Phishing Defense Assistant

A browser extension and email plugin that educates users in real-time about phishing scams and suspicious emails. It flags common phishing patterns (fake login prompts, suspicious links, spoofed domains) and helps users verify legitimacy before entering credentials.

Phishing attacks hit an all-time high in 2023 according to the APWG, and with AI-generated spear-phishing now trivially cheap to produce, end-user training tools are getting a second look from both consumers and SMBs. Microsoft Defender and Google Safe Browsing already handle a version of this at the infrastructure level, which is the core problem: the incumbent defense layer is baked into browsers and email clients for free, making it hard to justify a paid extension without meaningfully better detection or a distinct workflow angle. The $1k–5k/mo revenue band is realistic only if you land small business teams on a per-seat model, since consumer willingness to pay for security tooling is notoriously low. The most likely failure mode is that Google or Microsoft quietly improves their native warnings and eliminates the perceived gap entirely, leaving no defensible wedge.