Illuminate the "reputation" behind an email address

EmailRep uses hundreds of factors like domain age, traffic rankings, presence on social media sites, professional networking sites, personal connections, public records, deliverability, data breaches, dark web credential leaks, phishing emails, threat actor emails, and more to answer these types of questions:

Is this email risky?

Is this a throwaway account?

What kind of online presence does this email have?

Is this a trustworthy sender?

...


Get the API

curl emailrep.io/bill@microsoft.com
{ "email": "bill@microsoft.com", "reputation": "high", "suspicious": false, "references": 79, "details": { "blacklisted": false, "malicious_activity": false, "malicious_activity_recent": false, "credentials_leaked": true, "credentials_leaked_recent": false, "data_breach": true, "first_seen": "07/01/2008", "last_seen": "05/24/2019", "domain_exists": true, "domain_reputation": "high", "new_domain": false, "days_since_domain_creation": 10341, "suspicious_tld": false, "spam": false, "free_provider": false, "disposable": false, "deliverable": true, "accept_all": true, "valid_mx": true, "spoofable": false, "spf_strict": true, "dmarc_enforced": true, "profiles": [ "myspace", "spotify", "twitter", "pinterest", "flickr", "linkedin", "vimeo", "angellist" ] } }

View on Github

Frequently Asked Questions

Defensive use cases
  • Detect targeted phishing attacks.
  • Detect and prevent fraud.
  • Detect throwaway accounts.
  • Require additional layers of verification (MFA) during your signup flow to prevent abuse.
  • Contextualize netflow and other products that analyze email addresses or related data.
Offensive (ethical) use cases
  • Conduct recon on a target email address for credential brute forcing.
  • Construct targeted phishing attacks based off of target's social media profiles.
  • Inform reputation of social engineering campaigns (higher reputation can help avoid the spam folder).
Marketing & Sales use cases
  • Real email address and delivery validation, not reliant on just technical delivery indicators.
  • Protect your sender reputation.
  • Fidelity on catch-all emails and domains.
  • Enrichment on inbound or outbound leads.
This means the email hasn't been seen anywhere trustworthy on the internet. Trustworthy email addresses have a history and record across multiple sources on the web.
No. Spammers and criminals can takeover legitimate accounts or spoof the sender address to trick the end user. A more thorough analysis is required on the email contents and headers to be sure.