Home > NewsRelease > Email as a signed contract vs. fraudulent emails
Email as a signed contract vs. fraudulent emails
Steven Burgess -- Computer Forensics Expert Steven Burgess -- Computer Forensics Expert
For Immediate Release:
Dateline: San Luis Obispo, CA
Thursday, April 14, 2022


Email as a signed contract vs. fraudulent emails

We all send and receive email, but did you know that what you say in an email can be interpreted as a legal contract? And that sometimes, emails are fraudulent?

Both are true.

The Statute of Frauds

Although email didn’t exist in 1667, the Statute of Frauds describes the basis for contracts that can now be authorized via email. The Statute, authored by one Lord Nottingham, requires that certain types of contracts be in writing and be signed. Some of these types of contracts currently include those for marriage and prenups, for guaranteeing debt, for selling goods costing more than $500, and for transfers of property – especially land and mortgages.

The United States Government allows and even promotes electronic signatures for tax returns, Security and Exchange Commission filings, student aid applications, and more.

And of course, many business contracts are executed via websites and email. My wife and I recently bought a house and the number of DocuSign documents requiring an electronic signature was truly extraordinary.

There are requirements for “wet ink signatures,” which include, for instance, my business line of credit renewal, and the final contracts for the purchase of our new home.

blankThe United States Citizenship and Immigration Services (USCIS) also requires wet ink for finalizing certain immigration applications.

Way back in 1994, the Statute Act was amended to say, “The tangible written text produced by telex, telefacsimile, computer retrieval or other process by which electronic signals are transmitted by telephone or otherwise shall constitute a writing and any symbol executed or adopted by a party with the present intention to authenticate a writing shall constitute a signing.” Dated language, but it means electrons can be the same as ink.

As early as 2004, a New York court, relying on this 1994 amendment, accepted that an email signature satisfies the requirement of Statute of Frauds for the transfer of interest of real property. (I don’t know if it does for imaginary property!).

The court said, “This Curt holds that the sender’s act of typing his name at the bottom of the e-mail manifested his intention to authenticate this transmission for Statute of Frauds purposes and the copy of the e-mail in question submitted as evidence by the defendant constitutes a sufficient demonstration of same.”

The upshot of this is that, if you put your name and contact information at the bottom of an email that contains a contract of the type summarized above, a court is likely to consider it as valid as if it were signed by hand with a pen.

Fraudulent Emails

We are called on regularly to authenticate emails – to see whether they have been faked by a party.

Even though – and especially because – contracts via email are generally considered valid if they have a digital signature, it is also possible for them to be ruled invalid.

A digital signature, as suggested above, may be as simple as a name and contact information appearing at the end of an email.

Sometimes an email and/or its attachment is manufactured to appear authentic, even though it is a fake.

How is an email and/or its attachment authenticated?

The attachment and the email musty be reviewed separately. The attachment may be one of any number of possible formats, such as an MS-Word document, a PDF, or a digital image. Each of these requires a different approach to authentication.

Any document will have a creation date and a modification date. These need to make sense in the context of the date and time of the email to which they are attached.

Some documents – an MS-Word document, for instance – may contain a large amount of embedded metadata that can show the current author and several previous authors, a location and several previous locations, and previous titles of the document. In some cases where the authenticity of the email or its attachment is in doubt, this metadata must be extracted and examined to see if it makes sense in the context of what is being claimed about the email or document. What is visible on the face may not tell the whole story.

Additionally, the computer on which the document was drafted is likely to contain draft versions of the document that may be recoverable, even though deleted.

Attached images may contain GPS data and data about the make, model and serial number of the camera involved, not to mention a date and time of digitization and/or modification. These again, may be important in telling the tale of an email’s source and subsequent manipulation.

Finally, the email itself contains information about its source in time and space. An expanded header, beyond the Subject, To, From, and Date that we’re used to seeing contains information that can tell us the IP address and name of each of the servers it has traveled through – or “hops” it has taken – along with the dates, times and IP addresses of them.

A Real-Life Case

I was contacted by an attorney about his client, a somewhat eccentric older gentleman who claimed that a contract that appeared to have been signed by him had not, in fact, been signed by him and that the email wasn’t one he had ever sent. At his counsel’s request, he reviewed all of the emails in his inbox and outbox, but the one in question simply wasn’t there.

The attorney told me that he thought the old fellow was probably forgetful or had accidentally failed to preserve this older contested email, and wondered if it was worth the effort of looking into it.

In the meanwhile, the client brought his computer directly into us, knowing that his own counsel was doubting him, and asked me to authenticate this questioned email. Was it real or manufactured?

It turned out to be an easy one, with very little in the way of forensic analysis. The time in the email’s header said a particular date and time, and the words, “Eastern Standard Time.” But the date was during Daylight Savings Time. Mail servers do not make this mistake. So, it was a slam dunk – the email was faked and the gentleman was not out a piece of property and a chunk of cash.


The history of law with regard to contacts and signatures is long. With just a little interpretation, it extends from the world of molecules (paper and pen) to our modern world of electrons (email and attachments). Paper documents require a forensic document examiner, but electronic documents use the services of a digital forensic analyst.

While a few characters consisting of a few bytes at the end of an email may appear innocent, a proper forensic analysis might tell a different story.

Contact Steve Burgess: steve@burgessforensics.com
(866) 345-3345 ; (805) 349-7676

Pickup Short URL to Share
News Media Interview Contact
Name: Steven Burgess
Title: President
Group: Burgess Consulting
Dateline: San Luis Obispo, CA United States
Direct Phone: 866-345-3345
Cell Phone: 805-349-7676
Jump To Steven Burgess -- Computer Forensics Expert Jump To Steven Burgess -- Computer Forensics Expert
Contact Click to Contact