eth-phishing-detect
Utility for detecting phishing domains targeting Web3 users.
For checking why a given domain was blocked, there is a third-party search tool maintained by ChainPatrol.
Blocking Policy
We are constantly evolving the ideal policy that guides this list, but a few clearly defined rules have emerged. We will be quick and decisive to block websites that:
- Impersonate other known and established sites.
- Use their interfaces to collect user signing keys (especially cryptocurrency keys) and send them back to home servers.
There are other grounds for blocking, and we will ultimately do our best to keep our users safe.
Basic usage
const checkForPhishing = require('eth-phishing-detect')
const value = checkForPhishing('etherclassicwallet.com')
console.log(value) // trueAdvanced usage
const PhishingDetector = require('eth-phishing-detect/src/detector')
const config = [
{ blocklist: [/* blacklist */], name: 'blocklist', version: 2 },
{ allowlist: [/* whitelist */], name: 'allowlist', version: 2 },
{ fuzzylist: [/* fuzzylist */], name: 'fuzzylist', version: 2, tolerance: 2 },
];
const detector = new PhishingDetector(config)
const value = detector.check('etherclassicwallet.com')
console.log(value)
/*
{
type: "blacklist",
result: true,
}
*/Contributions
For understanding the lists, see doc/lists-ref.md.
Contributors are encouraged to read CONTRIBUTING.md for tips, pointers, and guidelines before reporting or collaborating.
To keep a tidy file, use the following CLI to make changes to the list:
Adding hosts to blocklist
yarn add:blocklist crypto-phishing-site.tldAdding hosts to allowlist
yarn add:allowlist crypto-phishing-site.tldDatabases
We have added sqlite databases in test/db directory. These will be committed to the working tree periodically to try reduce the amount of false positives being blocklisted. We will pull in domains from various third party sources - right now: CoinMarketCap and Tranco.
Update the database files:
yarn update:db
yarn update:db:tranco
yarn update:db:coinmarketcap
yarn update:db:snapsregistryThese sqlite databases will be checked against in yarn run test to ensure nothing is on the blocklist that is also in these databases.