Can you read my emails?

No. We never see the content of your emails or any attachments. We only check your account settings, forwarding rules, and security configuration.

What counts as a scan?

One scan is a full security check of one email account. We run 118+ checks covering forwarding rules, connected apps, sign-in activity, and more. Follow-up scans and automatic monitoring each count as one scan.

What happens after the free scans?

Your first 15 scans are free with no credit card needed. We automatically recheck on Day 3 and Day 6 so you can track your progress. After that, pay-as-you-go pricing starts at $0.10 per scan with volume discounts.

How does the scan actually work?

We connect to your account, run 118+ security checks, remove duplicates, apply your preferences, use AI to filter out false alarms, spot connected threats, calculate your security score, and alert you to anything serious. The whole process takes about 60 seconds.

What email providers does InboxWatch support?

InboxWatch works with Gmail (personal and business) and Microsoft 365 (including Outlook.com, Hotmail, and work accounts). Both personal and business accounts are fully supported.

What permissions does InboxWatch need?

We only ask for access to your account settings, forwarding rules, sign-in history, and connected apps. We never ask for permission to read your emails, attachments, or contacts.

How do I revoke access?

Go to your Google or Microsoft account security settings and remove InboxWatch. Access ends immediately.

How often does InboxWatch scan my account?

Automatic monitoring can run as often as every 30 minutes. You can also run a check anytime. Each scan covers your full account: forwarding rules, connected apps, sign-in activity, and more.

Where is my data stored?

Your results are stored in encrypted databases hosted in the US. Your sign-in credentials are encrypted separately. We never store email content because we never access it.

Can InboxWatch see my passwords?

No. InboxWatch never receives or stores your password. We use the same secure sign-in that Google and Microsoft provide. We can check if your email has appeared in known data breaches, but we never have access to your actual password.

Can IT providers manage multiple accounts?

Yes. IT service providers can monitor multiple email accounts from a single dashboard with organization-wide scoring and automatic alerts for new threats across all managed accounts.

How is InboxWatch different from Microsoft Defender or Google security?

Defender and Google focus on blocking dangerous emails before they reach you. InboxWatch checks your account settings: hidden forwarding rules, risky connected apps, unusual sign-in activity, and configuration problems that other tools miss. They work together: Defender blocks bad emails, InboxWatch catches problems already inside your account.

Email Security Check

Find out if someone
is secretly reading your email.

Most people have at least one hidden security problem in their email account. InboxWatch finds it in 60 seconds.

Gmail

Microsoft 365

We never read your emails

Check My EmailFirst 15 scans free. No credit card required.

See what we detect

inboxwatch.ai/scan-results

At Risk

Issues found

53 critical

Checks run

118Complete

Forwarding Rules

Connected Apps

Sign-in Activity

Email Verification

Critical3 days undetected

Hidden Forwarding Rule

All incoming email is being silently copied to:

attacker-inbox@proton.me

You were not notified.

No malware. No phishing link. Just a settings change nobody saw.

Simple Setup

How It Works

Three steps. Under 60 seconds. No software to install.

Step 01

Connect

Step 02

We Check

We run 118+ security checks on your account settings, forwarding rules, connected apps, and sign-in activity.

Step 03

You Fix

You get a plain-English report with a security score and step-by-step instructions to fix anything we find.

See it in action

Under 60 seconds

inboxwatch.ai/scanning

Checking your account…

This usually takes under 60 seconds

Checking forwarding rules and filters

Looking for suspicious sign-ins

Reviewing connected apps

Analyzing incoming emails for threats

Checking for password leaks

Calculating your security score

Real-time progress as we check 118 security settings

5 issues found

inboxwatch.ai/dashboard

Welcome back, Pablo

Your last security check was 28 minutes ago

Score

38/100

At Risk

Issues

3 critical

Checks

118

All complete

Top Issues to Fix

Hidden Forwarding Rule

All email silently copied to attacker-inbox@proton.me

Critical

Suspicious Sign-In Location

New sign-in from Lagos, Nigeria at 3:42 AM (Microsoft 365 only)

Critical

Two-Step Verification Off

Account protected by password only

Recommended

Clear results with one-click fix guides for every issue

Verify our permissions yourself

We only access your account settings, never your email content. See for yourself:

Google Microsoft

15 free scans·Then $0.10/scan, volume discounts available·No commitment

$55B

Stolen through email scams since 2013

Attackers quietly forward your emails to themselves after getting in.

FBI IC3, September 2024

83%

Of account break-ins bypass two-step verification

Most security tools only watch incoming messages.

Proofpoint 2024

70%

Of data breaches start with a person being tricked

A scam email gets them in. What they do to your account after goes unnoticed.

Verizon DBIR 2024

30s

To set up a hidden forwarding rule

No virus needed. Just a settings change nobody sees.

InboxWatch Research

What we check that others don't

Google and Microsoft block dangerous emails. InboxWatch finds problems already inside your account.

13/13security checks covered by InboxWatch

See full comparison across 6 competitors

Feature comparison: InboxWatch vs Microsoft Defender vs Google security
Security capability	InboxWatch	Defender	Google
Score	13/13	4/13	2/13
Detects email scams targeting your business		Partial	Partial
Finds hidden forwarding rules
Checks connected apps for risky access		Partial	Partial
Checks if your password has been leaked online
Phishing test emails for your team
Connects related threats together
Detects sign-ins from unusual locations			Partial
Checks who else has access to your mailbox
Scans calendar invites for risks
Checks file sharing for risky links			Partial

Detection
Scans incoming emails for threats
Protection
Catches people impersonating your brand		Partial	Partial
Spots lookalike website addresses		Partial
Operations
How often it checks	Every 30 min	Manual / Daily	Manual / Daily
Manage multiple accounts in one place
AI filters out false alarms
Privacy & Setup
Reads your email content	Never	Yes	Yes
Time to set up	2 minutes	Days/Weeks	Hours

* We never read your emails. We only check account settings and security.

See all detections118+ security checks across 10 threat categories

We never read your emails

InboxWatch checks your account settings and security, not your messages. Here is exactly what we access and what we do not.

Secure sign-in

You sign in through Google or Microsoft directly. We never see your password.

We never read your emails

We only check your account settings and security. We never open, read, or store your messages.

No IT help needed

Connect your own account in 60 seconds. No tech skills required.

Disconnect anytime

Remove InboxWatch from your account settings. Access ends right away.

Everything we protect you from

Beyond the security check: phishing tests, password leak alerts, lookalike domain warnings, and ongoing monitoring.

See Where Your Email Is Used

Find every service that has your email, and check if any have been breached.

Learn more →

Test Your Team With Fake Scams

Send realistic test emails to see who clicks and who reports them.

Learn more →

Password Leak Alerts

Get notified if your email or password shows up in a known data breach.

Learn more →

Lookalike Domain Alerts

We spot fake website addresses that look like yours.

Learn more →

AI-Powered Analysis

Every scan is reviewed by AI. It learns from your feedback to reduce false alarms over time.

Learn more →

Mark Senders You Trust

Tell us which senders are safe so they stop showing up in your results.

Learn more →

Unusual Activity Alerts

We learn your normal patterns and flag anything unusual, like new forwarding rules or sign-ins from new places.

Learn more →

Connected Threat Detection

We link related problems together so you see the full picture, not just isolated issues.

Learn more →

AI-Powered

AI that learns your environment

Learns your patterns

Mark a false positive once and the AI remembers. Trusted senders and known configs stop generating alerts automatically.

Suppresses noise

High false-positive findings are automatically suppressed. Your dashboard stays focused on real threats.

Full transparency

See what the AI suppressed, why, and restore anything with one click. Track accuracy trends and review history.

Built for AI agents

MCP server, REST API, and webhook alerts. Integrate into any workflow.

View docs →

Frequently Asked Questions

Yes. InboxWatch uses the same secure sign-in you already use with other trusted apps. We only look at your account settings and security info. We never read your emails. You can disconnect InboxWatch anytime from your Google or Microsoft account settings.

Find out what's hiding in your email account.

Check My Email

See what we detect →

No credit card needed · First 15 scans free · We never read your emails

$0.10/scan after free scans

InboxWatch

Defender

Google

Score

13/13

4/13

2/13

Detects email scams targeting your business

Partial

Finds hidden forwarding rules

Checks connected apps for risky access

Partial

Checks if your password has been leaked online

Phishing test emails for your team

Connects related threats together

Detects sign-ins from unusual locations

Partial

Checks who else has access to your mailbox

Scans calendar invites for risks

Checks file sharing for risky links

Partial

Frequently Asked Questions

Find out if someone is secretly reading your email.

How It Works

Connect

We Check

You Fix

What we check that others don't

We never read your emails

Secure sign-in

We never read your emails

No IT help needed

Disconnect anytime

Everything we protect you from

See Where Your Email Is Used

Test Your Team With Fake Scams

Password Leak Alerts

Lookalike Domain Alerts

AI-Powered Analysis

Mark Senders You Trust

Unusual Activity Alerts

Connected Threat Detection

AI that learns your environment

Learns your patterns

Suppresses noise

Full transparency

Frequently Asked Questions

Find out what's hiding in your email account.

Find out if someone is secretly reading your email.

How It Works

Connect

We Check

You Fix

What we check that others don't

We never read your emails

Secure sign-in

We never read your emails

No IT help needed

Disconnect anytime

Everything we protect you from

See Where Your Email Is Used

Test Your Team With Fake Scams

Password Leak Alerts

Lookalike Domain Alerts

AI-Powered Analysis

Mark Senders You Trust

Unusual Activity Alerts

Connected Threat Detection

AI that learns your environment

Learns your patterns

Suppresses noise

Full transparency

Frequently Asked Questions

Find out what's hiding in your email account.

Find out if someone
is secretly reading your email.

Find out if someone
is secretly reading your email.