Beat the FBI: How to Send Anonymous Email Without Getting Caught

  • MORE

key opening email envelopeAhhh, the anonymizing effects of the Internet. From where you sit, I’m little more than a byline and a couple of hundred black words on a white field. It's a fact, or fiction, that gives many Internetusers solace.

But as some people have recently learned in very real and damaging ways, online anonymity is not a guarantee.

Just ask Violentacrez, the Reddit moderator who posted and hosted risqué pictures of women taken without their consent, and whose name was exposed as Michael Brutsch. 

Ask CIA Director Gen. David Petraeus and his biographer Paula Broadwell, who used the tried-and-failed technique of leaving communiqués in the draft folders of email accounts.

Ask the members of the hacktivist movement Anonymous, whose leaders have been outed, arrested and convicted due to their supposedly untraceable online activities.

If anything, the Internet has made the world a less anonymous place. There are more details about more people available from more places than there have ever been. And we all throw it up there willingly.

But that doesn't mean anonymity is impossible. In fact, sometimes it's necessary.

There are lots of reasons someone may wish to send emails anonymously — to disclose sensitive information, report illegal activity, blow the whistle, carry out an extramarital affair or simply annoy others.

Some of these reasons, no doubt, are better than others, but we're trying not to judge.

Is it possible to communicate with others online with absolute certainty that messages won't ever be traced back to you?

The short answer is "no." But the long answer is "sort of," and is much more interesting. It may the reason you found this page to begin with.

"Security is a function of the resources your adversary is willing to commit," said Julian Sanchez, an attorney with the Cato Institute in Washington, D.C.

"If you've been flagged as a high-priority target by the NSA [National Security Agency] and are under active observation," Sanchez said, "then no, you can probably never have 'total confidence' that your communications won't be traced."

But for the rest of us, it’s definitely a possibility. With the right tools, some vigilance and a little bit of Web savvy, you, too, can best General Petraeus, Hamas, al-Qaida and the Taliban with communiqués so virtually untraceable that they would make James Bond blush.

Biting into the onion

Anytime you want to do something anonymously on the Web, begin by anonymizing your IP address. Begin by trying Tor.

Tor, short for "The Onion Router," is a free system of software and servers around the world that enables anonymous Internet traffic via a decentralized, encrypted peer-to-peer relay process, in which each user is also a relay point.

"Each Tor packet is actually wrapped in layers of encryption, like an onion," Sanchez explained. "So each node in the relay knows where the packet has just come from and where it's going next, but not the ultimate origin or destination."

That makes traffic over the Tor network not only difficult to trace, but also eliminates any third-party culpability.

"The brilliant thing about Tor is that there isn't really anyone to subpoena," Sanchez said. "There isn't any central hub you could go to with a court order and demand they turn over information."

That's the case with your Internet service provider as well. Since Internet traffic hits the Tor proxy client before it goes anywhere else, an ISP would see nothing but the entry-point Internet Protocol address, or the outermost layer of the onion.

Everything you do beyond that is your business and yours alone.

Tor can be accessed through a special Tor browser that's based on Firefox.

This email address will self-destruct in…

Well, almost. Now that your Internet traffic has been anonymized, the hard part is over.

Whatever you do, though, don't log into your primary Gmail or work account. It likely has your name all over it.

That renders Tor useless and, depending on the nature of your messages, will lead to your embarrassment, termination, arrest or worse.

Instead, create a "burner" email account to use over Tor. Depending on what you’re doing and how long you plan on doing it for, several services may fit your needs.

AnonEmail is a great service that further obfuscates a message's source by relaying the message several times before it reaches its destination. Some users have reported that the service does not appear to log IP addresses.

AnonEmail will work without Tor, as will many other “anonymizing” email services, but when anonymity is the most important factor, it's best to leave nothing to chance.

AnonEmail's drawback is its lack of support for attachments. So if you’re leaking a PDF or sending sexy images, this service isn't for you.

Luckily, there's Amnesty Box, a very similar service that anonymizes messages by placing them on its secure server and then sending them from a no-reply email address.

If, on the other hand, you need to anonymously send an email, 10 Minute Mail is the most secure. From the moment users point their browser at the page, they have 10 minutes to use their disposable account.

Whether you want to troll, harass, report or disclose, you’d better do it quickly. Once the clock runs out, the entire account implodes, taking correspondence histories into the void with it, along with anything else you would never want anyone to know.

Best of all, visitors to the page are greeted with a preset, random seven-digit string of numbers and letters, such as, taking the creative work out of the equation. It's an email address meant to be forgotten.

Not out of the woods yet

Even after you've done all this, your anonymity still isn’t a certainty.

"If, for example, [Paula] Broadwell had repeatedly used a Tor connection to access her anonymous account, and then logged into her primary Gmail account or Facebook [in her normal browser, outside of Tor] within the same few minutes," Sanchez said, "there's a fair chance she still could have been traced, or at least been placed on a short list of suspects."

"Tor's not enough," Sanchez added.  "You have to be smart about other aspects of your use of it."

At the end of the day, common sense always wins. Are you one of only a few people who have the information you’re leaking? Chances are no matter how many proxies or how much encryption you use, you’ll be found out.

This guide and the tools outlined in it are just that: tools. How you use them is up to you, and as with other tools, different skills and experience levels will yield different results.

Add a comment
  • Sherrie Raymond Says:

    I have neighbor's that live in my neighborhood that are here in my neighborhood that are doing thing's that are illegal & I need to find out how I can go & turn them in to INS anonymously without them even knowing or My Mom going & knowing what I had did to go & turn someone of our Neighbor's in to INS is there any way or a place that I can go & email anonymously that is out there somewhere if so can some one go & let me know about this place. HELP

  • Caramella Says:

    "Just ask Violentacrez, the Reddit moderator who posted and hosted risqué pictures of women taken without their consent, and whose name was exposed as Michael Brutsch." It is actually good, that he's got uncovered for damaging somebody's privacy.

  • Hemat kumar arya Says:

    Awesome post Sir, this post is really helpfull for those who wanna learn about anonymous emails. There are some latest tools available free of cost which will help you to send unlimited anonymous emails free of cost. These tools are fully safe and will make you fell happy.
    Thank you... :-)

  • Kostja Says:

    If Tor's not enough, there are anonymous remailers, which provide latency instead of realtime communication, which allows them to mix messages multiple times on their way to the recipient ( With the OmniMix frontend you can use it immediately to send anonymous mail messages without the need to create any mail account. Or, in case you need a reply channel, set up an anonymous nym account with it, proven to be very secure as well.

  • Car K. Says:

    I can NOT believe that you included 10-minute Mail for disposable mails but not the original Mailinator, which has served me so well!!

  • KAREN Says:

    i THINK THIS IS A STUPID THING TO DO!!! Jodies Arias did it and got caught!!! Why would anyone do this is beyond my intelligence.

  • JasonD Says:

    You forgot to mention that the reason encryption is no good, is NOT because they can decrypt it. (Though most standard encryptions they can.) The reason encryption is not of any real use, is because if you do not surrender the decryption to them, it makes you a "Threat to national security", and is considered an "Act of treason against your country".

    Eg, Failure to comply will land you life in prison, or worse, leading them to assume guilt by denial. Those committing treason are usually not offered a "Quick and speedy fair trial".

    However, there are infinite ways to be anonymous. Just not from YOUR computer, in YOUR house, on YOUR internet. But I will not get into details, only to say that the most effective form of anonymity comes from some of the most simple low-tech alternative, which you would not even imagine. On-grid, from your computer, in your house, on your internet, yet as simply low-tech as this innocent posting to your article.

    Though, I assure you, there is nothing of importance here, as I am surely the one who typed this message. As it is always the USER who loads pop-ups and pop-unders and knows what will display under every clicked link to text and images. Just as it is always the USER, who programmed every aspect of the 3000+ program files installed on the computer they use. Just as it is always the USER who hand-picks each downloaded program and external file activated on the computer.

    Tell me... How many files are running on your computer now? How many of them did you start? How many of them to you communicate and control directly? How many other programs are those programs capable of controlling without your knowledge or input or control? How many open-ports do you have, listening for external commands from the internet?

    If you got a seemingly innocent "failed attempt" would you think anything of it... Or could that have been a trigger, or a fraction of a note, or a fraction of a scattered series of commands that only the originator and the source could piece together into a form of "communication", without your knowledge of it occurring. Yet, they will easily let you take the blame, with no defence, and the obvious collection of evidence sitting under your nose, without your knowing it, for the government to find.

    Anonymous has not been "Found"... Just some kids, who participated in an "anonymous event", who took the fall for the rest of those who could not be found.

    Anonymous is NOT one group... it is many groups... it is any group... it is all groups... it is you, it is me, it is the government, it is the citizens, it is anyone and everyone.

    Me, yea I do anonymous stuff all the time. Everyone does. But my anonymity is not displayed. If you read something I have written, and you know who I am, that is because I wanted you to know who I am, without inviting every spammer and robot into my life... Just humans who know.

    Next time you speak about "Anonymous", you might want to say, "A group of hacktavists, acting Anonymously.", or "A hactavist group, acting under the name Anonymous."

    Otherwise they will start referring to American terrorists as just "Americans"... Since everyone keeps referring to them as "Anonymous, the group". Nothing is done as a "group", just as "Americans" didn't act as a group when some individual "American terrorist" decided to act on his beliefs.

    Hope you don't talk about Jews in that sense, when talking about Jerusalem's man-slaughter attacks. Life is not about the bottom-dollar. Good to know where our dollars are being spent though. Spare no expense to protect the assets of those with assets, no matter who gets hurt in the process... well, except those who have the assets.

Back to top