Avatar for Username

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

How to copy the full headers of a phishing email so I can paste it in the report

Nuts4Mutts
Nuts4Mutts

Hi! I received a phishing email & the entity that requires me to include all the info about this doesn't accept forwarded emails. I'm supposed to copy the full headers then paste them in the online form I'm filling out, but I can't figure out how to copy the headers! I tried highlighting them, but TBird won't let me do it, nor does "right-clicking>select all" work in this instance either. Please tell me how to accomplish this task so I can submit the complaint report. Thanks for taking the time to read & respond to my question!  :) Best Regards, Nuts4Mutts

Hi! I received a phishing email & the entity that requires me to include all the info about this doesn't accept forwarded emails. I'm supposed to copy the full headers then paste them in the online form I'm filling out, but I can't figure out how to copy the headers! I tried highlighting them, but TBird won't let me do it, nor does "right-clicking>select all" work in this instance either. Please tell me how to accomplish this task so I can submit the complaint report. Thanks for taking the time to read & respond to my question! :) Best Regards, Nuts4Mutts

Chosen solution

Hi Zenos! Thanks for the solution. I agree that copy & paste is not the best way, but considering that attachments can be problematic, even avoided by many because they can transmit malicious code, I think the organization must desire a safer, albeit stupid, way to get the headers & body of the phishing email. While most companies have a special email address to forward these scam/phishing emails to, this one does not. I thought the "Control + U" was to Underline text, so how did you learn that it'd help with Thunderbird? Thanks for teaching me something new! Gratefully, Nuts4Mutts  :)

Read this answer in context 👍 0

All Replies (5)

Zenos
Zenos

That's stupid. Forwarding as an attachment is the best way to get the data to them verbatim. But they want you to use a web form.

However, use ctrl+u to see all the message source, including its headers. Use your judgement to decide how much of it you need to copy and paste into your report. If you start from the top and stop just before the message text itself, you will be guaranteed to have included at least the bit they want, and rather a lot more with it.

Copy and paste tends to lead to long lines being folded to fit, and that's precisely what some spam reporting and analysis systems need to avoid. But if that's what they want...

Modified by Zenos

Nuts4Mutts
Nuts4Mutts Question owner

Chosen Solution

Hi Zenos! Thanks for the solution. I agree that copy & paste is not the best way, but considering that attachments can be problematic, even avoided by many because they can transmit malicious code, I think the organization must desire a safer, albeit stupid, way to get the headers & body of the phishing email. While most companies have a special email address to forward these scam/phishing emails to, this one does not. I thought the "Control + U" was to Underline text, so how did you learn that it'd help with Thunderbird? Thanks for teaching me something new! Gratefully, Nuts4Mutts  :)

haveforkwilltravel
haveforkwilltravel

OK, so what was the solution to displaying full headers? That wasn't in any of the posts that I read.

Zenos
Zenos

Select the message then ctrl+u. (That is, hold down the ctrl key and tap the u key.)

Did you not see that, or do you not understand what it means?

haveforkwilltravel
haveforkwilltravel

No, I didn't see it. Thanks.