International Journal of Science, Engineering and TechnologyAuthors: Prabhakaran S, Nishal R, Thillaiarasu J, Dr. M. Rajesh Babu
Abstract: Phishing attacks remain one of the most economically devastating cyber threats, accounting for approximately 91% of all cyberattacks according to the Anti-Phishing Working Group (APWG). Despite advances in enterprise-grade solutions, accessible, interpretable, and privacy-preserving tools for individual Gmail users are critically lacking. This paper presents OneSec, a full- stack web application that integrates with the Gmail API via OAuth 2.0 read-only access to proactively detect phishing emails in real time before the user opens them. The system employs a seven-rule, weighted multi-factor threat engine that evaluates IP-based URL usage, suspicious top-level domains (TLDs), SPF/DKIM authentication failures, reply-to header anomalies, credential-harvesting keywords, social-engineering urgency patterns, and excessive URL density. Real-time threat alerts are delivered via Server-Sent Events (SSE) to a React 18 TypeScript dashboard with sub-500 ms end-to-end latency. Empirical evaluation on a balanced 500-email benchmark (250 PhishTank phishing, 250 Enron/legitimate) yields precision of 91.25%, recall of 87.60%, F1-score of 89.4%, and a mean detection latency of 340 ms. User acceptance testing achieves a System Usability Scale (SUS) score of 82.5, rated Excellent. OneSec is open-source, self-hostable at zero cost, and requires no machine learning infrastructure, making advanced phishing protection accessible to all Gmail users.
DOI:
