About the Project

💡 Inspiration

Phishing attacks are one of the most common and effective forms of cybercrime today. Despite awareness campaigns, users still struggle to distinguish between legitimate and malicious emails or websites—especially when attackers mimic trusted platforms. We wanted to build a solution that works in real-time, in the user’s natural environment, rather than relying on external tools or prior knowledge.

🚀 What We Built

We built PhishGuard, an AI-powered phishing detection system that integrates directly into the browser via a Chrome extension. It allows users to:

  • Analyze suspicious emails and URLs instantly
  • Receive a clear risk score and explanation
  • Get actionable recommendations in real time

The system combines a Next.js web app, a browser extension, and an AI-powered backend to deliver fast and intuitive threat analysis.

🧠 What We Learned

During this project, we gained hands-on experience with:

  • Building full-stack applications using Next.js and API routes
  • Integrating AI models into real-world workflows
  • Handling CORS and browser extension limitations
  • Designing systems that remain reliable under API rate limits
  • Structuring AI prompts to produce consistent, machine-readable output

We also learned how important UX and reliability are when building security tools—users need clarity, speed, and trust.

⚙️ How We Built It

Frontend: Next.js + Tailwind CSS Backend:API routes for processing and AI calls AI Engine:Cloud-based (Groq) + local model fallback (Ollama with Qwen) Extension: Chrome Extension (Manifest V3) for real-time interaction Deployment: Vercel

Flow:

User input → Extension/Web App → API → AI Model → Structured Analysis → UI

⚠️ Challenges We Faced

API Rate Limits: We hit usage limits quickly and had to implement fallback logic CORS Issues: Enabling communication between extension and backend required careful configuration AI Output Parsing: Ensuring consistent JSON responses from LLMs was tricky Deployment Debugging:Differences between local and production environments caused unexpected issues Email Extraction:** Extracting meaningful content from webmail interfaces required DOM handling

🌱 Future Scope

  • Real-time inbox scanning
  • Multi-model AI fallback for better reliability
  • Chrome Web Store deployment
  • Enterprise-grade phishing detection dashboard

🎯 Conclusion

PhishGuard demonstrates how AI can be embedded directly into everyday user workflows to prevent threats before they cause damage. Our goal is to make cybersecurity accessible, proactive, and seamless.

If you want, I can also make a shorter version (for submission limits) or a more storytelling-style version👍

Built With

  • 3.8b
  • language:-typescript-/-javascript-framework:-next.js
  • local-llm
  • ollama
  • qwen
  • tailwind-css-platform:-web-app-+-chrome-extension-cloud-service:-vercel-database:-none-apis:-groq-api-(llama-3)
Share this project:

Updates