Support & Contact

Currently available on Chrome Web Store. Click 'Add to Browser', grant permissions, and you're protected instantly. Firefox, Edge, and Safari coming soon. No account required for basic protection.

Available now: Chrome, Edge, Brave, Opera, Vivaldi (all Chromium-based).
Coming soon: Firefox and Safari. We support desktop browsers; mobile in development.

No account needed for the Free plan (100 checks/day). Create an account for Pro or Enterprise to unlock higher limits, API access, and advanced features.

Visit our Pricing page, click 'Get Pro', and complete checkout. Your browser extension will automatically upgrade once you're logged in.

SafeMode uses multi-layer content-based detection. When you visit a page, we analyze its visual appearance, HTML structure, and behavioral patterns using fuzzy hashing (TLSH, ssdeep) and perceptual image hashing (pHash). This detects phishing sites even if they use different URLs or slight variations.

Most blockers use URL blacklists (reactive protection). SafeMode uses content analysis (proactive detection). We catch brand-new phishing sites within hours, not days. Our database updates multiple times per hour with real-time threat intelligence.

Our crawler monitors PhishTank, OpenPhish, URLhaus, and dark web marketplaces in real-time. New phishing sites are analyzed and added to the database within 15 minutes. Pro users get even faster updates.

Yes. Our visual hash matching detects phishing kits even before they're reported to threat feeds. If a phishing page looks visually similar to a known attack, we flag it immediately.

Partial protection works offline using cached threat signatures. For full protection, an internet connection is required to check hashes against our database.

We never see your URLs or browsing history. Only anonymous content hashes are compared against our database. No personally identifiable information is collected. See our Privacy Policy for full details.

No. SafeMode analyzes page structure and visual appearance, not form data or credentials. We never access password fields, cookies, or session data.

No. SafeMode operates locally in your browser. We only receive anonymized hash values, not URLs. We cannot reconstruct your browsing activity from hashes.

Our threat database is hosted on secure servers in the US (DigitalOcean) with daily backups. All API communications use TLS 1.3 encryption. Hash comparisons happen in your browser using WebAssembly.

Yes. We don't collect personal data, so GDPR compliance is straightforward. You can request data deletion anytime (though we only store anonymous hashes).

No. Our detection uses WebAssembly for high-performance local hashing. Most checks complete in under 1 millisecond. We use efficient algorithms (TLSH, ssdeep, pHash) optimized for speed.

We use a combination of TLSH (trend micro locality sensitive hashing), ssdeep (fuzzy hashing), and pHash (perceptual image hashing). These detect similar content even with minor variations.

Our multi-layer approach achieves >99.5% accuracy. False positives are rare (<0.1%) and can be reported for immediate review. We continuously tune thresholds to balance security and usability.

Yes. Pro plans include 10,000 API requests/month. Enterprise plans have unlimited API access. Use our REST API to check URLs, submit hashes, or integrate with your security stack. Documentation at api.gosafemode.com/docs/

Webhooks are available in Enterprise plans. Get real-time notifications when threats are detected, sent to your Slack, Teams, or custom endpoint.

Yes. Custom rules and whitelisting will be available in Pro plans (coming soon). Enterprise customers can whitelist domains immediately.

Free includes 100 URL checks/day and basic protection. Pro ($2.99/month) includes: 1,000 checks/day, unlimited browser searches, faster database updates (real-time vs hourly), API access (10K req/month), priority support, and email reports.

The Free plan gives you full access to our detection engine with 100 daily checks. Upgrade to Pro anytime for higher limits and advanced features. No trial needed - cancel monthly subscriptions anytime.

Pro subscriptions are billed monthly ($2.99) or annually ($28.68/year, save 20%). Payments processed securely via Paddle. Cancel anytime - no long-term contracts.

We accept credit cards (Visa, Mastercard, Amex), PayPal, Apple Pay, Google Pay, and bank transfers (Enterprise only). Payments processed by Paddle (PCI-DSS compliant).

Yes. Upgrade to Pro instantly via your dashboard. Downgrade at the end of your billing period. Enterprise customers contact their account manager for changes.

Yes. We offer a 30-day money-back guarantee. If you're not satisfied with Pro, contact [email protected] for a full refund. See our Refund Policy for details.

Enterprise includes unlimited API requests, on-premise deployment, dedicated account manager, SLA guarantees (99.9% uptime), white-label options, custom integrations, security audits, and priority support. Contact sales for custom pricing.

False positives are rare but can happen if a site uses similar design patterns to phishing pages. Report false positives to [email protected] with the URL. We'll review and whitelist within 24 hours.

Our database updates every 15 minutes, but brand-new sites may not be in our system yet. Submit the URL via our extension or at gosafemode.com/submit. We'll analyze and add it within 1 hour.

Email [email protected] with the URL and a brief description. Include a screenshot if possible. We'll review and update our database within 24 hours (1 hour for Pro users).

Try these steps: 1) Reload the page, 2) Disable and re-enable the extension, 3) Clear browser cache, 4) Update your browser, 5) Reinstall SafeMode. If issues persist, contact [email protected] with your browser version and error details.

Browser extensions update automatically. You can manually check for updates in your browser's extension settings. Database updates happen in real-time (no action needed).

Free plans have 100 checks/day. Upgrade to Pro for 1,000/day or Enterprise for unlimited. Limits reset at midnight UTC. Your protection continues using cached signatures.