Email phishing workflow
Email Phishing Checker
Extract suspicious email links locally and inspect header signals such as From, Reply-To, SPF, DKIM, and DMARC.
What it checks
Hidden href links
Displayed vs actual destinations
Short links
From and Reply-To context
Return-Path
SPF/DKIM/DMARC when present
Message-ID domain
Links found in headers
Limitations
CheckLink provides risk signals and review context, not a guarantee. Verify sensitive links through official channels before acting.
How to use it
1. Paste email text into Email Link Inspector.
2. Scan only the URLs you choose.
3. Paste headers into Email Header Inspector if you have them.
4. Request manual review for invoices, login links, or payment requests.
What results mean
Email text and headers can be complex.
Authentication failures are caution signals, not proof.
Sender mismatches deserve review.
Only selected URLs are sent to the scanner.
Related tools
FAQ
Does CheckLink upload pasted email text?
No. The Email Link Inspector processes pasted text locally and sends only selected URLs to the scanner.
Do failed SPF/DKIM/DMARC results prove phishing?
No. They are caution signals that need context.