Free · Google Safe Browsing + 95+ engines

Free Phishing Checker
Is This Link a Scam?

Paste any suspicious link from an email, SMS, or DM. Scanify detects fake login pages, brand impersonation, and freshly registered scam domains — and shows you a screenshot of the real page, without you ever visiting it.

Check a Link for Phishing — Free

Works on shortened links, email links, and SMS links

95+
Detection engines
7
Phishing signals checked
5s
Average check time
0
Risk to your device
How we catch phishing

Seven Signals. One Clear Answer.

🚫

Google Safe Browsing

Every link is cross-referenced against Google's live blocklist of known phishing and social-engineering sites — the same list Chrome uses to warn users.

🎭

Brand Impersonation

We detect brand names hidden in subdomains — like paypal.secure-verify.xyz — the most common trick in credential-phishing URLs.

📅

Domain Age

Phishing domains live fast and die young. We pull the WHOIS registration date and flag domains created in the last 90 days.

📸

Sandbox Screenshot

We load the page in an isolated browser and show you what it looks like — so a fake Microsoft login page is exposed before you ever see it live.

🔀

Redirect Tracing

Phishing emails hide destinations behind shortened links. We follow the full redirect chain and reveal the final URL.

🔐

SSL Inspection

A padlock doesn't mean safe — scammers get certificates too. We check whether the certificate actually matches the domain and how recently it was issued.

How it works

Check a Suspicious Link in 3 Steps

1

Copy — Don't Click

Right-click the link in the email or message and choose "Copy link address".

2

Paste & Scan

Paste it into Scanify. We check all seven phishing signals simultaneously on our servers.

3

See the Truth

Get a 0–100 risk score, the real destination, the domain's age, and a screenshot of the actual page.

FAQ

Common Questions

How do I check if a link is a phishing link?
Copy the link without clicking it, paste it into the checker above, and run the scan. You'll see whether it's on Google's phishing blocklist, how old the domain is, whether a brand is being impersonated, and a screenshot of the actual page.
What are the signs of a phishing URL?
Brand names in the subdomain of an unrelated domain (paypal.secure-verify.xyz), misspellings (paypa1.com), very new domains, urgency bait ("account locked"), and shortened links. Our guide on what phishing is and how it works covers all of these.
What should I do if I already clicked a phishing link?
If you clicked but entered nothing: run an antivirus scan and you're likely fine. If you entered a password: change it on the real site immediately, enable 2FA, and change it anywhere you reused it. If you entered payment details: contact your bank now.
Is this phishing checker free?
Yes — free with no credit card. Pro ($9.99/mo) adds unlimited scans, PDF reports, scan history, and API access.
Can it check links from text messages (smishing)?
Yes. Forward the text to yourself or copy the link from the message, then paste it into the checker. SMS package-delivery and bank-alert scams are among the most common phishing vectors we see.

What is a Phishing Checker?

A phishing checker (or phishing URL checker) analyzes a link for the telltale signals of a credential-stealing or scam site: presence on phishing blocklists, brand impersonation in the domain, a recently registered domain, SSL anomalies, and deceptive redirects. Scanify's phishing checker combines Google Safe Browsing, 95+ antivirus engines, WHOIS, SSL analysis, and a live sandbox screenshot into a single 0–100 verdict — so you don't have to interpret raw data.

Phishing Checker vs. URL Scanner — What's the Difference?

A general URL scanner looks for all threat types: malware downloads, exploit kits, scams, and phishing. A phishing checker focuses on impersonation — fake login pages and brand spoofing designed to steal credentials. Scanify runs both analyses on every scan, so either tool gives you the complete picture.

The Most Common Phishing Lures Right Now

Package-delivery texts ("your parcel is held"), bank security alerts, payroll/HR document shares, crypto giveaway sites, and seasonal bait like IRS tax-refund scams and Black Friday deal scams. If a message creates urgency and asks you to click — check the link first.

How to Protect Yourself from Phishing

Never enter credentials on a page you reached from an email or SMS link — navigate to the site directly instead. Enable two-factor authentication everywhere. Check any suspicious link with a phishing checker before clicking, and learn how to tell if a website is fake. For files attached to suspicious emails, use the free file malware scanner.

That Link in Your Inbox? Check It First.

Fake login pages exposed in 5 seconds. Free.

Open Phishing Checker →