PhishAlertAI

An AI-powered Chrome extension that detects phishing emails in Gmail in real time using LLM-based analysis and provides a scam score with an explanation.

Comment

Description: Students regularly receive phishing emails disguised as internship offers, visa requests, or job opportunities. These emails trick people into sharing passports, paying fake fees, or clicking on malicious links. Many victims don’t realize the email is a scam until it’s too late, because the emails look legitimate.

What does this project do? It’s a Chrome extension that automatically scans emails when you open them in Gmail. If the email looks like a scam, the extension instantly shows a warning banner at the top of the email, explaining why it’s suspicious – without requiring the user to copy, paste, or click anything extra.

How does it work?

  1. Extension watches Gmail – A content script runs inside Gmail and detects when you open an email.
  2. Email text is extracted – The extension grabs the subject, sender, and body of the email.
  3. Backend analyzes the email – The text is sent to a local Python server (FastAPI) which: Runs a trained machine learning model (TF‑IDF + Logistic Regression) to give an initial scam
    probability. Optionally calls a generative AI (like Gemini or Groq) to get a plain‑language explanation and identify suspicious phrases. Blends both scores into a final risk score.
  4. Warning appears in Gmail – If the risk score is medium or high, the extension injects a color‑coded banner (red/orange) inside the email view with the score, explanation, and suspicious phrases. The banner disappears when you navigate away.

Key features

  • Zero‑click – no manual scanning required; works the moment you open an email.
  • Hybrid detection – combines a fast ML model with generative AI for accuracy and clarity.
  • Visual warning – a clean, non‑intrusive banner that integrates into Gmail’s interface.
  • Popup backup – a popup window lets you manually paste any email text for scanning.
  • Privacy‑aware – emails are only sent to your own backend, not stored anywhere.

Tech stack

  • Chrome Extension (Manifest V3): content script, background service worker, popup
  • Backend: Python FastAPI server
  • Machine Learning: scikit‑learn (TF‑IDF + Logistic Regression) model trained on phishing datasets
  • AI Provider (optional): Gemini, Groq, or any OpenAI‑compatible API for explanations

Current status

  • Backend is fully functional with ML + AI hybrid scoring.
  • Extension auto‑detects opened emails, extracts content, and communicates with the backend.
  • Warning banner appears reliably inside Gmail and clears correctly when navigating away.
  • Popup manual scan works.
  • Performance and UI reliability have been tuned for a smooth demo.

Why it matters It turns Gmail into a safer place for students without requiring any change in behavior. The protection is invisible until it’s needed, and it explains the danger instead of just blocking it, helping users learn to spot scams over time.

Built With

  • chrome-apis-(storage
  • chrome-extension-(manifest-v3)
  • fastapi
  • git
  • groq/gemini/xai/openai-apis
  • javascript
  • joblib
  • notifications
  • python
  • runtime)
  • scikit?learn
Share this project:

Updates