Carue

Carue knows the ins and outs of email security! Having been inspired by rubber duck debuggers, Carue has decided to help you identify phishing attempts and stop you from giving PII! Carue to you!

Comment

Inspiration

The threat of social engineering attacks are becoming more prevalent in modern society. As these attacks become more sophisticated, people need good digital literacy practices. Combining rubber duck debugging and Carue's (a messenger duck from One Piece) expertise in mail, I present Carue's Email Infomation Security Service!

What it does

There are two use cases:

While you are browsing your email

If an email looks too suspicious, you can ask Carue for help! Clicking "Detect Phishing Attempt" will get Carue to scan your current opened email for any signs of phishing. Then, Carue will present his findings and lessons in an interactive, educative way so that you can be a good cyber citizen.

While you are crafting an email

Clicking "Scan for PII" will get Carue to scan your current email draft for any PII (Personally Identifiable Information). Carue will give advice about what to consider about PII before you hit that Send button (if you even should)!

How we built it

Uses JavaScript, HTML, CSS for frontend Contains a manifest.json to be a Chrome Extension Uses Python Flask for backend

Challenges we ran into

  • UI/UX design - Carue is supposed to be for the digitally inexperienced, so a simple, navigable user interface is a must.
  • Scraping for Email Contents - Consistently getting the correct email contents through scraping an HTML document was difficult because the document (of the email page) kept changing
  • No time to train AI/ML or use pre-defined models - Tensorflow did not install on my laptop, so no Hugging Face. Also, training a model on Kaggle would take too long.

Accomplishments that we're proud of

  • Significant prototyping of solution
  • Made a Chrome extension
  • Connected frontend and backend

What we learned

  • Successful cyber attacks start with email phishing, which grow more sophisticated every day
  • There are many techniques to carry out email phishing, and there are many ways to detect it.
  • Web scraping is hard. AI/ML is hard. Frontend/backend is hard. UI/UX is hard.

What's next for Carue

  • Presentable UI/UX design
  • Implement core phishing detection and lesson plan functionality
  • Incorporating more advanced detection techniques and lesson plans
Share this project:

Updates