Threat console

Email content
Investigate in seconds.

Detect phishing, spoofed senders and credential traps in any email with AI-powered analysis of headers, body and links.

01Input

02Results

What would you like to analyze?

AI-poweredBacked by our threat intelligence datasets for sharper accuracy.

Email · 12 surfaces

Or pick a surface

Web & Links

Messages & Chats

Files & Apps

Identity & Payments

Plain text or pasted email content. For raw files, use Email file.

⌘ + ↵

Zero retention

Submissions are never stored.

Encrypted

TLS-secured in transit.

Live verdicts

20 free analyses / day

Recent samples

Tap a card to load a starter input.

Curated from high-signal surfaces

Step 02 · Results

Awaiting input

Analysis verdict

Run an analysis to surface the live verdict and evidence here.

Ready when you are.

Drop in a URL, message, or file above to populate your analysis verdict here.

Risk score with confidence band
Key signals and evidence summary
Recommended next steps to stay safe

ThreatSnaps analyses are AI-assisted guidance, not legal or financial advice. Always verify through official channels.

About this checker

Email is still the number-one delivery channel for credential theft, payroll fraud and business-email compromise. The ThreatSnaps email analyzer reads the sender, reply-to, subject, body and any embedded links, looks for spoofing markers and impersonation patterns, and tells you whether the message is a phishing attempt.

Red flags to watch for

Display name matches a colleague or vendor, but the sending domain is unfamiliar or recently registered.
Email pushes a wire transfer, gift-card purchase or password change with end-of-day urgency.
Links display a familiar URL but hover-preview to a completely different domain.

What to do if you were targeted

Do not click links or download attachments. Verify the request through a separate channel - call the sender on a known number.
Forward the message to your IT or security team and report it through your mail client's phishing button.
If credentials were entered, reset the password immediately and review recent sign-ins on the affected account.

Frequently asked questions

Do I need to paste full email headers?

Headers help, but they are not required. The body alone is enough for a useful verdict.

Can you detect business-email-compromise (BEC) attempts?

Yes. CEO-fraud, payroll-redirect and vendor-invoice-fraud patterns are common categories the model is trained against.

Is the content I paste shared with anyone?

No. Submissions are used only to produce your verdict and are not sold or shared.

Email contentInvestigate in seconds.