Email Phishing Detector

PPT Link : https://docs.google.com/presentation/d/1OB5onIWBjoXdCr1d6V0eL_XjeQrhYMAj/edit?usp=drive_link&ouid=110859191005660488252&rtpof=true&sd=true

Email Phishing Detector: Browser Extension Powered by Gemini and Virus Total

Key Data on Malicious Email Attacks

• More than 3.4 billion phishing or malicious emails are sent daily, making up almost 1.2% of all global email traffic.
• 94% of all malware infections start with an email, and phishing scams are responsible for 80% of all reported cybercrime globally.
• The average organizational cost of a phishing-caused data breach is $4.9 million, with global consumer email scam losses surpassing $12.5 billion in the past year.
• Business Email Compromise attacks hit organizations for a median of $50,000–$187,000 per incident.
• Human error (such as clicking suspicious links) contributes to 60% of security breaches, showing why smarter email security and awareness are critical.

Problems with Traditional Email Spam Security System

1. Email clients like Gmail, Yahoo mail etc. fails to detect the Phishing or Malicious Emails. 
2. Spam system considers the mails as spam only if that particular email or that user who sent the emails, reported as spam in past.
3. Many times, it mark the useful emails as spam.
4. In nowadays, attackers uses advance techniques to bypass the spam filter, to launch a phishing attack. They use the psychological techniques to convince the user to click on any malicious link.
5. And to avoid these attacks. It is needed to have a detection system that can smartly detect the malicious emails.

Our Solution

• We build a lightweight chrome extension that uses the power of Gemini LLM to detect the phishing email.
• It analyzes the URLs present in the email and scan them all to find if any of them is malicious.
• It uses the gemini with a smart system prompt to get the behavior analysis of the email.
• It deeply analyzes to email, it detects the pattern the attackers often use to land a successful phishing attack.
• After scanning, it shows the entire scan report using the different color schemes by inject a dashboard in the gmail’s UI.
• It is a very easy to setup and easy to use tool.
• It can avoid the almost every phishing attempt and can save user’s data and funds.
• This can be used by both Organization and Individuals.

Working of tool(Flow):

1. After installation, it injects the “Scan Security” button in the Gmail’s UI.
2. When that button is clicked, extension extracts the subject and content of the opened email, and sent it to the fastapi backend.
3. In backend, first it extracts all the urls present in the contend body and scan them all using Virus Total api and also search the urls in the phishing army malicious url dataset that is downloaded and stored locally in a sqlite database.
4. After getting the scan result of the URL’s. It combines the scan results, Email Content and Email Subject in a System prompt and send it to the Gemini for analysis.
5. Gemini gives a well structured response and that response sent back to the client.
6. On the client side, it shows a well designed and descriptive report with the different color schemes. 

Impact and Benefits

Individual Users

• Defends against 3.4 billion daily phishing attempts, drastically reducing financial fraud risk.
• Automates threat detection, increasing user awareness and peace of mind.

Enterprise Organizations

• Enhances workforce security posture through proactive email threat identification.
• Cuts IT support tickets related to email incidents and supports regulatory compliance.
• Delivers substantial cost savings by preventing security breaches and fraud losses.

Economic Impact

• Potential savings of millions in fraud prevention and lowered cyber security insurance premiums.
• Reduces operational costs through minimized IT support overhead.
• Boosts organizational productivity by preventing security disruptions.