Prevent phishing emails with GPT-4, VirusTotal, Slack, and Google Sheets

Description

This n8n workflow automates real-time phishing detection by ingesting incoming emails, extracting indicators, analyzing content with AI (GPT-4), calculating risk scores, and taking immediate action—quarantining malicious emails, flagging suspicious ones, alerting users and SOC, and logging everything for compliance and forensics. It prevents phishing attacks at the point of delivery with zero-touch automation.

How it works
Webhook receives email
Extract URLs, domains, keywords
VirusTotal + GPT-4 analysis
Risk score routing
Quarantine / Flag / Allow
Slack SOC alert + audit log

Risk Levels
🔴 HIGH (75–100) → Quarantine
🟡 MEDIUM (40–74) → Flag + warn
🟢 LOW (0–39) → Allow + log

Credentials
OpenAI API (GPT-4o)
VirusTotal API
Slack Webhook
Google Sheets
SMTP Email

Placeholders to Replace
YOUR_OPENAI_CREDENTIAL_ID
YOUR_VIRUSTOTAL_API_KEY
YOUR_SLACK_WEBHOOK_PATH
YOUR_GOOGLE_SHEET_ID
YOUR_EMAIL_GATEWAY_TOKEN

Explore More AI-Powered Email Security:
Contact us to deploy zero-trust email gateways, automated BEC response, and insider threat detection using n8n + LLMs.