Phishing is the #1 cause of compromised accounts. Got a message that smells off? Paste it below and ScamGuard's AI tells you in seconds whether it's a phishing attempt — and what to do next.
Phishing is when a scammer pretends to be a trusted brand or person to trick you into giving up passwords, payment details, OTPs, or clicking a malicious link. It usually arrives by email, SMS, WhatsApp or a fake call.
Email phishing (mass campaigns), spear-phishing (targeted at one person), smishing (SMS), vishing (voice calls), whaling (targeting executives), clone phishing (resending a real email with the link swapped), and angler phishing (fake support accounts on social media).
An email looking like it's from PayPal saying 'Your payment of $499 was processed — click here if this wasn't you.' The link goes to a fake login page that captures your password. The real PayPal would have you check inside the app, not via an email link.
Scammers buy lists of email addresses, send millions of look-alike emails, and only need a small fraction of people to click. The click either opens a credential-stealing site, downloads malware, or both. AI now writes perfect grammar so 'bad spelling' is no longer the giveaway.
Never log in via a link from email or SMS — type the URL yourself. Enable 2-factor auth on every important account. Use a password manager — it won't autofill on fake domains. And check suspicious messages in ScamGuard before clicking.
Email: reportphishing@apwg.org. SMS: forward to 7726 (SPAM). Brand-specific: phishing@paypal.com, abuse@microsoft.com, etc. And submit to ScamGuard so we warn others about the campaign.
1 free check, no signup needed. Then create an account for unlimited investigations.
We use cookies
ScamGuard uses cookies and the Meta Pixel for analytics and to improve scam detection. You can accept or decline non-essential cookies. See our privacy policy.