See your DMARC, SPF, and DKIM posture without a credit card. Catch lookalike domains and phishing sites before your customers do. Built for SMBs who got priced out of the enterprise tools.
15 free DNS and email security tools at phishfence.io/tools. No signup. No card.
of phishing attacks use
lookalike domains
to set up, not days.
Results start immediately
continuous monitoring
so nothing slips through
Get alerted the moment someone sets up a fake version of your site, not after your customers fall for it.
Finds threats that most tools miss. PhishFence checks every way an attacker could twist your domain name, from subtle typos to convincing lookalikes, covering thousands of variations automatically.
Get alerted the moment someone targets your domain, often before the attack even reaches your customers. PhishFence spots threats while attackers are still setting up, giving you time to act first.
Every domain we find is checked against global threat databases used by browsers and security teams worldwide. If a domain targeting your brand is already known to be malicious, you will know immediately.
Stop wasting time on false alarms. Every threat comes with a clear risk level and the context you need to decide what to do about it.
Every lookalike domain is scored by active signals: DNS resolution, SSL certificates, live web content, and email capability. You see exactly what each domain is doing and which ones need your attention first.
See the registrar, registration date, IP address, SSL certificate issuer, and CDN provider for every threat. Everything you need to build a case and take action, all in one place.
See exactly what your customers would see if they landed on a fake site. Screenshots are captured automatically and tracked over time so you can spot when a dormant domain turns into an active threat.
PhishFence doesn't just find threats. It gives you the tools to shut them down.
Stop spending hours tracking down who to contact. PhishFence finds the right abuse contacts, pre-fills the report for you, and links directly to the forms you need. What used to take days now takes minutes.
Report malicious domains to the services that browsers and email providers rely on to block phishing. One click submits to multiple blocklists at once, and you can track the status of every report.
When a lookalike domain is unregistered, we check availability and show the registration price so you can register it defensively before attackers do.
Lookalike domains are only half the problem. Attackers also send email pretending to come from your real domain. The Email Security add-on monitors your DMARC, SPF, and DKIM records so you can lock that door for good. One add-on for Starter and Pro, included with Business.
Point your DMARC reports to PhishFence and we parse the aggregate data for you. See which servers are sending email claiming to be you, whether they pass authentication, and get alerted the moment an unauthorized sender shows up.
See your DMARC, SPF, and DKIM configuration at a glance with a clear compliance score. PhishFence checks every record, identifies weak policies attackers love to exploit, and tells you exactly what to fix first.
Skip the DNS record guesswork. Answer a few questions and PhishFence generates the exact DMARC and SPF records you need, with safe rollout guidance so you can move to enforcement without breaking legitimate email.
Get notified where your team already works. Connect to your existing tools. Follow clear guides for every step.
Get notified by email, Slack, or webhook the moment a new threat appears, a risk level changes, or a suspicious site updates its content. Never miss a critical alert because it went to the wrong channel.
Pull threat data into your existing security tools and workflows. Automate your response process and keep your team's systems in sync with a simple, well-documented API.
Step-by-step guides for protecting your email, filing abuse reports, getting phishing sites blocked, and registering defensive domains. Written by security practitioners for security practitioners.
Enter any domain you want to protect. PhishFence immediately starts scanning for every possible lookalike variation an attacker could use.
PhishFence monitors around the clock on a recurring schedule. When a new threat appears, you are the first to know, not your customers.
When a threat surfaces, you get a clear risk assessment, visual proof, and one-click tools to report it and get it taken down fast.
No credit card required. No trial that expires. See real threats targeting your brand before you pay anything.
Domain
Alerts
Scans
Notifications
Monitor 1 domain free, forever. Paid plans add hourly scans, more domains, REST API, integrations, and the Email Security add-on. Cancel anytime, no contracts.
Google Cloud Platform
Encrypted in transit and at rest
CSRF protection
Rate-limited authentication
Bcrypt password hashing
Token-authenticated API
Stop phishing attacks before they reach your customers. Start free, upgrade when you are ready.
Start Monitoring Free1 domain, 5 alerts, daily scans. Free forever.