Forwarding Phishy Gmail Internet Headers

When you receive an email message that you suspect is malicious or a phishing attempt you could forward the message to and include the message's Internet headers. Including the Internet headers will give us a much better chance in determining where the message really came from and if it is legit. Without including the Internet headers we have much less information to go on. Just forwarding the message itself does not include the necessary Internet headers. You could also use the "G Suite Message Header Analyser Tool" to help you determine if the message is legit.

Here's how to include the Internet Headers in a forwarded message to the NMU HelpDesk.

    1. With the message open, in the upper right of the message click the "3 vertical dots" and select "Show Original". The Internet headers will be displayed in a new tab in the browser.



    2. Click the "Copy to clipboard" button. A yellow  "Copied to clipboard!" notification will show up at the top of the window. Close the "Original Message" tab in the web browser.


    3. In the upper right of the message click the "3 vertical dots" and select "Forward" and "" in the To: field to forward the message to


    4. Put the cursor in the body of the message to be forwarded and use "Ctrl-V" to paste the headers from the clipboard into the body of the message.


5. Click "Send" to forward the message.


Further details of the process, including a link to the "G Suite Message Header Analyser Tool", are available at the Gmail Help "Trace an email with its full headers" page.

Rate this Article: 
Average: 5 (1 vote)
Documentation Category: