Go-Phish

Go Phish is a browser extension that detects phishing emails with 96% accuracy. Users earn unique fish as rewards, build a collection, and compete on leaderboards, making email security engaging!

Comment

Front End: React + TypeScript + Vite + Figma

Back End: Django + Scikit-Learn + PostGreSQL + GroqAPI (llama 3 model)

Issue: In this current day, email phishing is more popular than ever. 333 Billion Phishing emails are sent daily, resulting in around $44 million being lost annually.

What it does: Our Innovation combines importance of identifying and reporting phishing emails with the exhilirating expierence of catching fish, all in a browser extension called Go Phish! Our ML model lies at the core of our solution. Trained with over 18.6k rows of classified phishing emails, our ML model achieves a staggering 96% accuracy to detect potential threats. Furthermore, our project successfuly identifies a phishing scam, whilst also providing an in depth reasoning as to why this email is a scam. The user is rewarded with a gacha-like fishing game, where the user is rewarded with various kinds of breath-taking fish. Over time, the user can create a "fish tank", comprising of their various collected fish. The user can access a leaderboard, where they can compete with colleagues and peers within their organization to see whose collected the rarest fishes (Try and get the Purple Whale!).

How we built: Keeping the user experience at the top of our priorities, we started our project by ideating our user flow in Figma. We created 4 seperate tabs, from detection to fishing, producing a modern yet simple user interface.

Screenshot 2024-11-10 at 6 23 31 AM

How We Created It

For our front end, our web extension leverages React.js + TypeScript, creating dynamic components in our ever-changing DOM.

For our back end, our server was hosted on Django, allowing for seamless API calls and effective data storing with PostgreSQL. With this backend stack, we were able to achieve proper user authentication, the ability to join organizations, exciting competition with friends, and last but not least, the power to create your own acquarium

For our Machine Learning model, we used to Random Forest Classifier, allowing for a 96% accuracy with the model. The model was trained to accept an input of an email's contents, and return a percentage value of how likely the email is a phish. The model was trained on various parameters such as key words, excessive punctuation, cause for urgency, misspelling, and email context amongst more. We also incorporated an LLM from GroqAPI, which uses the "Llama 3" model to give an explanation as to why an email might be a phish.

Challenges We Ran Into

The biggest challenge we ran into was integrating the ML model with the front end, so that it can properly receive and process data in order to be returned back to the front end. Not only was this integration difficult, the biggest issue amongst this was navigating CORS blocks and status errors, slowing down our progress. Another massive issue our group ran into was experimenting and exploring various new frameworks and dependencies, such as creating a chrome extension(implementing a Manifest.JSON file). Other than this, our team found complexities in creating gacha-like mechanics, integrating a fully functional live database with the front end, and making a variety of API calls.

Next Steps

  1. Implementing the front end for a hyperlink verification system
  2. Adding an Admin view for owners of organizations
  3. Educational content about email phishing
  4. Adding more fish! 🐠
Share this project:

Updates