{"slug": "i-built-a-phishing-detector-into-chrome-using-claude-ai-here-s-exactly-how", "title": "I built a phishing detector into Chrome using Claude AI. Here's exactly how.", "summary": "A developer built a Chrome extension that uses Claude AI to detect phishing messages. The extension sends suspicious messages to a Cloudflare Worker, which proxies requests to the Anthropic API using the Haiku model for fast, cost-effective classification. In tests against 50 real phishing attempts, the system correctly identified 48.", "body_md": "My mother called me last week. Someone had sent her an SMS\n\nclaiming to be from DHL, asking her to pay a £2.99 customs\n\nfee via a link. She almost clicked it.\n\nThat was enough. I spent a weekend building a Chrome extension\n\nthat lets you paste any suspicious message and get an instant\n\nverdict. Here's how it works.\n\nThe obvious approach is to call the Claude API directly from\n\nthe extension. Don't do this. Your API key lives in the\n\nextension code, which anyone can extract from the Chrome Web\n\nStore in about 30 seconds.\n\nThe right pattern: extension → Cloudflare Worker → Claude API.\n\nThe Worker lives server-side, holds the API key as an\n\nenvironment variable, and acts as a proxy. Cloudflare's free\n\ntier handles 100,000 requests/day, which is more than enough.\n\nexport default {\n\nasync fetch(request, env) {\n\nconst { prompt } = await request.json();\n\n``` js\nconst response = await fetch('https://api.anthropic.com/v1/messages', {\n  method: 'POST',\n  headers: {\n    'x-api-key': env.ANTHROPIC_API_KEY,\n    'anthropic-version': '2023-06-01',\n    'content-type': 'application/json'\n  },\n  body: JSON.stringify({\n    model: 'claude-haiku-4-5-20251001',\n    max_tokens: 350,\n    messages: [{ role: 'user', content: prompt }]\n  })\n});\n\nreturn response;\n```\n\n}\n\n}\n\nI'm using Haiku, not Opus. For a classification task like\n\nthis — is this phishing or not — Haiku is faster, 10x cheaper,\n\nand gets the same result. Opus is overkill.\n\nAfter a dozen iterations, this is what actually works:\n\n\"You are an expert cybersecurity analyst specializing in\n\nphishing detection. Analyze the following message and\n\ndetermine if it is PHISHING, SUSPICIOUS, or LEGITIMATE.\n\nPay special attention to impersonation of financial\n\ninstitutions (PayPal, Chase, Barclays), government agencies\n\n(IRS, HMRC, DVLA), delivery services (UPS, FedEx, Royal Mail)\n\nand major tech companies (Amazon, Apple, Microsoft, Netflix).\n\nRespond ONLY in this format:\n\nVERDICT: [PHISHING / SUSPICIOUS / LEGITIMATE]\n\nCONFIDENCE: [High / Medium / Low]\n\nSIGNALS: [comma-separated list, max 4]\n\nADVICE: [one clear action sentence]\"\n\nOne thing worth knowing: parse only the VERDICT line,\n\nnot the whole response. Otherwise txt.includes(\"PHISHING\")\n\nwill always return true because the word appears in the\n\ntemplate itself.\n\nconst verdictLine = txt.split('\\n')\n\n.find(l => l.startsWith('VERDICT:')) || '';\n\nconst isPhishing = verdictLine.includes('PHISHING');\n\nObvious in hindsight. Took me longer than I'd like to admit.\n\nTested against 50 real phishing attempts. Claude got 48 right.\n\nThe two it missed were unusually well-crafted —\n\nlegitimate-looking domains with no obvious red flags.\n\nFor anything with a suspicious link or an urgency pattern,\n\nit's essentially perfect.\n\nIf you want the full source code — extension, Worker, and\n\ndeploy instructions — I packaged it here: [https://carlosdevlop.gumroad.com/l/ai-phishing-detector-bundle](https://carlosdevlop.gumroad.com/l/ai-phishing-detector-bundle)", "url": "https://wpnews.pro/news/i-built-a-phishing-detector-into-chrome-using-claude-ai-here-s-exactly-how", "canonical_source": "https://dev.to/carlos_lopez_e0907403c1b4/i-built-a-phishing-detector-into-chrome-using-claude-ai-heres-exactly-how-2d6c", "published_at": "2026-06-17 14:15:23+00:00", "updated_at": "2026-06-17 14:21:46.922511+00:00", "lang": "en", "topics": ["artificial-intelligence", "large-language-models", "ai-products", "ai-safety", "developer-tools"], "entities": ["Claude AI", "Anthropic", "Cloudflare", "Chrome", "DHL", "PayPal", "Amazon", "Microsoft"], "alternates": {"html": "https://wpnews.pro/news/i-built-a-phishing-detector-into-chrome-using-claude-ai-here-s-exactly-how", "markdown": "https://wpnews.pro/news/i-built-a-phishing-detector-into-chrome-using-claude-ai-here-s-exactly-how.md", "text": "https://wpnews.pro/news/i-built-a-phishing-detector-into-chrome-using-claude-ai-here-s-exactly-how.txt", "jsonld": "https://wpnews.pro/news/i-built-a-phishing-detector-into-chrome-using-claude-ai-here-s-exactly-how.jsonld"}}