Email Phishing Detection Extention using On device LLM

Client-Side Phishing Detection in Gmail Using Local LLMs

September 2, 2024

The Problem: Trusting the Cloud for Email Security

Modern phishing detection often relies on cloud-based AI services. While powerful, these models raise critical privacy concerns when dealing with sensitive email content. Many users and enterprises hesitate to send their inbox data to third-party services, no matter how secure they claim to be.

Relying on cloud-based detection models meant every email was transmitted off-device, creating a serious privacy bottleneck for security-conscious users.

Additionally, even well-funded organizations were missing threats due to high false positive rates, delayed classification, and inconsistent integrations with email clients like Gmail.

The Solution: Grounded — A Local LLM Gmail Extension

Inspired by the idea of on-device inference, I designed and developed Grounded, a browser extension that brings phishing detection directly into the Gmail interface using a locally hosted language model.

The Grounded extension overlays verdicts inside Gmail using local LLM predictions.

At its core, Grounded uses Ollama to run a lightweight LLM (e.g., gemma-2b) entirely on the user's machine. When an email is opened, the extension captures its contents and sends it to the localhost inference server—no data ever leaves the device.

Grounded makes use of the browser's content_scripts and background.js to extract email content and coordinate analysis with the local LLM.

Architecture Highlights

Frontend (Content Script): Hooks into Gmail DOM to detect when an email opens and extract relevant content (subject, sender, body).
Backend (Background Script): Handles caching verdicts in localStorage and querying the local LLM.
Inference (Ollama): Hosts a local HTTP server on localhost:11434 where the gemma-2:2b model classifies emails as Legit, Neutral, or Phishing.
UI Overlay: Injects a result banner into Gmail using DOM manipulation, color-coded for clarity.

// contentScript.js - inject classification banner
const verdictBanner = document.createElement('div');
verdictBanner.innerText = "⚠️ Suspicious Email";
verdictBanner.style.backgroundColor = "#ffcccc";
emailElement.prepend(verdictBanner);

The Impact Though built as a proof-of-concept, Grounded opens a promising path for private, offline phishing detection that scales with local compute, not with cloud costs or privacy tradeoffs.

Bytes of Email Data Sent to Cloud

~1s

Average Local LLM Classification Time

100%

On-Device Inference

Grounded proves that client-side LLM security tooling isn't just possible—it’s practical for real users in real workflows.

What's Next? While Grounded currently supports Gmail in Chromium-based browsers, it can be expanded to:

Support Outlook Web and other email providers.

Add training and feedback loop for user-tuned phishing detection.

Integrate with endpoint threat intel tools for context-aware verdicts.

Want to try it out? 👉 View the repository

git clone https://github.com/iamahmedabdalla/grounded-extension