Forward phishing emails, scam messages, or suspicious attachments to us. ThreatDrop Free keeps suspicious-email forwarding open to everyone. ThreatDrop Pro and Enterprise add customer APIs, webhook notifications, detailed evidence reports, and priority analysis for security teams.
submit@blackdome.aiJust forward the email. ThreatDrop Free needs no signup, and paid tiers unlock dashboard access for your own submissions.
Three steps. No signup. No cost.
Got a phishing email? Scam message? Suspicious attachment? Forward it to submit@blackdome.ai.
Attachments are extracted and detonated in isolated microVMs. URLs are crawled. IOCs are extracted and classified.
If confirmed malicious, we notify the hosting company with evidence and identify scam callback numbers so we can report them to their VoIP carriers, including Twilio, Bandwidth, and similar providers.
ThreatDrop starts as a public defense service. When your team needs submission history, evidence JSON, and webhook automation, move into Pro or Enterprise without changing the workflow.
Forward suspicious emails to submit@blackdome.ai, get basic verdict handling, and contribute to the community defense pipeline.
Get API access to your submissions, webhook delivery when analysis completes, downloadable evidence reports, and phone-number identification results.
Start ProAdd SLA-backed support, dedicated analysis throughput, and BlackDome brand monitoring for phishing campaigns targeting your organization.
Start EnterpriseLive totals from the ThreatDrop pipeline, refreshed every five minutes.
You file a report. It goes into a queue. Nothing happens for months. The phishing site stays live.
You forward an email. We detonate it in minutes. The hosting provider gets an automated abuse report with evidence, and scam callback numbers are reported to their VoIP carriers for suspension.
You delete the email. The phishing campaign continues. Other people fall victim.
You forward the email. The threat is catalogued. The IOCs feed a global intelligence network. Everyone benefits.
Have a suspicious file? Upload it directly. Max 25MB.
Drag and drop or browse
Executables, documents, archives, scripts — all accepted
ThreatDrop Free is free for community submissions. ThreatDrop Pro and Enterprise are paid tiers for teams that need customer dashboards, APIs, webhooks, and detailed evidence reports.
We extract all attachments, URLs, and indicators of compromise (IOCs). Attachments are detonated in an isolated sandbox. If the email is confirmed malicious, we send an automated abuse report to the hosting provider with full evidence and escalate scam callback numbers to the carrier that hosts them.
We automatically identify scam phone numbers, look up which carrier hosts them via Twilio, and send an abuse report to get the number suspended.
We never publish individual detonation results publicly. This prevents attackers from using BlackDome as an evasion testing service. Aggregated, anonymized threat data is shared with the community.
Not for ThreatDrop Free. Just forward the suspicious email to submit@blackdome.ai. If you want API access to your own submissions, webhook notifications, and downloadable evidence, create a ThreatDrop Pro or Enterprise account.
Government cybercrime portals collect reports but rarely take direct action against phishing infrastructure. BlackDome automatically identifies the hosting provider and sends a structured abuse report with evidence — leading to faster takedowns.
All types. We specialize in executables (.exe, .dll), documents (.pdf, .docx), archives (.zip, .rar, .7z), and scripts (.js, .vbs, .ps1) — but our pipeline handles any file format.
Every submission makes the internet safer. Start with free forwarding or move into customer APIs and webhooks when your team needs evidence-backed workflows.