Pricing

Simple, transparent pricing

No contracts. Cancel anytime. Start free with no credit card.

Free

$0 /mo
  • Monitor 1 domain
  • 5 visible alerts per domain
  • Daily scans (every 24 hours)
  • Email alerts
  • Basic abuse report tools
  • Access to guides
  • Google sign-in
Get Started Free

Starter

$49 /mo
  • Monitor up to 3 domains
  • Everything in Free, plus:
  • Unlimited alerts
  • Hourly scans
  • Email, Slack, and Webhook alerts
  • CT log monitoring
  • Threat intelligence feeds
  • Full abuse report and phishing tools
  • REST API access
  • Priority support
Get Started

Pro

Most Popular
$99 /mo
  • Monitor up to 10 domains
  • Everything in Starter, plus:
  • Site screenshots (headless Chromium)
  • Daily visual change detection
  • Screenshot history (up to 30 per alert)
  • CDN detection
  • Domain availability and pricing checks
Get Started

Business

$249 /mo
  • Monitor up to 50 domains
  • Everything in Pro, plus:
  • Team access (up to 10 members)
  • Email Security add-on included
  • Audit log export
  • Compliance-ready — supports NIS 2, DORA, HIPAA, PCI DSS 4.0
Get Started
Add-ons

Optional add-ons

Bolt extra capabilities onto any active Starter or Pro plan. Cancel anytime.

Email Security

$15 /mo

Stop attackers from spoofing your email. The Email Security add-on monitors your DMARC, SPF, and DKIM records and ingests aggregate reports so you can see exactly who is sending email claiming to be you.

  • DMARC aggregate report ingestion
  • Compliance scoring (DMARC/SPF/DKIM)
  • Unauthorized sender alerts
  • 365 days of report history
  • DMARC and SPF record builders
  • Covers every domain on your plan
Add-on for Starter and Pro Included with Business
Compliance

Helps you meet email-security clauses in NIS 2, DORA, HIPAA, and PCI DSS 4.0

Modern compliance frameworks have explicit requirements for phishing protection, brand impersonation detection, and email authentication. PhishFence delivers the continuous monitoring and evidence trail auditors look for.

EU

NIS 2 Directive

Article 21 requires essential and important entities to implement cybersecurity risk-management measures including "the use of cryptography and authentication" for electronic communications. PhishFence monitors DMARC/SPF/DKIM posture, detects brand impersonation attempts, and produces audit-ready evidence logs.

EU

DORA (Financial sector)

Digital Operational Resilience Act Chapter II mandates ICT risk management for financial entities, including detection of anomalous activities and third-party impersonation. PhishFence covers the phishing-surface side: lookalike domain detection, email-authentication monitoring, and structured incident logs.

US

HIPAA Security Rule

45 CFR 164.308 requires covered entities to guard against malicious software and protect patient data from unauthorised access — including phishing campaigns targeting clinical staff. PhishFence flags the lookalike domains attackers register before launching those campaigns.

Global

PCI DSS 4.0

Requirement 5.4.1 (effective March 2025) mandates processes and automated mechanisms to detect and protect personnel against phishing attacks. PhishFence delivers the detection layer: continuous lookalike-domain monitoring and DMARC enforcement tracking map directly to the control.

PhishFence is a monitoring tool, not a certification body. Your compliance posture depends on how you operate the tool alongside the rest of your controls. Read our compliance playbooks for specific control mappings.

Compare plans

Feature Free Starter Pro Business
Domains monitored 1 3 10 50
Alerts 5 per domain Unlimited Unlimited Unlimited
Scan frequency Daily Hourly Hourly Hourly
Email alerts
Slack + Webhook alerts
CT log monitoring
Threat intelligence feeds
Email Security (DMARC/SPF/DKIM) +$15/mo add-on +$15/mo add-on Included
REST API access
Priority support
Site screenshots
Visual change detection
CDN detection
Domain availability checks
Team access (up to 10 members)
Audit log export

Frequently Asked Questions

Is the Free plan really free?
Yes. No credit card required and no time limit. You get 1 monitored domain with daily scans and up to 5 visible alerts. Sign in with Google to get started.
What does '5 visible alerts' mean on the Free plan?
PhishFence detects all lookalike domains for your brand, but the Free plan only shows you the top 5 alerts per domain. Upgrade to Starter or Pro to see all detected threats.
Can I change plans later?
Yes. Upgrade or downgrade anytime from your billing page. Changes take effect immediately and are prorated.
What payment methods do you accept?
We accept all major credit cards via Stripe.
Can I cancel anytime?
Absolutely. Cancel from your billing page or the Stripe customer portal. No cancellation fees.
What happens to my data if I cancel?
Your scan history and alerts are retained for 30 days after cancellation. You can export your data at any time.
What is CT log monitoring?
Certificate Transparency log monitoring watches for new SSL certificates issued for domains that look like yours. This catches phishing sites before they even go live, since attackers need a certificate to serve HTTPS.
What threat intelligence feeds are included?
Starter and Pro plans check alerts against URLhaus, Google Safe Browsing, and PhishTank to enrich risk scores with real-world threat data.
What is included in the Email Security add-on?
The Email Security add-on costs $15/month and is available to Starter and Pro subscribers. It includes DMARC aggregate report ingestion, SPF/DKIM monitoring, compliance scoring, unauthorized sender alerts, 365 days of report history, and built-in DMARC and SPF record builders. The add-on covers every domain on your plan. It is included at no extra cost with the Business plan.
Do I need a paid plan to buy the Email Security add-on?
Yes. The Email Security add-on requires an active Starter or Pro subscription. Free users cannot purchase the add-on alone. Business plan subscribers get it included automatically.

Payments processed securely by Stripe.