Question 1

Who built PhishGuard and what was their motivation?

Accepted Answer

PhishGuard was built by Kuldeep Tiwari and Aman Tiwari, cybersecurity enthusiasts from India who observed the massive surge in UPI fraud, fake KYC scams, and WhatsApp phishing affecting ordinary Indians — especially elderly family members with limited digital literacy. They built PhishGuard to give every Indian a free, fast, and genuinely accurate way to verify suspicious links without needing technical expertise. It started as a college project and grew into a full platform.

Question 2

What makes PhishGuard different from VirusTotal or Google Safe Browsing?

Accepted Answer

PhishGuard is India-first. Its ML model is trained specifically on Indian phishing patterns — fake SBI/HDFC pages, UPI scam links, IRCTC fraud, Aadhaar phishing, and regional scam campaigns that global tools often miss or are slow to flag. PhishGuard also integrates India-specific context: it checks for impersonation of Indian brands, government TLD mismatches (.gov.in vs .com), and UPI-specific fraud patterns. It is also simpler — one URL, one verdict, no account needed.

Question 3

Is PhishGuard open source? Can I contribute to the project?

Accepted Answer

PhishGuard's frontend and detection documentation are available for community review. The ML model and core detection engine represent significant research investment and are proprietary. Community contributions are welcome for: regional language translations, awareness content, browser extension development, and phishing URL reporting (which directly improves the detection model). Contact the team via the developer portal or follow PhishGuard on social media for contribution announcements.

Question 4

How does PhishGuard make money if it is completely free?

Accepted Answer

PhishGuard currently operates as a community service — it is a student-built project with infrastructure supported by the founders. Future sustainability plans include: an enterprise API tier for security teams and fintechs, a browser extension premium plan, and partnerships with Indian cybersecurity organisations. Anthropic tools, CERT-In alignment, and academic grants are also being explored. The free tier for individual Indian users will always remain free.

Question 5

What accuracy does PhishGuard achieve on Indian phishing URL detection?

Accepted Answer

In internal validation testing on a dataset of 50,000 Indian URLs (25,000 phishing, 25,000 legitimate), PhishGuard's 9-layer model achieves: 94.2% overall accuracy, 96.1% precision on phishing class, 92.8% recall (true positive rate), and F1 score of 0.944. False positive rate on legitimate Indian banking sites is under 1.2%. These metrics are regularly updated as new phishing patterns emerge. The model is retrained monthly with fresh Indian phishing data.

Question 6

Does PhishGuard work for websites in Indian regional languages?

Accepted Answer

Yes — PhishGuard analyses the technical properties of URLs regardless of the language of the website content. Domain age, SSL validity, IP reputation, and WHOIS data are language-independent. Brand impersonation detection covers major Indian brands that have multilingual websites. PhishGuard currently does not analyse website text content for deceptive language, but this feature is on the roadmap, including detection of Hindi, Tamil, Telugu, Bengali, and Marathi language phishing pages.

Question 7

What is PhishGuard's data privacy policy for Indian users?

Accepted Answer

PhishGuard is built in compliance with India's Digital Personal Data Protection Act (DPDPA) 2023. URLs scanned by guests are not stored beyond the session. Logged-in users' scan history is stored in their account and can be deleted at any time. No personal financial data, passwords, or Aadhaar numbers are ever processed. PhishGuard does not sell user data to third parties. Full details are in the Privacy Policy. The infrastructure is hosted on Render.com with servers in Singapore, the closest available region to India with strong data protection standards.

Question 8

How can schools, colleges, and NGOs use PhishGuard for cybersecurity education in India?

Accepted Answer

PhishGuard is free for educational use with no registration required. Use it in: cybersecurity workshops to demonstrate real-time phishing detection, classroom demonstrations of SSL certificate analysis, student assignments on URL safety analysis, and community awareness programs for rural India. The Awareness section provides curriculum-ready content on phishing types, red flags, and safe browsing. Contact the PhishGuard team for bulk API access for college cybersecurity labs and research projects.

Question 9

What are PhishGuard's plans for expansion and new features?

Accepted Answer

PhishGuard roadmap includes: Hindi and major regional language interface, Chrome and Firefox browser extension for real-time link checking, WhatsApp bot integration for direct link scanning in chats, SMS-based scanning for feature phone users in rural India, API integrations with major Indian email security platforms, real-time threat intelligence feed for enterprise security teams, and a community-reported phishing database specific to Indian campaigns. Follow @PhishGuardIN on Twitter/X for feature announcements.

Question 10

How does PhishGuard's report sharing feature help protect other Indians?

Accepted Answer

Every PhishGuard scan generates a unique shareable report URL (phishguard.co.in/scan/REPORT_ID). When you find a phishing link, share this report link in WhatsApp groups, family chats, RWA groups, and social media instead of sharing the dangerous link itself. Recipients see the full forensic verdict without visiting the phishing site. Security teams, journalists, and CERT-In also use these report links as evidence. Every shared report raises awareness and directly contributes to protecting India's digital ecosystem.

Built in India.
For India's internet.

Academic Project Notice

What PhishGuard Analyses

Project Team

Kuldeep Tiwari

Aman Tiwari

System Architecture

Frontend Interface

Backend — Python / Flask

Database — MongoDB Atlas

Detection Engine

Infrastructure — Render

Built in India.For India's internet.