Question

To detect malicious emails, what steps would you take to examine the emails’ originating IP addresses?

Answer 1

Following are the steps to check the originating IP addresses of the emails while detecting malicious content:

• Searching IP address in WHOIS database
• Getting the IP address of the sender from the header of received mail
• Opening email to trace its header
• Now searching the geographical address of the sender in the WHOIS database