# Trying to prove an email is fraudulent



## lowtechy (Jun 11, 2011)

One of our clients is refusing to pay a bill and claims he notified us on a particular date (in a reply to our update) that he had cancelled the contract. He sent me a copy of the email which, indeed, shows the datestamp he claims to have sent it on. This client is high tech and an Authorised Microsoft Development Partner.

An email we got from him 14 days later (in reply to our same update) makes no mention of any cancellation, in fact, it says he was glad to have heard from us and was wondering how things were going.

The result is that a contract, expensive for us to fulfill ran for six more months and he owes us for that.

We suspect that he forgot to cancel the contract and is trying to get himself out of a mess by faking the email notifying us of his wish to cancel.

We know emails opened in notepad can be amended, but I cannot read the content which is mainly just symbols. 

I need to prove this can be done in order to win the court case if we bring one. If not his fakery is purely circumstantial.

Can anyone show me how to prove he could have done this?


----------



## jiml8 (Jul 3, 2005)

I do not think you can prove it.

What email client was he using? If something host-based, like gmail, then you could subpoena the host company for their logs. You might try this with his ISP if he used something like Outlook on his own computer; they might have and maintain records of emails that go through their servers.

YOUR ISP has a mail server, and it is very possible that THEY retain records or backups, and THEIR server would timestamp the email with an arrival time.

The best you can do is infer that he didn't actually send it, you probably can't PROVE it. 

If you have a policy of always responding to such an email, then you can prove you didn't receive it because you didn't respond to it. This could potentially leave him open to liability - particularly if he is "high tech" because sometimes (not often, but sometimes) emails DO get lost. He should know that, and if you didn't respond, then he should follow up to ensure you got the message.


----------



## lowtechy (Jun 11, 2011)

Thank you for that reply. 

The main point is - could he have taken that later email to me and put it into notepad or the like and changed the date sent to 14 days earlier? It is a simple matter to change the text of the email, of course, but is there any way he could have faked the datestamp which appears on the copy he sent me as an attachment.

We're fairly sure he must have done this somehow, but need to know it is possible otherwise we can't proceed. 

I don't need to know how to do it, but do need to know how it could be done by someone with the right level of ability.

Thanks


----------



## jiml8 (Jul 3, 2005)

Certainly he could do that. Piece of cake.


----------



## Bolweevil (Jun 10, 2011)

Most people don't jump to fraud so readily, especially with something so easily tracked as email. It seems far more likely that they did go through the motions of sending the email and for whatever reason, it never made it to your inbox, either due to a problem on their end, or yours. 

Before considering the option of accusing them of fraud, you should eliminate the other possibilities. Like for example, the email he originally sent could have been caught by your server's spam filter for some reason. Have you logged into your host's webmail and checked their spam folder?

I would also suggest you setup some auto-reply confirmation system for important emails and make sure to mention the confirmation email in some conspicuous place where it will be read by anyone trying to contact you. Also, including a second contact method would be good for people experiencing email issues. Alternatively, you could use a form on your site as a method of contacting you as opposed to an email address, which would be less likely to be caught by any spam filters on your host when properly configured.

As mentioned above, no matter how they contact you, confirmation can protect you from any future liability, placing the responsibility of following up on communications in the hands of the customer if there's any doubt you have received them.


----------



## Cookiegal (Aug 27, 2003)

This is not something we wish to get involved in. You should consult a professional and/or forensic computer specialist for this information and a lawyer if you're looking for legal advice or other authorities as the case may be.

Closing thread.


----------

