. 

If the sender is using a business e-mail – the domain name should be registered in sender’s or his/her company’s name. 

When e-mail Sender Uses free web-based E-mail service

What happens when the e-mail sender uses a web-based free e-mail service (e.g. hotmail.com,yahoo.comrediffmail.com etc.) ? Well, you can still find information about the sender by analyzing the e-mail header.

Unraveling Hidden information from e-mail header

Every e-mail has a visible set of information on sender (From:), recipient (To:), subject (Subject:), Organization of the sender (Orgn:) etc. However, there’s a great deal more hidden within, that can reveal significant information about the sender. 

A little scrutiny of this hidden information may help you locate sender’s country, genuineness of the e-mail used in ‘From:’ column, whether the sender tried to conceal his/her identity etc. 

A fake sender attempting to confuse identity usually means a fraudster trying to steal your money or a virus attack, a potential hazard in either case, that can cost you a lot in terms of financial loss, computer crash etc. A little time spent on analyzing suspicious looking e-mails is an insurance against such disasters. 

Those using Yahoo, AOL, Hotmail or any such web-based e-mail service may think that their true identity and location are hidden. In reality – one may still find information about them by analyzing their e-mail headers.

What is E-mail Header

The part of an e-mail where such hidden information is stored is called ‘header’. Header of an e-mail stores various information on the path it has traversed while reaching your mailbox – right from sender’s computer. Normally, one doesn’t need this kind of information and mail clients (Eudora, Outlook, Netscape etc. ) do not display it. 

To see e-mail header in Netscape, open any e-mail and click 

View > Page Source 

For Outlook, right-click on the mail message that is still in your Inbox, select ‘Options…’ from the resulting popup menu Examine the ‘Internet Headers’ in the ‘Message Options’ dialog 

At first look – the header may look confusing and puzzling. This is more so for spam e-mails as spammers try their best to make the header misleading. Do not lose heart – I am going to explain how to pick up right information from it.

Examining a Typical Header

Let us examine following e-mail header:

1. Delivery-date: Wed, 03 Nov 2004 23:59:47 -06002. Received: from bani by arjuna.banijya.com with local-bsmtp (Mann 4.43)
3.  id 1CPaev-00057o-Q4
 4.  for abcdxyz@banijya.com; Wed, 03 Nov 2004 23:59:47 -06005. Received: from [203.199.83.28] (helo=rediffmail.com)
6. byarjuna.banijya.com with smtp (Mann 4.43)7. id 1CPaev-00057f-8T
 8.  for info@infobanc.com; Wed, 03 Nov 2004 23:59:45 -0600
9.  Received: (qmail 28471 invoked by uid 510); 4 Nov 2004 05:59:09 -0000
10. Date: 4 Nov 2004 05:59:09 -0000
11. Message-ID: <20041104055909.28468.qmail@webmail18.rediffmail.com>
12. Received: from unknown (61.3.251.11) by rediffmail.com 13.  via HTTP; 04 nov 2004 05:59:08 -0000
14. MIME-Version: 1.015. From: “Raj International ” 16. Reply-To: “Raj International “ 
17. To: “InfoBanc” 
18. Subject: Thanks for activation

Explanation of Header Elements

If you look carefully at e-mail header above, a pattern is clearly visible. The header is composed of several lines of text – each starting with header name (e.g. Delivery-date) , a colon (:), a space and finally header value. If a line starts with a tab or spaces (line nos. 2-4 and 5-8) – that line is a continuation of the previous header value line. So, the header name ‘Received:’ in line 2 has a header value that spans lines 2 to 4. 

Some of the header names are simple and self-explanatory, such as the ‘Delivery-date:’, ‘From:’, ‘Reply-To:, ‘Subject:’ etc. For example, sender’s e-mail address appears after header name ‘From:’ and the recipients e-mail address appears after the ‘To:’ header name. 

Please note – mail servers have no way to check if the sender is using his or her own e-mail address. This lack of verification is a weakness – that spammers and fraudsters use ruthlessly to confuse recipients. So, do not accept sender’s e-mail address at face value. A fraudster or spammer, in all likelihood, will never use his/her actual e-mail address. Instead, he/she may use a legitimate e-mail address (it could even be your own e-mail) as sender. 

We shall not discuss each and every header name – as many of these can be forged or a fake one inserted by spammer. What is most important for our purpose (and most difficult to forge) is the ‘Received:’ headers. Analysis of ‘Received:’ header names can reveal a great deal of information about the sender.

Locating Actual Sender from Header Analysis 

Every e-mail has a header that stores significant information about sender of the e-mail and the path it traversed before reaching your mailbox. In earlier issues – we have discussed how to read e-mail headers and various header elements. In this issue, we shall discuss how to locate actual sender of an e-mail and his/her geographical location. 

Considering anonymous nature of Internet – this a vital piece of information for every e-business. If you receive an e-mail from a ‘customer’ with US postal address but discover that the e-mail has been sent from an African country – you know what to do ! 

Users of web-based free e-mail services like Yahoo, Rediffmail, Hotmail etc. may think that their true identity and location are hidden. In reality – one may still find information about them by analyzing their e-mail headers.

‘Received:’ Headers

Of all header elements we have discussed, ‘Received:’ headers are most important for identifying sender’s country. One reason is that – ‘Received:’ headers are most difficult to tamper with. 

Any header element can be forged and faked ones inserted up to a point, as the headers are just textual data, and only the headers added by servers that you trust can be considered reliable. 

Every time an e-mail moves through a new mail server, a new Received header line (and possibly other header lines) is added to the beginning of the headers list. This means that as you read the Received headers from top to bottom, you are gradually moving closer to the computer/person that sent you the e-mail. 

But please note that as you read through the Received header fields and get closer to the computer/person that sent you the e-mail, you need to consider the possibility that the sender added one or more false Received header lines to the list (at the time, the senders beginning of the list) in an attempt to redirect you to another location and prevent you from finding the true sender. But, now that you know false header lines are possible, just stay alert.

Reading ‘Received:’ Header

Consider following e-mail header and its interpretation:

1. Received: from [216.136.225.35] (helo=web20024.mail.yahoo.com2. by arjuna.banijya.comwith smtp (Mann 4.43)
3. id 1CPhNE-0002Qt-0T4.  for info@infobanc.com; Thu, 04 Nov 2004 07:09:56 -06005. Received: from [69.132.4.255] by web20024.mail.yahoo.com via 6.  HTTP; Thu, 04 Nov 2004 05:09:53 PST

Interpretation

Line 1 – 4 : Mail sever arjuna.banijya.com  receives a mail  for one of its clients (info@infobanc.com) 
 from mail server web20024.mail.yahoo.com
 which has an IP address 216.136.225.35



Line 5 – 6 : Mail server web20024.mail.yahoo.com receives
  a mail from IP 69.132.4.255

By the way – IP stands for Internet Protocol. The Internet uses a technology to interlink millions of computers in its fold – TCP/IP. The core of this technology is called IP addressing or Internet Protocol addressing. Every computer connected to Internet is given a unique number for identification – called IP number. IP number is used to verify location and activities of any computer. Your ISP provider assigns you an IP address each time you connect to the Internet. 

It is evident from header interpretation that actual sender is the one at the bottom of series of ‘Received:’ headers and the recipient is at the top. In other words, mail server web20024.mail.yahoo.com received an e-mail from IP address 69.132.4.255. 

So IP address 69.132.4.255 is the sender of this e-mail. 

Interestingly, this sender used a free web-based e-mail service (yahoo.com) to send this e-mail – still his/her identity can be traced using IP address 69.132.4.255 found in mail header.

Locating Sender’s Country from IP Address

Spammers and fraudsters may forge many header elements like ‘From:’, ‘Received-date:’ etc. – but it is very difficult to change IP addresses inserted by mail servers. At best, they may insert fake ‘Received’: headers to confuse recipient. 


 

Once you locate IP address of actual sender’s mail server or computer, it is possible to locate geographical location or country.

E-mails are anonymous by nature – but contains significant information in its header about the path it traversed before reaching your mailbox. The header is normally not visible. We have discussed how to view and analyze header of any e-mail and locate actual sender with his/her IP address. In this issue – we shall discuss how to locate sender’s country from IP address.

Internet Resources for IP Analysis

There are various free and paid-for Internet resources to help you find information about IP addresses, domain names etc.

1. VisualWare

Perhaps the leader in IP tracking software, Visualware has number of products to track e-mail, IP, domain name owner etc. 

VisualRoute and eMailTrackerPro are two software from Visualroute that can help you significant information on e-mails. 

VisualRoute has a free service to demonstrate how the software works. If your IP tracking requirement is modest – you may use this free service to track any IP address. However, if you wish to use this facility regularly – please consider buying the software. 

To use the free service – please visit Visualware web-site http://www.visualware.com/index.html

Click on ‘Online demos’ button on above page – you will reachhttp://www.visualware.com/demo/index.html 



Click on ‘VisualRoute’ link on above page and you will reach IP Tracking area –http://visualroute.visualware.com/ 



There is a simple one-step registration process that requires your e-mail address only. Enter your e-mail address in registration box – an identification number (called PIN) will be sent to your e-mail. Use this PIN for first time – you will not require it again. 

After registration – copy and paste any IP number and it will immediately show the country of origin of the IP number on world map.

2. DNS Stuff

My favorite – this is a very powerful yet completely free service that does dozens of extremely useful functions. Internet is truly a marvelous place – where else would you find such high quality service completely free of cost ? 

This does not even require registration – please visit http://www.dnsstuff.com/ and perform dozens of IP and DNS related functions. 

To trace geographic location of an IP address – please use Tracert (Traces the route packets)

3. American Registry for Internet Numbers (ARIN)3. American Registry for Internet Numbers (ARIN)

An excellent free source for finding information on IP number. To use this service, please visit http://www.arin.net/whois/index.html . Enter the IP into the search text box and hit “Submit”. If the IP address belongs to an organization in North America or sub-Saharan Africa it will display the details of owner of the IP address. 

For organizations located outside ARIN’s geographical area of responsibility – here are other resources 


RIPE (European Registry):  http://www.ripe.net/ripencc/pub-services/db/whois/whois.html

APNIC (Asia Pacific Registry): http://www.apnic.net/apnic-bin/whois2.pl

LACNIC (Latin America and the Caribbean Registry): http://lacnic.net/cgi-bin/lacnic/whois?lg=EN

To determine in which geographical area a particular country is located, see the List of Countries in Regional Registry Geographical Areashttp://www.arin.net/library/internet_info/countries.html

 4. NetGeo – The Internet Geographic Database

NetGeo is a free service for locating geographical position of an IP address. Though this free service is almost as good as Visualware – much of its functionality is now lost as its database is not updated regularly. 



You may find more information about NetGeo at http://www.caida.org/tools/utilities/netgeo/ 



To use this facility – please visit http://www.dnsstuff.com/ and use NetGeo IP Lookup

Here are just some pointers to help your business and personal life. Our companies, MJS Commodities and MJS Capital  are very active within international trade, we are very diligent in making sure that we deal with real players in the business. Trust, Integrity and relationships are our greatest commodities in our business. I hope this will help you become productive and have a safe experience in this new technologically savvy  generation of fraud, scams and cyberbullying. I look forward to your comments, feedback and suggestion.

Advertisements

Martin Luther King said, ” I have a dream…” Abraham Lincoln failed so many times before he became President. So many people whom we admire went through hell and high water before they achieved their dreams.

I just realized today, that the more I get bugged by my past, the more I get my acceleration. I have been trying to be proactive as much as I can. The previous person I gave my heart and soul to was the very poison I didn´t need. I know in my lifetime I go through a lot of purging. I guess the last baggage that was holding me back was gone and now I am really to fly.

I guess we do go through life in phases. I am in this moment of my life where I have emptied myself and ready to take on what I am destined to do. One step at a time. My mantra now: THINK BIG, DO BIG. But strategies has to be made. So I forced myself to ponder on questions where its answers woke me up and gave me clarity to make my priorities:

1. What do I want for the quality of my life?
2. What do I want for the quality of my relationships?
3. How will becoming fit and maximum health influence my destiny?
4. How will financial prosperity give me the freedom to live an outstanding life?
5. How will increasing spiritual insight balance my life and create harmony?

I just finished courting what could be one of the biggest fish I caught this month. I now have a Chief Creative/Developer..and would be the other CTO I am looking for my management team. The guy has impressive accolades that adds credibility to my company. Funny thing, I know his father, who created Darkwing Duck for Disney on which I am a fan. My new right hand man was responsible for various works and was connected for programming/creation of websites the 49th Grammy, Amazing Race, Survivor Fiji, CBS, Victoria Secret Fashion Show, some credit unions, ticketmaster, match.com, ask.com…yeah…it is endless. I am humbled by his experiences

Then 2 are coming in one with telecom experience and the other solutions architect from Asia´s biggest interactive agency.

By Spring next year, I also have a meeting with Yahoo. Ah, you guys will have to wait on that.

Definitely, now my team is beginning to look like a superstar team worthy of representing multimillion dollar projects. We are entering January with a bang! I am just glad my inner circle is beginning to be complete and strategies are being placed.

After my gf found me (yes, she found me devastated), everything took off. As one of my gifts to her, I had an animation made with her as the star to present our first start up. I looks beautiful so far. So I will share you that when we are officially launching. It´s supercool how everything is slowly coming to place.

Got me a woman who is COMPLETELY honest with me, someone who is definitely and seriously devoted to being true to me, and I am happy to know that I don´t have to worry about the betrayal and cheating part since we are both on the same mature level on that issue. Having her by my side keeps me grounded now. It´s all I ever needed. My personal security, my home. EVERYTHING CAN FADE AWAY…but having solid and grounded relationship will keep everything into perspective. Of course, there´s a long way to go…but I know, I am headed to the right direction…

I am excited what 2008 has in store for me. I know this is going to be a bang…and my dear God, I have emptied my vessel…I am ready for you to pour down Your blessings…and break out of my own life´s borders.