Should I Build It Should I Build It
01 Jul 2025
Email Security

A cyber security agent that helps detect phishing attacks in your ...

...emails

Confidence
Engagement
Net use signal
Net buy signal

Idea type: Swamp

The market has seen several mediocre solutions that nobody loves. Unless you can offer something fundamentally different, you’ll likely struggle to stand out or make money.

Should You Build It?

Don't build it.

Your are here

You're entering a crowded space where many have tried to solve the phishing problem, but few have truly broken through. Our analysis shows that you're in a 'Swamp' category, indicating that many solutions exist, but none are particularly loved. With 10 similar products already out there, competition will be stiff. Engagement is low, suggesting users aren't raving about existing solutions. Unfortunately, without positive use or buy signals from similar products, it's tough to gauge demand for yet another phishing detection tool. You'll need a fundamentally different angle to succeed, or risk getting lost in the noise.

Recommendations

  1. Thoroughly investigate why existing phishing detection solutions haven't completely solved the problem. Are they too complex? Do they generate too many false positives? Understanding their shortcomings will be crucial in identifying a genuine gap in the market.
  2. If you're determined to proceed, narrow your focus to a specific niche that's currently underserved. Perhaps target small businesses with limited IT resources, or a particular industry with unique phishing challenges.
  3. Instead of directly competing, consider building tools or integrations that enhance existing email security platforms. This approach allows you to leverage established user bases and avoid the uphill battle of acquiring new customers.
  4. Based on user criticisms of similar products, prioritize clear pricing information. Be upfront about costs after any free trial period to build trust with potential users. Also, take note that users want automation to happen before an email even reaches their mailbox to ensure practicality.
  5. Carefully examine the workflow for handling suspicious emails. Address concerns about potential user mishandling of notifications by implementing a more streamlined and intuitive process. Explore options for an intranet portal for analyzing suspicious emails to mitigate security risks.
  6. Before launching, thoroughly test your product's accuracy and effectiveness. Excessive false positives will quickly erode user trust and make your product more of a nuisance than a helpful security tool.
  7. Given the competitive landscape, consider pivoting to an adjacent problem in cybersecurity that might be more promising and less saturated.

Questions

  1. What unique approach will your product take to differentiate itself from the numerous existing phishing detection tools in the market, and how will you demonstrate its superiority?
  2. How will you address the challenge of low user engagement with current phishing solutions and create a product that users find genuinely valuable and easy to use?
  3. Given the security concerns raised about handling unencrypted emails in similar products, what measures will you take to ensure the confidentiality and integrity of analyzed emails?

Your are here

You're entering a crowded space where many have tried to solve the phishing problem, but few have truly broken through. Our analysis shows that you're in a 'Swamp' category, indicating that many solutions exist, but none are particularly loved. With 10 similar products already out there, competition will be stiff. Engagement is low, suggesting users aren't raving about existing solutions. Unfortunately, without positive use or buy signals from similar products, it's tough to gauge demand for yet another phishing detection tool. You'll need a fundamentally different angle to succeed, or risk getting lost in the noise.

Recommendations

  1. Thoroughly investigate why existing phishing detection solutions haven't completely solved the problem. Are they too complex? Do they generate too many false positives? Understanding their shortcomings will be crucial in identifying a genuine gap in the market.
  2. If you're determined to proceed, narrow your focus to a specific niche that's currently underserved. Perhaps target small businesses with limited IT resources, or a particular industry with unique phishing challenges.
  3. Instead of directly competing, consider building tools or integrations that enhance existing email security platforms. This approach allows you to leverage established user bases and avoid the uphill battle of acquiring new customers.
  4. Based on user criticisms of similar products, prioritize clear pricing information. Be upfront about costs after any free trial period to build trust with potential users. Also, take note that users want automation to happen before an email even reaches their mailbox to ensure practicality.
  5. Carefully examine the workflow for handling suspicious emails. Address concerns about potential user mishandling of notifications by implementing a more streamlined and intuitive process. Explore options for an intranet portal for analyzing suspicious emails to mitigate security risks.
  6. Before launching, thoroughly test your product's accuracy and effectiveness. Excessive false positives will quickly erode user trust and make your product more of a nuisance than a helpful security tool.
  7. Given the competitive landscape, consider pivoting to an adjacent problem in cybersecurity that might be more promising and less saturated.

Questions

  1. What unique approach will your product take to differentiate itself from the numerous existing phishing detection tools in the market, and how will you demonstrate its superiority?
  2. How will you address the challenge of low user engagement with current phishing solutions and create a product that users find genuinely valuable and easy to use?
  3. Given the security concerns raised about handling unencrypted emails in similar products, what measures will you take to ensure the confidentiality and integrity of analyzed emails?

  • Confidence: High
    • Number of similar products: 10
  • Engagement: Low
    • Average number of comments: 2
  • Net use signal: -1.9%
    • Positive use signal: 9.5%
    • Negative use signal: 11.4%
  • Net buy signal: -7.6%
    • Positive buy signal: 0.0%
    • Negative buy signal: 7.6%

This chart summarizes all the similar products we found for your idea in a single plot.

The x-axis represents the overall feedback each product received. This is calculated from the net use and buy signals that were expressed in the comments. The maximum is +1, which means all comments (across all similar products) were positive, expressed a willingness to use & buy said product. The minimum is -1 and it means the exact opposite.

The y-axis captures the strength of the signal, i.e. how many people commented and how does this rank against other products in this category. The maximum is +1, which means these products were the most liked, upvoted and talked about launches recently. The minimum is 0, meaning zero engagement or feedback was received.

The sizes of the product dots are determined by the relevance to your idea, where 10 is the maximum.

Your idea is the big blueish dot, which should lie somewhere in the polygon defined by these products. It can be off-center because we use custom weighting to summarize these metrics.

Similar products

Relevance

Too Phishy for Gmail - The ultimate anti-phishing add-on for Gmail™

10 Nov 2023 Email Business Intelligence Security

Harnessing cutting-edge technology, Too Phishy performs real-time analysis of attachments and sender information so that your online security is never compromised.

Users praise the product's ability to protect inboxes from phishing, with some comparing it to a guardian angel. Gmail's phishing filter is considered superior to Outlook's. Many users congratulate the launch and commend the initiative. Requests were made for a Yahoo Mail extension and information about pricing after the free trial. One user inquired about Gmail site functionality in relation to Yahoo Mail.

Users criticized the A.I. phishing detection in Outlook, stating it needs improvement. Another concern was a lack of clear pricing information following the conclusion of the free trial, which is important for users evaluating the long-term cost.

Avatar
40
11
18.2%
11
40
18.2%
Relevance

PhishGuard is my implementation of 100% phishing free webmail

05 Sep 2024 Security

Why PhishGuard?When I started developing Blue Arca in 2017, I had one clear mission: to stand up against the relentless threat of phishing and provide everyone with the tools to protect themselves. I’ve watched the phishing landscape evolve over the past seven years, and despite the efforts of large cyber security companies, the threat has only grown. More and more phishing emails are finding their way into our inboxes, and it’s become clear to me that the solutions out there just aren’t enough.Phishing isn’t just an inconvenience—it’s a serious risk that affects us all. I believe that we deserve better. We should only be interacting with links and URLs that are familiar to us, based on our daily internet behaviour. But in today’s online world, unexpected and potentially dangerous things pop up all too often. When that happens, we need to be equipped with the right tools to warn us, guide us, and help us make informed decisions about whether to proceed or not.That’s why I’m excited to introduce PhishGuard, the next evolution of the Blue Arca Anti-Phishing Tool. PhishGuard is more than just an upgrade—it’s a statement. A statement that it's time for a change, and that we can and will do more to protect ourselves from phishing threats.Why This Matters?PhishGuard represents a significant leap forward in our fight against phishing. It’s built on the belief that everyone deserves top-tier protection. With PhishGuard, we’re making advanced, effective technology accessible to everyone. It’s about giving you the power to navigate the internet safely, armed with the most effective tool available.Available as a browser extension for Chrome and Brave.

Avatar
3
3
Relevance

AI Anti Phishing

06 Mar 2024 Email

Hey guys. In 4 days we launch our AI Anti Phishing tool. Results - 100/100 Phishing emails detected. If you are interested - message me in linkedin, I will send you website when we launch.https://www.linkedin.com/in/oleksandr-matviienko-4a7b16248/

Show HN is for things ready to try.

Off topic: blog posts, sign-up pages, newsletters.

Avatar
1
1
1
1
Relevance

I made an automated phishing email analysis tool called ThePhish

22 Apr 2023 Developer Tools

It's based on TheHive, Cortex and MISP. I'll update it once the new TheHive API 5 will be released as stable.

Users expressed concerns about the real-world application and target audience of the product. There was confusion regarding the roles of security operations center (SOC) personnel and the email handling process. Some noted that the service might require many analysts for small organizations, making it costly in practice despite being a good idea in theory. Security concerns were raised about the handling of unencrypted emails, and suggestions were made that corporate mail should analyze emails before user access. The user workflow for handling suspect emails was criticized, although the creation of .eml files was noted to be transparent when forwarding emails as attachments.

Users criticized the product for its unclear real-world application and target audience, vague SOC roles, and email processes. Concerns were raised about the lack of real-world implementations, with some deeming it impossible or cost-prohibitive. Security issues were highlighted due to unencrypted email transmission, and a preference for an intranet portal over mailboxes for handling suspect emails was expressed. The risk of users misinterpreting notifications and mishandling emails was noted, alongside a call for automation before the user mailbox stage to ensure practicality.

Avatar
4
8
-37.5%
-25.0%
8
4
Relevance

ThePhish: An automated phishing email analysis tool

21 Apr 2023 Developer Tools

ThePhish is an automated phishing email analysis tool based on TheHive, Cortex and MISP. It is a web application written in Python 3 and based on Flask that automates the entire analysis process starting from the extraction of the observables from the header and the body of an email to the elaboration of a verdict which is final in most cases. In addition, it allows the analyst to intervene in the analysis process and obtain further details on the email being analyzed if necessary. In order to interact with TheHive and Cortex, it uses TheHive4py and Cortex4py, which are the Python API clients that allow using the REST APIs made available by TheHive and Cortex respectively.

Automated phishing email analysis tool using TheHive, Cortex, MISP.

Avatar
3
1
1
3
Top