Gone Phishin'

Warns you about phishing links in Gmail and Outlook before you click them.

Gone Phishin' watches the links in your Gmail and Outlook inbox and warns you before you click on a phishing or malware page. It's free, it doesn't read your email, and it was designed for the people in your life who are most often targeted — your parents, your grandparents, and anyone else who finds the modern web a little hostile. WHAT IT DOES • Marks dangerous links in your inbox with a small icon, so you can see at a glance which messages are sketchy. • Stops you when you click a known phishing or malware page and asks you to confirm — with a clear, plain-English warning, not a wall of red text. • Works on Gmail and Outlook (web). No setup, no accounts, no tracking required to use it. HOW IT WORKS When you open Gmail or Outlook, the extension reads the URLs of the links already shown on the page (the same ones your browser shows in the link-preview tooltip when you hover over them). Each unfamiliar URL is checked against Google's Safe Browsing list, which is the same threat database that powers Chrome's red "Deceptive site ahead" page. Verdicts are cached locally in your browser so we don't keep asking about the same link. We do NOT read your emails, attachments, subject lines, senders, or recipients. We never see the contents of your inbox. The only thing the extension looks at is the clickable URLs that the webmail page already renders for you. FOR FAMILIES If you're setting this up for a parent, grandparent, or anyone else who isn't a power-user, sign in to gonephishin.tech, create a "family circle" with their name on it, and read them a 6-digit pairing code over the phone (no email links to click — that would be ironic). Once they enter the code, the extension on their browser is paired to your dashboard, where you can see the threats it's blocked for them. You can revoke the pairing at any time from Settings. You can also use Gone Phishin' just for yourself — sign in for yourself from the extension popup, or skip sign-in entirely. Either way works. PRIVACY • We never read your email contents, subjects, senders, recipients, or attachments. • We do not track your browsing history. • We do not show ads, sell data, or train AI models on your data. • Full privacy policy: https://gonephishin.tech/privacy PERMISSIONS WE ASK FOR (AND WHY) • "Read and change all your data on Gmail / Outlook" — required by Chrome to read the link URLs already displayed on those pages so we can flag the dangerous ones. The extension only runs on those four hostnames. • "storage" — caches link verdicts and your sign-in state locally. That's it. We don't ask for permissions on any other site, we don't read your tabs, and we don't have access to anything outside the webmail tabs themselves. OPEN ABOUT WHAT WE'RE NOT This is a community-maintained, free safety net — not a replacement for careful clicking. It catches the phishing and malware sites that Google already knows about, plus a small set of obvious-looking lookalikes (typosquats, IP-only links, suspicious TLDs, brand-impersonation links where the text says one company but the URL goes somewhere else). Brand-new attacks that haven't been reported yet won't be in the database. Pair it with the old-fashioned advice: if a message feels off, don't click; if it claims to be your bank, log into your bank directly. CONTACT & FEEDBACK • Web: https://gonephishin.tech • Privacy questions: privacy@gonephishin.tech • Bug reports: support@gonephishin.tech If the extension flagged something it shouldn't have, please send us the domain — we'd like to know.