Loading…
Look up a domain's SPF / DMARC / DKIM / MTA-STS posture and score how easy it is to spoof for a BEC pretext. Each gap is paired with the specific BEC scenario it enables and a copy-pastable corrected record.
Different angle from the generic Domain Lookup — same data, defender-side framing focused on direct-domain spoofing.
Score BEC risk for the domain you protect.
Reads DNS only — won't catch a domain that auths correctly but sends from a compromised mailbox. The score is the floor of attacker effort, not the ceiling of your safety.
Enter your domain → review the rule failures with attack-scenario context → fix in DNS → recheck → set DMARC p=reject when alignment is clean.