current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Information Security Stack Exchange is a question and answer site for information security professionals. Join them; it only takes a minute:

Sign up
Here's how it works:
  1. Anybody can ask a question
  2. Anybody can answer
  3. The best answers are voted up and rise to the top
up vote 48 down vote favorite
5

Just got a letter from court saying I made 49 threats to someone I had a problem with three years ago. This person presents "my emails" as evidence. I went through al my emails and I haven't found a single one. The mail presented as evidence all come from my email address. He asks for 20 000 dollars for moral damage! How can this hapen?

share|improve this question
84  
It's easy to send email which appears to come from any address. Sounds like a scam, to be honest... Contact the court, via details found through independent methods (Web search, for example). – Matthew yesterday
41  
Just because an email says "from [email protected]", that does not mean it came from your account. Just like a paper letter, any return address can be used – schroeder yesterday
5  
laugh and throw the letter in the trash... someone is trying to extort you. – Matthew Whited yesterday
33  
Scam. Get a lawyer to review this "letter" if you feel worried. – SnakeDoc yesterday
9  
@LeahG If your email service supports it enable two factor authentication and change your password. Never hurts to play it safe. – Seth yesterday
up vote 116 down vote

Is it a scam?

First of all, make sure that you actually got the letter from a court. This might very well be a scam - it sure sounds like one. Do this to verify that the letter is real:

  1. Make sure that the name of the court correspond to a real court.
  2. Find contact information to that court through some independent method (i.e. not using any information in the letter).
  3. Contact them and ask them if they did in fact send the letter.

If it is not a scam

If it is not a scam, I see three possibilities:

  • The person accusing you of the threats never recieved the emails, and have forged the evidence. That would not be hard to do. (An investigation of the email headers will not help here, since they can also be forged.)
  • Someone has spoofed your email adress, and has sent emails that appear to come from you. This is by no means impossible. (An investigation of the email headers could be useful here.)
  • Someone has hacked your email account (perhaps you used the same password on a site that was breached), sent the emails, and then deleted all traces (e.g. removed them from the sent items folder). (An investigation of the email headers would not help here, since the email is in fact sent from your adress. Access logs from your email provider could prove useful, though.)

In any case, what you need to do is get some legal advice.

share|improve this answer
4  
An investigation of the e-mail headers could help in #3 (the case of hacking), because many e-mail servers are set up to include the originating IP address somewhere in the headers. If that can be taken as legitimate, your ISP should be able to confirm or deny whether the IP address was assigned to your account at the time in question. Of course, there's always case #4: someone hacked your computer and used it to send the e-mails... – Michael Kjörling yesterday
1  
@LeahG Most email software by default omits most of the headers from printouts including all the headers which could be used as hard evidence. The DKIM-Signature header is the most likely one to provide any real evidence, but you need some of the other headers as well in order to verify the signature. Ask your lawyer what it means to the case if that person is in possession of evidence but is withholding it. – kasperd yesterday
5  
@T.E.D. Email headers sometimes have a signature, that's unique to the sender and the content. Even though it's plain text, it's pretty darn close to not-forgable. Sure anyone can edit it, but then it's trivial to show it's been tampered with, because it no longer matches the message + supposed sender's info. (However, someone can simply delete these signatures, in which case you're correct) – Mooing Duck yesterday
2  
@LeahG Email headers can be quite complicated. A good answer for how to do that does not fit into this question, and I don't think I am qualified to answer it anyway. – Anders yesterday
2  
@MooingDuck DKIM signatures are based on RSA and SHA256 (ie. strong cryptography). The public key is kept in a dns record for the domain. It is pretty good evidence that the email was sent by whoever controls the domain, particularly if the email server is hosted by a large provider like gmail. – Bailey S 22 hours ago
up vote 87 down vote

(Assuming US) No court is going to pre-emptively demand a settlement of $20K for a misdemeanor(!!!) before you've even had a chance to testify. Furthermore, threats are a criminal matter; this isn't a property dispute-- the police would have questioned you long ago, before this ever went to court.

If this letter truly claims to have been issued by a court (and you're not misreading it), it's bogus. Call the magistrate's office for the issuing municipality and verify.

If it came from a lawyer's office, it's a shakedown. Don't sweat it. Consult your own-- they may well tell you to just ignore it. The victim/scammer can demand whatever they want; it doesn't mean you're obligated to pay.

Either way, someone's targeting you (possibly the "victim") and one of your first steps needs to be filing a police report to document the fact that someone is either making false accusations or committing criminal behavior in your name. It's easy, free, and sets a precedent that you can later point back to if this escalates or happens again.

Whether or not this is bogus, under no circumstance should you talk to the (alleged) victim.

share|improve this answer
9  
(...) talk to the alleged victim / possible scammer. That is why sometimes it is a good policy to cut phone calls short too. You can never be 100% sure the person on the other side is really what they state to be. – Mindwin yesterday
    
Technical issues aside this is probably the best answer here. A settlement in and out of court is a long lengthy process no matter where in the world(errr.... bar some radical exceptions). – Namphibian yesterday
    
@Johnny The document I got from the Court has the accusations/pleas including the list os mails I "sent him" threatening him to the point he cannot leave home out of fear" (ahah! he goes to gym everyday and take anabolisants that make him a huuuge guy) and asks for 20K for the psichological damage I made.... – Leah G yesterday
3  
@Leah G That sounds like a demand letter then, not any kind of court document. Demand letters can be safely ignored at your discretion, but you really need to see an attorney to validate its legitimacy and tell you how best to protect yourself. Consultations are often free. Whoever's behind this is trying to extort you-- if they had a case, it would have been brought against you in a much more above-board manner. They could also be trying to bait you into doing something that would constitute harassment-- so no further contact! – Johnny 20 hours ago
2  
@LeahG if it's a real court letter and has been independently verified by the court, do not waste any more time on StackExchange and immediately seek the services of a legal professional who understands electronic evidence and can disprove that those letters actually came from you. – Doktor J 7 hours ago
up vote 4 down vote

It is actually very easy to send an email and to enter the email you would like it to show as sent from.

Here is one that i found on a quick google search

I do believe it is a scam like all the others said. But it is very possible for someone to send emails that appear to come from you.

share|improve this answer
    
where do you see the possibility to change the "From" field in this site? – Jakuje 22 hours ago
    
Please accept my appoligies – werner van deventer 21 hours ago
    
The from and the reply to is the same in my oppinion but after testing the website in my answer i came to light that it was no longer working – werner van deventer 21 hours ago
    
sendanonymousemail.net/send.php i used this website to send an email to myself i will keep you updated on the status – werner van deventer 21 hours ago
    
anonymousemail.me/mobile this website works. The point that i whanted to make was that you can send an email from an external website that shows from other emai – werner van deventer 18 hours ago
up vote 2 down vote

Due to the nature of electronic mails, anyone can send a mail with any name from NASA to FBI to your neighbour. You need to raise the court's attention to this.

Get the court release the full emails, including its headers. The headers will tell that the emails did not go through your mail server (or the mail server you use). If you are using an email giant like google, yahoo, etc, like 99% of other people use, it's pretty easy to prove your right, because the absence of DKIM is a clear sign of spoofing. If not, you might have to prove that you did not have access to the server the mail is originated from.

P.S.: Modern email providers automatically use DKIM and SPF for validating authority, and some of them (gmail for example) constantly mark emails as spam whose senders don't use these. I think it's by now a widely accepted standard, and exchanging mails without these techniques is just like regular mail where you claim to be yourself just by writing your name on the envelope.

share|improve this answer
2  
While you're right, it's still trivial to fake an email including all its headers, DKIM/SPF notwithstanding. – Lightness Races in Orbit yesterday
2  
@LightnessRacesinOrbit - Yup. If it was (allegedly) sitting on the guy's computer, he could have easily done anything with it, including write the whole thing himself. – T.E.D. yesterday
2  
Heck, you can fake a whole lot more than e-mail headers. – Michael Kjörling yesterday
1  
...including its headers. And "the court" should actually access the server and e-mails. And the server should be verified. Printed or text-file copies can have anything in them with no logical relationship to whatever might have been "sent". – user2338816 22 hours ago
    
@LightnessRacesinOrbit SPF would be pretty worthless because they could write whatever origin IP is approved by SPF in the header. DKIM is pretty secure though... – Bailey S 22 hours ago

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.