Upload a suspicious email
Noetis analyzes the original email file and explains what it is and what to do next. Your file is uploaded privately and the raw copy is deleted after analysis.
Prefer to email it? Forward it as an attachment
Don't want to export a file? Forward the suspicious message as an attachment to your personal address below and we'll email the report straight back to you.
Before you upload — tips for the best result
- Upload the original
.emlor.msgfile. That is the best evidence. - Screenshots are not enough — an image can't be analyzed for sender, headers, or links.
- Copied/pasted text is not enough — the hidden technical headers are what we need.
- Forwarded emails may have limited evidence — forwarding can strip the original sender's headers. If you can, attach the original message instead of forwarding it.
- Do not click links or open attachments in the suspicious email before (or after) uploading it.
Prefer to forward it instead, or submitting from a phone? See how to submit a suspicious email for every method and its limits.
How to export the original message (Outlook, Gmail, …)
Steps change as these apps update; if something looks different, look for a “Save as”, “Download”, or “Show original” option.
Outlook (desktop)
- Open (or single-click) the suspicious email.
- Drag the message from the list onto your desktop, or choose
File → Save As. - Save as type Outlook Message Format (
.msg). - Upload that saved
.msgfile here.
Outlook on the web
- Open the suspicious email.
- Click the ⋯ (More actions) menu at the top right of the message.
- Choose Download (saves an
.emlfile). - Upload that
.emlfile here.
Gmail
- Open the suspicious email.
- Click the ⋮ (More) menu next to the Reply arrow.
- Choose Download message (saves an
.emlfile). - Upload that
.emlfile here.
Received the email as someone else's forward? Ask them to send you the original as an attachment, then export that attached message using the steps above.