Free public tool

Is this email a phishing attempt?

Paste a suspicious email. Get a plain-language risk check in seconds. Built for anyone who just received something that looks off and wants a second opinion before clicking anything.

No login required Plain-language results Not a forensic verdict

Analyze a suspicious email

Paste the email body. Subject and sender are optional but helpful.

Required
Do not paste passwords, MFA codes, bank details, or personal IDs.
Pasted content is not saved by default.

What we check

  • Urgent or manipulative language
  • Requests for passwords or payment changes
  • Sender or domain mismatch signals
  • Spoofing and social engineering patterns
  • Suspicious links and brand impersonation

When in doubt

  • Verify the sender via a known phone number
  • Ask IT before acting on urgent requests
  • Treat resets, invoice changes, and gift-card requests as high risk

High-risk results should still be reviewed by your IT or security team.

Want protection beyond one email?

The phishing checker is one tool. TractionGRC is the compliance platform behind it. Run your full security program in one place: ISMS operations for ISO 27001 and SOC 2, supplier assurance programs like SSPA and SIG, a TractionScore for maturity, and TractionAI drafting the policies your team has been putting off.

Start free View pricing

TractionAI is analyzing the email

Reviewing sender signals, urgency patterns, spoofing indicators, and suspicious links...

How to copy the email safely

Step-by-step guidance so you do not accidentally trigger the attack.

If an email looks suspicious, do not click links, open attachments, reply, or call any phone number shown. Only copy visible text.

✓ What to copy
  • • The subject line
  • • The sender address shown in the email details
  • • The visible body text of the message
✗ What not to do
  • • Do not click any links just to inspect them
  • • Do not open attachments
  • • Do not reply to "confirm" whether the sender is real
  • • Do not paste passwords, MFA codes, SSNs, bank or card numbers
Safest way to check the real sender
  1. Open the suspicious email, but do not click anything inside.
  2. Go to the From line at the top.
  3. Hover over or click the sender name to open the contact card.
  4. Look for the full email address.
  5. If the real address looks different from what you expected, treat the email as suspicious.
Example
A message may show "Microsoft Support" or your own company name, but the real sender might be support-company@outlook-secure-reset.example. Mismatches like that are major red flags.
Simple steps for Outlook or Gmail
  1. Open the suspicious email without clicking anything inside it.
  2. Look for the sender details near the From line.
  3. If the display name looks normal, hover over it or click it once to reveal the full email address.
  4. Copy only the email address and the body text of the message.
  5. Paste those details into this checker.
How to inspect links safely
  1. Do not click the link.
  2. In many email apps, hover your mouse over the link to preview where it goes.
  3. Look at the website name carefully, especially the ending domain.
  4. If the preview does not match the brand named in the email, treat it as suspicious.
  5. If unsure, do not test it yourself. Send it to IT or your help desk.
Rule of thumb: If the message looks urgent and the real sender address is even slightly different, stop and report it.