Analyze suspicious emails with Tines & urlscan

Forward a suspicious email (or an .eml attachment) to scan@phish.ly, Tines will automatically analyze the URLs with urlscan and send you a report.

Thank you! A sample report will be sent to your email.
Oops! Something went wrong while submitting the form.

How does phish.ly work?

Phish.ly combines the world's leading security automation platform, Tines, and the world's most popular url intelligence tool, urlscan, to automatically analyse suspicious emails for free. You can read how it works behind the scenes here. You can download the story and import it into your own free Tines tenant in minutes!
  • How reliable is the phishing email analyzer?

    The world’s leading security teams use Tines and urlscan to analyze suspicious emails. However, don’t treat this as a silver bullet. Reports should be validated.

  • Can you analyze attachments?

    Right now we prioritize URLs. We’ll hash the attachments and include corresponding links to VirusTotal. If you want to do something more advanced like execute attachments in a sandbox, just download the story and expand on it. We can help you here.

  • Is there a limit to the number of emails I can analyze?

    At this time, there is no limit to the number of emails you can analyze. However, we reserve the right to throttle if the service is being abused.

  • I sent a sensitive email and want it scrubbed, what can I do?

    Tines purges all email data after analysis. URLs submitted to URLscan are private, however, you can request removal through the report option.

A note on security and privacy

  • All email data is purged after analysis.
  • Scans submitted to urlscan are private.
  • When you send us an email to analyze, we add your email address to our mailing list, which is low volume and you can unsubscribe at any time.
By using this service you’re ok with the above.

Observe, automate, control, and assure. Reduce toil with Tines security automation.

Show me how