Is this email a phish?
Paste the raw email (with headers if you have them, or just the body). We'll extract every URL, scan each one, score the sender for brand impersonation, and flag urgency / credential-harvest patterns.
What we check
Every URL in the email is scanned through Google Safe Browsing, VirusTotal, URLhaus, lookalike detection, RDAP, DNS, TLS history, and Claude AI page analysis.
Detects when the display name says "PayPal" but the address is from a different domain — the #1 BEC tell.
"Verify your account", "suspended", "expires in 24 hours", "final notice" — we flag the standard urgency playbook.
Asks you to click a link AND enter a password? Almost always credential harvesting.
Fake invoice / wire transfer requests with mismatched attachments — the most expensive scam type in the world.
Mismatched From: name and sending domain is one of the strongest signals — we score it heavily.
How to forward an email here
- 1.In your email client, find the option to view raw source or show original. (Gmail: ⋮ → "Show original". Outlook: File → Properties → Internet headers + body.)
- 2.Copy everything — From, Subject, Date, and the message body.
- 3.Paste it into the box above. We only need text — no attachments, no images.
We don't store your email content. URLs we scan are kept in our public feed (domain only — no email body, no headers).