Code & Development / Fraud Detector
Email Fraud Detector & URL Phishing Checker
Analyze suspicious emails or doubtful links: DNS verification (MX, SPF, DMARC), address reputation, typosquatting, phishing and social engineering.
This tool helps you assess a suspicious email or URL. It combines technical signals (DNS, reputation) and heuristic content analysis — but it is not infallible: no automated analyzer can guarantee 100% that a message is legitimate or fraudulent.
Flownect provides it for guidance only, without commitment of result or liability for your decisions (clicking, replying, transmitting data). Trust your instincts too: if an email makes you uncomfortable, creates excessive urgency or raises strong doubts, the safest course is to touch nothing — don't click, don't reply — and contact the organization via its official channels.
Fraud Analysis
Content (subject, body, URL) is analyzed locally. DNS checks use Google DoH; email reputation uses EmailRep.io (only the address is transmitted). No data stored by Flownect.
How does this tool work?
Real-time DNS
Checks MX, SPF and DMARC via DNS-over-HTTPS (Google) — no API key required.
Email reputation
EmailRep.io flags disposable addresses, spammers or known blacklists.
Heuristic analysis
Urgency, bait, sensitive data, typosquatting on 35+ brands.
Extras
For redirect chains, use the Flownect redirect tracker.
This score is indicative and the tool is not infallible. When in doubt, don't click on a link and contact the organization via its official channels.
Frequently Asked Questions
Short answers — for detailed explanations (warning signs, typosquatting, SPF/DMARC, checklist), see the complete guide on the blog.
Is the score 100% reliable?
No. The score aggregates multiple signals to guide you. A high score signals serious risks, but a low score does not guarantee legitimacy. Always combine automated analysis with your judgment.
How do I check the real sender address?
The displayed name ("From: PayPal") can be forged. Double-click or click on the sender in your email
client to display the address with @, then compare the domain to the official one. See
details in the guide.
Is an HTTPS link necessarily safe?
No. HTTPS encrypts the connection, not the site's legitimacy. A phishing site can have a valid certificate. Always check the domain name, not just the padlock.
What is typosquatting?
It's the imitation of a brand in a domain name (paypa1-secure.com instead of
paypal.com). The tool compares the domain to a list of known brands. Learn more:
typosquatting section in the guide.
What should I do if I clicked a phishing link?
Don't enter any information, close the tab, change passwords from the official site, and report the email to Signal Spam or the URL to Phishing Initiative. Detailed steps in the guide.