Paste a suspicious email and get a breakdown of the warning signs it contains.

Heuristic phishing and scam indicator analysis. Scores pasted email text for urgency language, impersonation patterns, credential-harvesting phrases, suspicious URLs, and sender mismatch signals. Includes detection of payment-platform callback scams (authenticated sender, fraudulent content).

Rule-based scoring engine: urgency vocabulary, financial pressure, generic greeting, URL obfuscation, DMARC-inconsistent senders. Also detects: phone numbers in subject/seller fields from payment platforms (PayPal, Stripe, Square, Venmo, Zelle policy violation), Return-Path SRS relay via third-party domains, bulk-recipient To: patterns (new_batch, list, bulk), callback-scam composite (reassurance language + phone + dollar amount), greeting addressed to raw email address. New verdict tier: Authentic Sender, Suspicious Content fires when auth passes but content signals fire. No external API calls; fully client-side.