Gophishfree

GoPhishFree protects Gmail users from phishing emails using a local machine learning model that runs entirely in your browser.

How it works:
Open any email in Gmail, it's scanned automatically
A risk badge (Low / Medium / High / Dangerous) appears on the email
Click the badge for a detailed breakdown of suspicious signals
Optional: enable DNS checks for deeper domain verification
Optional: connect your own AI API key for a second opinion

Privacy:
All ML inference runs locally on your device. By default, no email content, subject lines, or sender addresses are transmitted to any external server.

If you choose to enable optional features, the following applies:
- AI enhancement (off by default, requires your own API key): only numerical signal features, never email text, are sent to your chosen AI provider (OpenAI, Anthropic, Google, or Azure) under their terms.
- Browserling link preview (off by default): link URLs from emails are sent to Browserling (browserling.com) for safe sandboxed previewing.
- Deep scan (off by default, requires user permission grant): external URLs found in emails are fetched for static analysis. No email text is transmitted.

No email content is ever sent to our servers. We have no servers.