Depending on the kind of e-mail server you have, there MIGHT be a radio button labeled "FULL HEADERS" somewhere near that e-mail message. Yahoo! Mail has one, and when you left-click your cursor on it, you may see a display, similar to this SPAM I received: From Natalie Chapman Mon Dec 7 04:05:14 2009 X-Apparently-To: scorpiomensan@yahoo.com via 206.190.58.201; Mon, 07 Dec 2009 20:09:56 -0800 Return-Path: <> X-YahooFilteredBulk: 80.34.10.104 X-YMailISG: e4SQbSYWLDu6k8Tr48nuWP1.3jZeuxajO.wPHlUjE.aIoYDJf_K9l32JcUhX3pcYuZfs_EHUVbYHx3neRLrE.WPEXKO0WZ0sjGCw.ik2Fx4k1jOX6Br_TzHUuWF_B90IEvArNVUeqOfxiCGFh_fdVtFR0UrYYHeAknk7Vg3WvjgFIWOYik5e7iNf4pH_Nb.i6MzS0DQeguFTb4ImpZ5m2hSY3kToI2sAlwZ1SomG6BP847JgYhr6K3CSq7F_BHn4lmRpgO6PPiHpdrIfxT8VlVw79U7IXi4xaWySQgMgNzvFprbJvwmugrjsEvQux4TEGdVTbJWGlO8- X-Originating-IP: [80.34.10.104] Authentication-Results: mta1046.mail.mud.yahoo.com from=fureai-ch.ne.jp; domainkeys=neutral (no sig) Received: from 127.0.0.1 (HELO 104.Red-80-34-10.staticIP.rima-tde.net) (80.34.10.104) by mta1046.mail.mud.yahoo.com with SMTP; Mon, 07 Dec 2009 20:09:56 -0800 Received: from djtlze ([79.147.216.73]) by 104.Red-80-34-10.staticIP.rima-tde.net (8.13.5/8.13.5) with SMTP id 200912070505028859; Mon, 7 Dec 2009 05:05:51 +0100 Message-ID: <001301ca76f2$7a88cf70$4f93d849@pcgrabaciondjtlze> From: "Natalie Chapman" <anitad76@fureai-ch.ne.jp> Add sender to Contacts To: <scorpiomensan@yahoo.com> Subject: Urgent sale, valid for 2 hours Date: Mon, 7 Dec 2009 05:05:14 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1252"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1437 Content-Length: 48 Note where it says, "X-Originating-IP." That is the senders IP number, which you are seeking. I hope this information is somewhat helpful to you. If the "FULL HEADERS" feature/button doesn't seem to exist on your own e-mail, contact your e-mail provider to inquire if such a function is available, and full instructions on how to enable it to function on your account. +5

Even if you have the IP, fat chance they'll be within the legal jurisdiction of your country. Best thing to do is notify your bank and credit agency of possible fraud.