Fake Email Sender Checker
Security ToolsInspect a copied sender line locally to spot brand impersonation, domain mismatches, and display-name spoofing before you trust the message.
- Paste a suspicious link, sender, domain, raw header, or copied message text.
- The tool automatically detects the input type and runs local checks.
- No URL is fetched, opened, or rendered as a clickable result.
Inspect suspicious content
Runs in your browser. Your pasted content is not sent to a server.
Not sure? Just paste it above. We will detect it automatically.
Safe example gallery
How to use the Fake Email Sender Checker
Paste a sender line or display-name email to see whether the visible name matches the actual sender domain. It is useful for spotting impersonation before you reply or click.
What it does
- Compares the display name with the actual sender domain.
- Surfaces brand impersonation and ASCII look-alike patterns.
- Helps distinguish a valid sender from a spoofed one locally.
When to use it
- The sender name looks familiar, but the email address seems odd.
- You want a quick check before trusting a support or payment message.
- A copied sender line includes a brand name and a suspicious domain.
How to use it
- Paste the sender line or email address into the input.
- Add a trusted domain if you know the real sender host.
- Run Analyze locally and review the sender evidence.
- Open the email findings panel to inspect header mismatches if present.
FAQ
- Does this tool fetch suspicious links? No. All analysis runs locally in your browser and the tool does not open or fetch pasted URLs.
- Can I paste raw email headers? Yes. Paste raw headers and the inspector checks From, Reply-To, Return-Path, Authentication-Results, and related spoofing indicators locally.
- Does the inspector send my input to a server? No. Everything stays in your browser. Nothing you paste is sent to a server or third-party API.
- What kinds of spoofing does it look for? It looks for invisible characters, bidi controls, mixed scripts, confusable domains, Punycode hostnames, misleading subdomains, credential-in-URL tricks, and sender mismatches.
- Can it compare a suspicious value against a trusted domain? Yes. You can enter an optional trusted domain so the inspector can compare the pasted content against a known-good brand or host locally.
Related guides
Low risk
0/100
No obvious spoofing indicators were found.
Recommended action
Entities detected
Input kind
Entities
Findings
Network access