HackWatch

Tool directory

Free phishing link checker, scam checks and recovery tools

Use these tools when you need a fast answer: is this link safe, is this message a scam, did my account get taken over, did my data leak, and what should I do next.

Open the tool that matches your situation, review the signs of risk, and follow the next-step guidance for phishing, account recovery, breach response, identity theft, crypto scams, ransomware and incident reporting.

HackWatch is designed as a recovery-first layer on top of technical signals. Instead of trying to outbuild every specialist scanner, these pages translate URL, DNS, TLS, ASN, breach and fraud clues into user-facing response steps that readers can act on immediately.

Scam checker

Scam Checker for Suspicious Messages

Check suspicious SMS, fake delivery updates, payment prompts and urgent verification messages to spot scam pressure before you click, pay or reply.

Open dedicated page

Email review

Email Reputation and Sender Review

Review suspicious senders, domain clues and phishing language to triage risky email campaigns before anyone opens links, attachments or login pages.

Open dedicated page

Email header analyzer

Email Header Analyzer for SPF, DKIM, DMARC and Reply-To Mismatch

Analyze suspicious email headers for SPF, DKIM, DMARC, Reply-To mismatch, Return-Path mismatch and relay-chain clues before trusting a message.

Open dedicated page

Email posture

Email Security Posture Checker (SPF, DKIM, DMARC, MX)

Check SPF, DKIM, DMARC and MX records to find email spoofing gaps, strengthen domain trust and improve business email security posture.

Open dedicated page

URL checker

Free Phishing Link Checker and Domain Intelligence Report

Check suspicious links before you click with hostname, redirects, DNS, TLS, ASN, hosting provider and phishing-pattern analysis in one report.

Open dedicated page

Brand impersonation

Brand Impersonation Checker for Lookalike Domains and Fake Support Pages

Check suspicious domains, senders and fake support portals for brand impersonation, lookalike patterns, punycode, typosquatting and recent-registration risk.

Open dedicated page

Recovery center

Phishing Recovery Center and Account Takeover Guides

Follow step-by-step recovery after phishing, hacked accounts, breach exposure, identity theft and scam incidents across Google, Microsoft, Meta and banking scenarios.

Open dedicated page

Breach checker

Breach Exposure Checker for Email and Password Reuse Risk

Check whether exposed email or reused passwords create real breach risk, then follow a practical 24-hour containment plan and next-step checklist.

Open dedicated page

Identity theft planner

Identity Theft Recovery Planner

Build a step-by-step identity theft response plan after exposed personal data, fraudulent accounts, mailbox compromise, SIM swap or document leaks.

Open dedicated page

Crypto scam checker

Crypto Scam Checker for Fake Investments and Recovery Fraud

Check suspicious crypto projects, fake exchange messages, guaranteed-return claims and recovery-fee demands before sending funds or identity documents.

Open dedicated page

Ransomware triage

Ransomware Triage and Decryptor Finder

Triage encrypted-file incidents with isolation steps, ransom-note analysis, extension review, backup checks and decryptor guidance before recovery decisions.

Open dedicated page

Report incident

Incident Report Intake

Submit suspicious phishing pages, malicious senders, brand impersonation attempts and emerging attack patterns so new scam clusters surface faster.

Open dedicated page

Start with the tool that matches your situation

If you are checking a suspicious link, start with the URL checker. If an account may be compromised, open the recovery guides. If personal data may be exposed, use the breach and identity-theft workflows first.

Best for: suspicious SMS, fake delivery messages, payment prompts, fake verification flows and account takeover lures.

Included workflows

  • Email and sender reputation review for suspicious mail campaigns.
  • Email header analysis for SPF, DKIM, DMARC, Reply-To mismatch and relay-chain review.
  • Email posture checks for SPF, DKIM, DMARC and MX to reduce spoofing risk.
  • URL checker for phishing landing pages and fake login portals with VirusTotal reputation, DNS, TLS, ASN and WHOIS context.
  • Brand impersonation checks for lookalike domains, fake support pages and typosquatting risk.
  • Recovery center workflows for phishing, hacked accounts, breach fallout and identity theft.
  • Breach, identity theft, crypto scam and ransomware triage pages for high-intent search queries, with live HIBP breach context when available.
  • Incident report intake to surface emerging scam clusters faster.