Why incident intake matters
Reader reports often surface campaigns before they reach mainstream coverage. A structured intake workflow gives the editorial pipeline early evidence and better clustering data.
Report incident
Use this page to submit suspicious campaigns, fake login portals, malicious senders or emerging scam patterns that should enter editorial review.
The incident intake form helps HackWatch collect early reader signals so new phishing and fraud clusters can be reviewed faster and escalated into coverage.
Reader reports often surface campaigns before they reach mainstream coverage. A structured intake workflow gives the editorial pipeline early evidence and better clustering data.
The strongest reports include the sender, suspicious URL, affected brand, message text, screenshots, timing details and what the user noticed first.
Yes. Even partial signals like a sender address, URL or brand pattern can help connect separate reports into one incident cluster.
No. The form supports editorial and investigative triage. Users should still contact their bank, provider or employer directly if an active compromise is involved.
Scam checker
Check suspicious SMS, fake delivery updates, payment prompts and urgent verification messages to spot scam pressure before you click, pay or reply.
Open tool pageEmail review
Review suspicious senders, domain clues and phishing language to triage risky email campaigns before anyone opens links, attachments or login pages.
Open tool pageEmail header analyzer
Analyze suspicious email headers for SPF, DKIM, DMARC, Reply-To mismatch, Return-Path mismatch and relay-chain clues before trusting a message.
Open tool pageEmail posture
Check SPF, DKIM, DMARC and MX records to find email spoofing gaps, strengthen domain trust and improve business email security posture.
Open tool pageURL checker
Check suspicious links before you click with hostname, redirects, DNS, TLS, ASN, hosting provider and phishing-pattern analysis in one report.
Open tool pageBrand impersonation
Check suspicious domains, senders and fake support portals for brand impersonation, lookalike patterns, punycode, typosquatting and recent-registration risk.
Open tool pageRecovery center
Follow step-by-step recovery after phishing, hacked accounts, breach exposure, identity theft and scam incidents across Google, Microsoft, Meta and banking scenarios.
Open tool pageBreach checker
Check whether exposed email or reused passwords create real breach risk, then follow a practical 24-hour containment plan and next-step checklist.
Open tool pageIdentity theft planner
Build a step-by-step identity theft response plan after exposed personal data, fraudulent accounts, mailbox compromise, SIM swap or document leaks.
Open tool pageCrypto scam checker
Check suspicious crypto projects, fake exchange messages, guaranteed-return claims and recovery-fee demands before sending funds or identity documents.
Open tool pageRansomware triage
Triage encrypted-file incidents with isolation steps, ransom-note analysis, extension review, backup checks and decryptor guidance before recovery decisions.
Open tool page