Scam Signal Check
Check domain age, MX configuration, and email deliverability to surface common scam patterns.
⚡ 4 credits per call
Uses these tools
Why use this
LLMs give vague answers about scams because they can't verify anything. This circuit provides deterministic anchors — domain age, email deliverability — that the agent can reason against. Text analysis (urgency language, brand impersonation) stays with the LLM; factual signal extraction comes here.
Input
| Field | Type | Required | Description |
|---|---|---|---|
domain |
string | ✓ | The sender's domain (e.g. suspicious-domain.com) |
sender_email |
string (email) | ✓ | The sender's email address |
payment_method |
string | — | Payment method mentioned (e.g. gift_cards, crypto, wire_transfer) |
Flags
| Flag | Meaning |
|---|---|
dns_failed |
Domain does not resolve |
new_domain |
Domain registered less than 30 days ago |
mx_not_configured |
No MX records — domain cannot receive email |
email_not_deliverable |
Email address fails validation |
suspicious_payment_method |
Payment method is a known scam vector (gift cards, crypto, wire transfer, Western Union) |
A partial: true field is added if one or more signals failed. signals_checked tells you how many ran. Whois is skipped if DNS fails (domain doesn't exist).
API Reference
Endpoint
POST https://api.lightningapi.tools/circuits/scam-signal-checkRequired headers
Authorization: Bearer <apiKey>
Content-Type: application/json
Example request
{
"domain": "suspicious-domain.com",
"sender_email": "[email protected]",
"payment_method": "gift_cards"
}
Example response
{
"signals": {
"domain_age_days": 12,
"mx_configured": false,
"email_deliverable": false,
"payment_method": "gift_cards"
},
"flags": ["new_domain", "mx_not_configured", "email_not_deliverable", "suspicious_payment_method"],
"anomaly_count": 4,
"signals_checked": 3
}