Paste any suspicious email text or headers to instantly detect phishing, spoofing, and scams — powered by AI + security analysis.
Analyse an Email Now — Free3.4 billion sent daily
Phishing is the #1 attack vector for data breaches. Over 3.4 billion malicious emails are sent every single day. Your spam filter catches most — but not all.
They look legitimate
Modern phishing emails perfectly mimic Apple, PayPal, your bank, and even your colleagues. Logos, colours, and writing style are copied exactly. Only technical analysis reveals the truth.
One click can be catastrophic
A single phishing click can result in stolen banking credentials, ransomware installation, or a business email compromise that costs thousands. Verify before you click.
Recognise these before you even need a tool — then verify with our checker.
Urgency and fear tactics
"Your account will be suspended", "Act within 24 hours", "Unusual sign-in detected". Legitimate companies don't threaten you.
Mismatched sender address
Display name says "Amazon" but the actual email address is orders@amazon-support-123.com. Always check the full address.
Generic greetings
"Dear Customer" or "Dear User" instead of your real name. Your bank knows your name.
Suspicious links
Hover over any link. If the destination doesn't match what the link text says, it's a red flag. Always check with our URL Checker.
Requests for personal info
Real companies never ask for passwords, PINs, or full credit card numbers via email.
Poor spelling and grammar
Many phishing emails originate from non-English speaking countries. Unusual phrasing is a common tell.
Option 1: Paste Email Text
Copy the body of the suspicious email and paste it into our Text Scanner. Our AI analyses it for phishing language, urgency tactics, social engineering patterns, and embedded suspicious links.
Open Text ScannerOption 2: Analyse Email Headers
For deeper analysis, paste the raw email headers into our Email Header Analyser. This reveals SPF/DKIM/DMARC authentication results and the true sending server — exposing spoofed "From" addresses.
Open Header Analyser| Email Client | Steps to Get Raw Headers |
|---|---|
| Gmail | Open email → three-dot menu (⋮) → "Show original" → Copy all text |
| Outlook | Open email → File → Properties → Internet headers section → Copy all |
| Apple Mail | Open email → View menu → Message → Raw Source → Copy all |
| Yahoo Mail | Open email → three-dot menu → "View raw message" → Copy all |
Paste the suspicious email text into SafeSearchScan's Phishing Email Checker. Our tool analyses the language, urgency signals, sender patterns, and any embedded links to detect phishing techniques. For advanced analysis, you can also paste the raw email headers to check for spoofing and authentication failures (SPF, DKIM, DMARC).
Phishing emails typically: (1) impersonate a trusted brand like your bank, PayPal, or Amazon; (2) create a sense of urgency ("your account will be suspended in 24 hours"); (3) contain links to fake login pages; (4) have mismatched sender addresses (the display name says "PayPal" but the actual address is paypal@random-domain.com); (5) request sensitive information directly in the email.
Email headers are hidden metadata that record where an email has been and who sent it. In Gmail: open the email → click the three-dot menu → "Show original". In Outlook: open the email → File → Properties → "Internet headers". In Apple Mail: View → Message → Raw Source. Paste the entire header block into our Email Header Analyser tab.
Email spoofing is when an attacker forges the "From" address to make an email look like it came from a trusted sender. For example, a phishing email might display "security@paypal.com" in the From field but was actually sent from a completely different server. Email header analysis reveals the true origin by checking SPF, DKIM, and DMARC authentication records.
If you've identified a phishing email: (1) Do not click any links or download attachments; (2) Report it to your email provider (in Gmail, click "Report phishing"); (3) If it impersonates a company, forward it to that company's abuse or phishing report address (e.g., phishing@paypal.com); (4) If you already clicked a link, change your passwords immediately and run a virus scan; (5) If financial details were entered, contact your bank immediately.
AI-powered phishing detection · Header analysis · Free to start
Check Email — FreeRelated security tools