Early access — now open

This email looks safe.
It's not.

Catches the phishing your spam filter misses — in 3 seconds, before you click. Works in Gmail and Outlook today, with more inboxes on the way.

No credit card · 10 free scans a day · Sign in with Google or Microsoft

1.4M+ threat indicators tracked
6 intelligence sources per scan
<3s typical scan time
Email body never stored No credit card 60-second install
mail.google.com/mail/u/0/#inbox 1
Phixo blocked a phishing attempt
Bulk Email Phishing 100/100 See full report
Phixo
1.8s
Critical Risk
Bulk Email Phishing
100/100
HIGH confidence
THREAT SCORE
What's going on

This email shows 10 phishing indicators. Generic greeting, credential harvesting link, and fake urgency designed to bypass your judgement.

What to do now

Delete immediately. Do not click any links or open attachments. Report to your IT security team.

Warning Signs (10)
Generic greeting — not addressed by name
Fake urgency: "24 hours" deadline
Credential harvesting link structure
Authority impersonation: "security team"
Sender domain registered 4 days ago
How We Decided
Rules engine 7 flags
Safe Browsing malicious
AI reasoning 0.94 score
Domain reputation 18/72 vendors
Links Checked: 1
paypal.secure-login.verify-account.com
Sender Domain
paypa1-secure-login.com
Registered 4 days ago
18/72
Examples of the threats Phixo catches
CRITICALpaypa1-security.com · credential harvest
HIGHnetflix-renewal-2026.xyz · billing scam
CRITICALceo.frank@acme-co.net · CEO fraud · wire request
BLOCKEDinvoice-4872.docusign-alert.co · malware dropper
HIGHapp1e-icloud.support · typosquat
CRITICALchase-verify.net · banking phish
BLOCKEDdhl-parcel-track.xyz · package scam
HIGHgoogIe-drive-share.com · capital i, not L
CRITICALpaypa1-security.com · credential harvest
HIGHnetflix-renewal-2026.xyz · billing scam
CRITICALceo.frank@acme-co.net · CEO fraud · wire request
BLOCKEDinvoice-4872.docusign-alert.co · malware dropper
Why Phixo exists

Your spam filter was built for a
different era.

Modern phishing isn't a typo-ridden Nigerian prince email. It's a well-crafted message from a convincing lookalike domain — built to slip past every filter Gmail and Outlook ship with. Phixo is the second brain that reads every email before you do.

3.4B
Phishing emails sent every day worldwide
APWG · 2025
91%
Of cyberattacks begin with a phishing email
Deloitte
$4.9M
Average cost of a phishing breach to a business
IBM · 2024
<3s
Time Phixo takes to analyse one message across four layers
Benchmark
How it actually happens
01 — Arrives

An email lands in your inbox

From "your bank," "Microsoft," or "your CEO." It looks completely normal.

02 — Click

You click one link

It goes to a page that looks identical to the real login screen.

03 — Enter

You type your password

Eight seconds later, an attacker has it. They don't even need to be online.

04 — Gone

Your account is theirs

Bank drained. Inbox raided. Identity sold on the dark web. Recovery takes months.

Phixo stops it at step 1 — before the email looks safe enough to click.
How it works

Three clicks to install.
Zero after that.

Phixo runs in the background and stays out of the way. You only see it when something's wrong.

01 — INSTALL

Add to Chrome in one click

A single click from the Chrome Web Store — no setup wizard, no permissions circus.

02 — SIGN IN

Sign in with Google or Microsoft

One tap connects your Gmail or Outlook so Phixo can scan the emails you open — and your sign-in carries over to the dashboard automatically.

03 — READ THE VERDICT

Open any email — know what to trust

Phixo activates the moment you open a message in Gmail or Outlook, showing a risk score and a plain-English reason — before you decide whether to trust it.

See it in action

Watch it catch a phish
in real time.

A quick walkthrough: open a suspicious email and Phixo flags it with a risk score and a plain-English reason — before you click anything.

How we catch it

Four checks, three seconds,
before you even open it.

Most tools check one thing — a list of known bad senders. We check four different things at once and weigh the signals together. If the combined picture looks wrong, you get a warning. That's how we catch the new tricks, not just the old ones.

01
Rules engine
instant
02
Google Safe Browsing
real-time
03
AI reasoning
sub-second
04
Domain reputation
sub-second
Try it

See Phixo read an email —
before you install anything.

Three sample emails, real Phixo verdicts. Nothing is sent anywhere — these run right here in your browser so you can see how the engine thinks.

Phixo
1.6s
Critical Risk
Credential Phishing
96/100
HIGH confidence
THREAT SCORE
What's going on

A lookalike domain is impersonating Microsoft to steal your password. The link says account.microsoft.com but actually points to micros0ft-verify.com.

Warning Signs (3)
Lookalike domain — "0" (zero) swapped for "o" in micros0ft
Link text and real destination don't match
Fake 24-hour deadline pressuring you to act fast
How we decided · Links checked: 1
Rules engineFlagged
Link checkMismatch
SPF/DKIM/DMARCFail
AI analysisPhishing
Works where you work
Gmail
Outlook
Yahoo
Proton
Zoho
iCloud
Fastmail
Phixo vs. your spam filter

Catches what your
spam filter can't.

Your privacy

We score the message,
then forget it.

Your email body is processed in memory and discarded the moment we return a score — never stored, never logged, never used to train anything. URLs are hashed, never the raw link. By design, not by promise.

EMAIL
MEMORY ONLY
SCORE
∅ DISCARDED
Instant

You'll know before
you click.

Phixo flags the message before you've reached the sender's name — so you know what you're looking at before you decide what to do with it.

Rulesinstant
URL checkfast
AI~1.5s
Reputationfast
Total (parallel)< 3s
What it catches

The attacks that
look real.

CEO fraud. Fake invoices. Lookalike domains. The emails that look real enough to fool you — and your spam filter.

typosquathomographCEO fraudinvoice scamreply-to hijackbrand spoofcredential harvestwire fraudOAuth phish
Wherever you read mail

Gmail & Outlook.
More coming.

Fully live in Gmail and Outlook today. Yahoo, ProtonMail, Zoho, iCloud, and Fastmail are on the roadmap — shipping in order of user demand.

No black box

Know exactly
why it was flagged.

Phixo shows you the spoofed domain, the suspicious link, the manipulative phrase — so you spot the same trick yourself next time.

What's next

What's shipped.
What's next.

Phixo is built and shipped weekly. Here is what is on the way — and Pro users get every one of these the day it launches.

Inbox sweep In testing

Scan your last 30 days in one click

Already received something suspicious last week? Inbox Sweep retroactively scans your recent mail and flags anything you should have caught. Pro-only.

Shipping in weeks · Beta access for Pro users
Outlook desktop Later in 2026

Native Outlook desktop add-in

Same four-layer engine, packaged as a Microsoft Office add-in. For teams stuck on Outlook desktop where browser extensions don't reach.

On the development roadmap
Slack & Teams Q2 2026

Phishing detection beyond email

Slack DMs and Teams messages are the new attack surface. Phixo will scan inbound links in your workspace channels with the same engine.

Pro users vote on the integration order
SOC API Planned · late 2026

API access for security teams

POST a message, get back the same four-layer analysis. For SIEMs, SOAR platforms, and security teams that want to bake Phixo into their own workflows. Single-user product today — team plan ships when the API does.

Planned — pricing TBD

Have something you want us to build? Phixo is shaped by what users actually need.

Tell us what to build →
Built in public

We're earning trust
the slow way.

Phixo is a new product from a one-person team. Instead of fake testimonials and decade-old enterprise logos, here's what we actually offer.

Open beta. No card required. Install the extension, sign in with Google or Microsoft, and scan up to 10 emails a day forever — free. Detection improves from threat-intelligence patterns, never from your email content — which is never stored or used to train models. Cancel by uninstalling.
Try before you trust
Free for 10 scans a day, no card
Architecture, not policy. We don't store your email body. URLs are hashed before any reputation lookup. Read the privacy section above — every claim maps to actual code, not a marketing promise we hope you forget.
Privacy is verifiable
Enforced by design, not by trust
The founder reads every email. No sales team, no support queue, no chatbot. Reach out at hello@phixo.app and you'll hear back from the person building the product.
Direct line to the builder
No SDR. No ticket queue.
Pricing

10 free scans a day.
$2.99 unlocks everything.

Free
$0forever
A taste of Phixo. Perfect for trying it out and protecting your most important emails.
  • 10 scans per day
  • All four detection layers
  • Gmail & Outlook (more on roadmap)
  • Full risk explanations
  • Email body never stored
Add to Chrome — free
Pro founder rate
$2.99per month
Founder rate · locked in for life
Lock in $2.99/month forever. After the first 100 founders, Pro becomes $4.99/mo — but founders pay $2.99 and get every future feature included.
Limited to the first 100 founders
  • Unlimited email scans
  • Full scan history & threat analytics
  • Custom trust & block rules
  • Priority AI lane (faster scans)
  • Inbox sweep — scan last 30 days SOON
  • All future Pro features — included free
Lock in $2.99/mo before it's gone →

After first 100 spots fill: $4.99/mo or $39/yr

Questions about Pro, billing, or covering a few inboxes? Contact us →
Unlimited is subject to a fair-use limit of 300 scans/day — far beyond any human inbox; it exists purely to stop automated abuse.
FAQ

Questions we get
all the time.

Your email body is processed entirely in memory and discarded the moment a risk score is returned. We never store the body, never log it, and never use it for training. URLs found in the email are hashed (one-way) before any reputation lookup, so we never persist the raw link either. Anonymous scan metadata — risk score, attack type, timing — is retained so we can show you scan history and improve detection.
Yes. Phixo is a legitimate security tool built to protect you from phishing — it is the opposite of a malicious extension. It's published on the Chrome Web Store by Phixo Labs, passed Google's extension review, and requests only the minimum permissions needed to scan the email you're reading. Phixo never stores your email body and loads no remote code — its entire codebase ships inside the reviewed package. To analyse a message it's processed in real time on our servers and by our AI provider under a no-retention agreement, then discarded immediately — never sold, never shared with advertisers or data brokers. You can read exactly what it does on our security page, and reach us any time at hello@phixo.app.
Phixo is built for individuals, freelancers, and small teams who want personal phishing protection without IT overhead — install it and you're protected in under a minute, with no admin console to configure and nothing rewiring your mail delivery. It's intentionally not an enterprise email gateway: there's no organisation-wide admin console or SOC 2 certification today (team features are on the roadmap). If you need company-wide deployment with SIEM reporting, a dedicated enterprise gateway is the right tool. But if you just want your own inbox protected — privately and instantly, with your email analysed in real time and never stored — that's exactly what Phixo is designed for.
Gmail and Outlook (web) are fully supported today. Yahoo Mail, ProtonMail, Zoho Mail, iCloud Mail, and Fastmail are on the roadmap and will ship in order of user demand — sign up and you'll get them automatically when they land.
Spam filters catch bulk junk. They routinely miss targeted, personalised phishing — because those messages look perfectly legitimate to a filter. Phixo scans every message you actually open, including ones that already made it past your spam filter, with four independent layers looking for domain spoofing, manipulation language, and malicious links.
A risk panel appears alongside the email with a SAFE / LOW / MEDIUM / HIGH / CRITICAL score, a plain-English explanation of what was found, the specific red flags, and a recommended action. For CRITICAL and HIGH scores you also receive a desktop notification, and suspicious links are flagged with a clear warning before you open them.
Phixo is currently a desktop Chrome extension. Mobile support is on our public roadmap.
Yes — cancel any time from your account dashboard. Pro remains active until the end of the current billing period. No lock-in, no cancellation fee, no questions.
Early access · now open

Your inbox, quietly
protected.

Join the beta. Install in 60 seconds. Free forever for 10 scans a day — Pro unlocks unlimited.

Email body never stored·No credit card·Cancel anytime