Loading
Is your email address being targeted by attackers? Check against 110,774+ email addresses captured from real SMTP attacks on our honeypot sensor network.
Enter an email address to check
We operate a global network of honeypot servers that mimic real mail servers. When attackers send phishing emails, spam campaigns, or malicious messages through our SMTP honeypots, we capture the full message envelope — including every recipient address.
This page lets you check whether your email address has appeared as a recipient in any of those captured messages. Unlike breach databases that show where your credentials leaked, this shows whether attackers are actively targeting your address with malicious mail.
If your email appears in our database, it means attackers have used your address as a recipient in messages sent through our honeypot SMTP servers. This is not a data breach — your password and accounts are not compromised. It means your email address is on attacker target lists used for phishing, spam, or social engineering campaigns.
Email addresses end up on these lists through public exposure (websites, forums, social media), previous data breaches at other services, or automated harvesting. For a broader view of attacker behavior, explore targeted usernames, our detection catalog, or browse top attacking IPs.
You can integrate this data into your security tools via our REST API, use the sikker CLI from your terminal, or block known attackers with Fail2Ban. All plans include access — view pricing or get started free.