Steemed Phish v0.0.28: phishing detection improvements

in utopian-io •  4 months ago

Bug Fixes

  • fix bug with the whitelist processing
  • fix bug where the code is running on neutral websites

New Features since v0.0.23

Phishing websites are appearing like weeds in my garden. @anyx from @steemcleaners has created @guard as a Proactive Measure to Limit Phishing on Steemit. But as we add protection the scammers are creating work around, so it's a game of cat and mouse. Here are what have been added/amended to Steemed Phish:

  • The whitelist and blacklist are now on a remote server so that I don't have to update the extension just for a list update
  • in v0.0.23 I was using a URL expander service to reveal the real URL when scammers are hiding it by shortening it. Due to some short URL not expanding properly, I've ended up building my own API. With extra update for their new workaround.
  • I'm now using Regexp for whitelist and blacklist
  • Adding a cache buster to the whitelist API call to avoid cache
  • By creating invalid HTML content, the scammers were preventing the full page warning from showing up, Steemed Phish now handles it
  • I'm following the #phishing channel of @steamcleaners and update my blacklist multiple times a week

Download the extension

https://chrome.google.com/webstore/detail/steemed-phish/eiaigalhddmmpdnehcigmlmgllomljgj

What is Steemed Phish?

Steemed Phish

Steemed Phish is a Chrome extension that offers protection against Steemit.com phishing clones

Features

Changing icon color based on white/blacklist

This extension will validate Steemit related websites by changing its icon color:

  • red is for blacklisted sites
  • green is for recognised friendly sites
  • grey is for unrecognised sites
Whitelist and blacklist

Steemed Phish does not rely solely on these list as anything not listed won't be protected. Blacklist and whitelist are hard to maintain but adding them helps widening the protection coverage.

When a site is neither whitelisted or blacklisted, Steemed Phish will try to check the URL structure to find known patterns and flag a link as supsicious by coloring it in pink.

There are currently 19 blacklisted websites and 31 whitelisted websites.

Phishing Alerts

If a user lands on a phishing website, Steemed Phish will display two types of alerts:

  • a dialog that shows up even if the page was loaded in a tab in the background
  • a full page alert, that covers the whole phishing page and offers a link to go back to Steemit.com. The full page alert also reminds the user of not using their Steemit Keys on unknown websites and keep their password (Owner Key) safe.
Expand shorten URL

Some links are shortened using services such as bit.ly, this prevents people from easily analysing the URL of the link. Steemed Phish uses a link expanding API to determine the destination URL of a link and then compare it again against the white/blacklist logic above.

Steemed Phish expand URL

Making external links more visible

Ideally, a user should be more careful on links they are clicking on by always paying attention to the URL of an anchor. But this is easier said than done and even the most experienced user can let down their guard sometimes and get tricked by the scammers.

Recently, Steemit.com, has added a feature that marks external links with a grey icon on the right of each links. Steemed Phish will make that icon more obvious by coloring it in purple. On top of that, it will make a bubble appear next to the mouse cursor with a text explaining the fact that clicking on the link with leads you away so don't use your password. This bubble won't show up on friendly (whitelisted) websites

Steemed Phish dialog alert

Support lazy loading

The extension works even if the links are inserted into the page after page load (Ajax), for example:

  1. The link was in a comment that was hidden due to low rating and I then revealed it.
  2. The link is in a comment low in a popular page. The comment was not loaded at first but only when you scroll down

In both cases, the first time the page loads, the comment and the link is not loaded and displayed. Steemed Phish still works in these cases.

Download the extension

https://chrome.google.com/webstore/detail/steemed-phish/eiaigalhddmmpdnehcigmlmgllomljgj

I'm a Steem Witness

If you like what I do for the Steem community, please consider me when choosing one of your 30 witnesses to vote for.

@quochuy Steem Witness
Vote for your 30 witnesses

Support me by voting for my witness via SteemConnect



Posted on Utopian.io - Rewarding Open Source Contributors

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

I’m going to check it out instantly. It looks like a very useful tool.
How do you determine which sites will be blacklisted? (There are +100 known phishing domains)

·

I add them as they show up on the phishing channel on steemcleaners. I also have a logic to assess if a link is suspicious (beta)

Hey @quochuy I am @utopian-io. I have just upvoted you!

Achievements

  • You have less than 500 followers. Just gave you a gift to help you succeed!
  • Seems like you contribute quite often. AMAZING!

Utopian Witness!

Participate on Discord. Lets GROW TOGETHER!

Up-vote this comment to grow my power and help Open Source contributions like this one. Want to chat? Join me on Discord https://discord.gg/Pc8HG9x

Thanks for the contribution. It has been approved.


Need help? Write a ticket on https://support.utopian.io.
Chat with us on Discord.

[utopian-moderator]

Nice write up man. Really informing @quochuy.
I did something on phishing too , its really nice check it out.
https://steemit.com/phishing/@kamiikazer/anti-phisphing

This post has been just added as new item to timeline of Steemed Phish Extension on Steem Projects.

If you want to be notified about new updates from this project, register on Steem Projects and add Steemed Phish Extension to your favorite projects.

i would like to bring you witness to my w/(h) ea L/L (t/h) D https://steemit.com/g0fig/@xubrnt/ned-steemit