PhishProof

PhishProof is a web app (with Microsoft 365 and Google Workspace add-ins) that detects and blocks high-risk business email compromise (BEC) and invoice fraud in real time. It focuses on the messy middle where most tools fail: vendor bank-detail changes, “urgent payment” threads, lookalike domains, and subtle reply-chain hijacks. The app analyzes message context, sender history, domain similarity, and payment instructions, then forces a lightweight verification workflow (out-of-band confirmation, vendor callback checklist, and approval routing) when risk is high. It also maintains a vendor identity ledger: known-good bank accounts, verified contacts, and change history, so finance teams can spot suspicious changes instantly. This is a combination traditional + AI app: traditional rules/workflows for enforceable controls, plus AI for language and anomaly detection. Reporting is designed for auditors: who approved what, when, and why.