Helping people with computers... one answer at a time.
Email is easy, ubiquitous, and almost trivial to forge or alter. We'll look at why that is, what it means, and one approach to avoiding it.
Hi, I received e-mails (printed out). I am being told by the person who is said to have originally sent the e-mails that they are fabricated e-mails. In other words, he claims that he sent an e-mail to someone and that person modified the content to make it look like they were his words. Can this easily be done. How can I tell if it's been altered or if it is an original?
•
One of email's "dirty little secrets" is the answer to your question: it's trivially easy to alter email as you describe.
In fact, if I understand the scenario you're describing, it might even be easier than that.
There are technologies to help ensure the integrity of messages, but unfortunately they're not something you can apply after-the-fact.
•
If I understand you correctly, you've been handed a print out - a piece of paper - that contains an email message.
You, I or anyone can make a print out look like whatever we want. Just fire up a word processor, text editor, or even a photo editor, and type in what you want. If you have a message to start with, then copy/paste that in as a place to start, but then sure ... edit the heck out of it. There's nothing to stop you.
And once printed, there's no easy way to prove that it was never a real email.
Even without resorting to additional editing tools, some email programs will actually let you edit the message you've received. You can go in, change whatever words you'd like, and then save it, print it out or whatever. Again, it's not that obvious that the message has been altered, particularly once printed.
Where this kind of alteration is more common, though, is not printing, but when forwarding an email.
When you forward an email, most email programs place the original email into the edit window such that you can add your own comments or additional information before you send the message on. The problem is that there's nothing to prevent you from also editing the message being forwarded. Change a "yes" to a "no", a "love" to a "hate" or just add "dis" in front of "agree" and you can completely change the apparent meaning of the original message.
The net result: don't believe everything you read.
There is a solution, but it's something that must be done to a message before it's been sent, and that is to apply a digital signature.
A digital signature uses cryptography to create a fairly random looking string of data that is included with the message being sent:
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) iD8DBQFErFtgCMEe9B/8oqERAupmAKCLH0gSQUJjXQd/SYfjAWAaP/I6mwCgiAT1 1Rpc2RK7GB29LToJfPrYOwg= =z7A1 -----END PGP SIGNATURE-----
(Specifics may vary, but that's the general idea.)
This isn't random data at all. It actually uses some heavy-duty math to incorporate two important pieces of data:
-
The identity (via public key cryptography) of the sender
-
The entire body of the message
By re-calculating when the message is read, the recipient can then confirm:
-
The sender is who the sender claims to be
-
The message has not been altered in any way
Unfortunately, digital signatures (and email cryptography in general) remain uncommon and have several obstacles to widespread adoption. If you know beforehand that message alteration is an important risk for you to avoid, then it's a useful tool to investigate.
Article C3866 - September 12, 2009
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
Any email can be modified, whether in Outlook 2003, in the sent folder or not. The procedure may change depending on the email program, but it can be done. As Leo mentioned, digital signing is one of the ways to ensure what you send stays what you want it to be! This is often required in legal and government situations.
Posted by: Cedric at September 15, 2009 12:18 PMSending an original email I can be who I like to the untrained eye. All I need to do is change "Name" under the account details and the "Reply To" address and I could be Barack Obama!
Posted by: Steve at September 16, 2009 6:39 AMcan the contents of a web mail be altered ?
if emails can be altered, why are they considered as evidence (e.g., Mark Sanford email to mistress - couldn't he have said it was altered )?
26-Oct-2009
Posted by: tex at October 26, 2009 5:07 AM
Burden of proof remains with the prosecution, always.
Email should never be used as evidence. I'd love someone to try and take me to court over an email. I'd have a field day editing away, and it wouldn't change a thing in the email properties. :-)
Posted by: DavidW at December 24, 2010 7:29 AMCan the date an e-mail was sent be altered? If a person did not send a reply until you bugged them about it, can they create an e-mail with a previous date to make it look like they did respond to you?
28-Jan-2012