PhishSight - Phishing Email Investigation

Investigate reported phishing emails in seconds. AI verdicts, threat intel, sender forensics, and safe link preview.

Your email gateway catches most threats. But what about the emails users report as suspicious? PhishSight gives security teams and IT admins a fast, thorough way to investigate reported phishing emails — without leaving Gmail. THE PROBLEM Every "Is this phishing?" report from an employee means context-switching between tools: checking headers in one tab, looking up domains in another, running URLs through VirusTotal, and manually piecing together a verdict. It takes 10-15 minutes per email, and most turn out to be false positives. THE SOLUTION PhishSight analyzes the full email in seconds and delivers a clear verdict with the evidence to back it up: • AI-Powered Verdict — Machine learning classifies the email as Clean, Suspicious, or Malicious with a confidence score and plain-English explanation. • Sender Forensics — SPF, DKIM, and DMARC authentication results at a glance. Domain age, registrar, and reputation checks. Detects spoofing, lookalike domains, and display name deception. • Threat Intelligence — URLs checked against PhishTank, URLhaus, and VirusTotal feeds. Flags URL shorteners, redirect chains, and suspicious link-text mismatches. • Header Analysis — Routing path visualization, authentication chain verification, and timing anomaly detection. See exactly where an email came from. • SecureView Safe Preview — Open suspicious links in a disposable browser sandbox. Inspect landing pages without exposing your machine or network. Session auto-destructs when you're done. • Content Analysis — Urgency language scoring, action keyword detection, attachment risk assessment, and brand impersonation checks. HOW IT WORKS Open any email in Gmail Click "Analyze" in the toolbar (or use the PhishSight popup) Get a verdict with full forensic breakdown in seconds BUILT FOR TEAMS • Team dashboard with shared analysis history • Usage tracking and role-based access • API access for automation and SOAR integration • Dark web credential monitoring (Professional plan) PLANS • Free — 30 analyses/month for individual users • Starter — 100 analyses/month with AI verdicts and VirusTotal enrichment • Professional — 300 analyses/month with team features, API access, and dark web monitoring • Enterprise — Unlimited, with custom integrations PRIVACY & SECURITY • Email content is analyzed server-side and never stored permanently • All tokens encrypted at rest with AES-256-GCM • SOC 2 aligned security practices • No third-party tracking or analytics in the extension PERMISSIONS EXPLAINED • Gmail access (read-only) — to fetch the email being analyzed • Identity — for secure Google sign-in • Storage — to securely store encrypted authentication tokens • Notifications — to confirm sign-in when the popup is closed Questions or feedback? Contact us at support@phishsight.com