Open sekisanchi opened 6 years ago
Hi Seki,
Awesome - do you know if there's an API where we can automate this? I'll look into it tonight! 👍
Yes, old style API is available. Please look at history of my id. I tried to stimulate the service and connections, and it might be succeeded around 100th. Since after that, some of the URL I added from fresh ESDB already blocked by Google safe browsing.
Looked around 322 submissions so far, and 184 are verified as phish.
https://www.phishtank.com/user.php?username=seki
For the domain URLs listed in ESDB, Either one of red in safe browsing, Virus Total flagging or domain parking would be desirable state results and active domains have priority.
Those are 18 submitted ids May 27th and still active, but not verified, out of 54 total and 20 verified in the day. If you have id, please verify them.
Need some cross reference on ESDB Most of them are the QR code giveaway scams, probably driven by this http://free-ethereum.us/
https://www.phishtank.com/phish_detail.php?phish_id=5677852 https://www.phishtank.com/phish_detail.php?phish_id=5677853 https://www.phishtank.com/phish_detail.php?phish_id=5677859 https://www.phishtank.com/phish_detail.php?phish_id=5677862 https://www.phishtank.com/phish_detail.php?phish_id=5677863 https://www.phishtank.com/phish_detail.php?phish_id=5677864 https://www.phishtank.com/phish_detail.php?phish_id=5677887 https://www.phishtank.com/phish_detail.php?phish_id=5677889 https://www.phishtank.com/phish_detail.php?phish_id=5677893 https://www.phishtank.com/phish_detail.php?phish_id=5677896 https://www.phishtank.com/phish_detail.php?phish_id=5677897 https://www.phishtank.com/phish_detail.php?phish_id=5677907 https://www.phishtank.com/phish_detail.php?phish_id=5677908 https://www.phishtank.com/phish_detail.php?phish_id=5677913 https://www.phishtank.com/phish_detail.php?phish_id=5677915 https://www.phishtank.com/phish_detail.php?phish_id=5677920 https://www.phishtank.com/phish_detail.php?phish_id=5677925 https://www.phishtank.com/phish_detail.php?phish_id=5677928
Two ids within above are not yet verified/ 16 verified /18 total
https://www.phishtank.com/phish_detail.php?phish_id=5677908 https://www.phishtank.com/phish_detail.php?phish_id=5677928
Thanks Seki
I'll try dedicate some time this week to do some integration with phishtank
Hello! My respects! Help me please, my site https://coinzzz.pro got to the list of phishing sites. Although I just have a website about blockchain and ICO. Still Wake references to Airdrop which I already deleted. Please help us to find out what is wrong with the site. I checked all the antivirus software and they show that the site is clean. My site is my only earnings, please help.
@coinzzzpro please go to https://github.com/MetaMask/eth-phishing-detect/pull/1886 as suggested in https://medium.com/@danfinlay/you-were-reported-as-hosting-a-fake-aragon-giveaway-here-a0694a108206
@sekisanchi Thanks mr. Kazunori Seki for the information! I have already deleted everything and will check every link published on my website. What should I do now? How to disappear from the list of these sites? Most of which are real phishing sites aiming to steal money. We are to blame, published a drop that was scam. But we are an information site, and there is no one do not want to be like. Please help! Thanks.
@sekisanchi please look this comment https://github.com/MetaMask/eth-phishing-detect/issues/1921#issuecomment-400276144
@sekisanchi Hello! Our site https://coinzzz.pro/ is excluded from the list of eth-phishing-detect
https://github.com/MetaMask/eth-phishing-detect/commit/5802be01c06dddff18d8077dd6f3cecf80dde9f5
Please, remove it from database https://www.phishtank.com/phish_detail.php?phish_id=5719803
@coinzzzpro Looks like the site is clean at phishtank now, but anyway I flagged it as false positive. These scans also say no bad in phishtank. https://phishcheck.me/86089/details https://phishcheck.me/86092/details
https://www.phishtank.com/user_submissions.php?username=seki
Added about 250 and the first half is well accepted and marked as phishes.
Here's some suggestion -
1) Within my pilot, I saw Google safe browsing flagged some of the site. It worth than seemed to be. 2) risk.iq and xforce have linkage to it. 3) Phishtank accepts only URL as input and no additional info like Etherscan of shown Ethereum address that may prove the fake behavior of the site. Link to Phishtank from ESDB may help. 4) Don't know what incentives drive the Mturk like operation.