Illume

A Chrome extension that detects scam risk in real time while you shop. It flags unsafe sites, explains why, and uses GenAI to suggest safer alternatives from trusted sellers before you buy.

Comment 1

Inspiration

Digital e-commerce fraud has reached a crisis point, with $2.8 billion lost in 2025 due to increasingly sophisticated scam storefronts and AI-generated product catalogs. These scams closely mimic legitimate online shops, making them difficult to detect in real time.

We were particularly struck by the fact that women report 68.5% of online purchase scams and are more likely to lose money once targeted. At the same time, 21% of Americans have unknowingly purchased fake products promoted using AI-generated or deepfake endorsements.

These scams scale faster than takedown systems and disappear before action can be taken. We built Illume to give users, especially women, a proactive financial shield against AI-driven e-commerce exploitation.

What it does

Illume is a real-time financial security tool packaged as a Chrome extension that detects scam risk before a purchase is completed.

While a user browses product or checkout pages, Illume works silently in the background to:

  • Analyze risk by evaluating domain reputation, seller information, pricing anomalies, product images, and payment behavior
  • Detect AI deception by flagging suspicious AI-generated images and scam-like or templated product descriptions
  • Provide actionable warnings through a popup alert showing a Fraud Risk Score, confidence level, and clear explanations
  • Suggest safe alternatives using GenAI to recommend similar products from reputable, verified platforms
  • Track financial impact via a personal dashboard that shows scans performed, scams avoided, and estimated money protected

How we built it

  • Frontend: A Manifest V3 Chrome extension with content scripts that activate on product and checkout pages to extract structured page signals
  • Risk Engine: A backend scoring API that aggregates third-party threat intelligence, AI-based image and text analysis, and internal heuristics to generate a Fraud Risk Score and confidence level
  • Database and Analytics: MongoDB stores scan events, domain intelligence, vendor risk profiles, and anonymized user metrics for fast lookups and dashboards
  • Security and Privacy: OAuth 2.0 with Google accounts enables secure authentication while minimizing stored personal data

Accomplishments we’re proud of

  • Built a fully functional real-time Chrome extension using Manifest V3
  • Integrated multiple APIs for domain reputation, threat intelligence, and AI content detection
  • Designed an explainable scam detection system that clearly shows users why a product or site is risky

What’s next

  • Marketplace integrations: APIs for vetting third-party sellers and AI-generated catalogs before listings go live
  • Fintech tools: Real-time risk scoring for checkout flows and Buy Now, Pay Later transactions
  • Community intelligence: Expanding detections and user reports into a shared domain reputation and threat-intel network

Built With

Share this project:

Updates