You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When an user sends links, use Google Safe Browsing to analyze all of them. Can fetch the safe-browsing database and store it locally. Maybe fetching the database remotely every 5 minutes is good enough?
Follow redirects (URL shorteners).
Maybe avoid analyzing links to popular websites like twitter.com, github.com and many populars (whitelist).
(?) Filter application links, as an option (for example ms-cxh-full://0 when executed, opens a black window covering the screen, hard to eliminate).
(?) Deep analysis. For example, fetch the remote link, if it contains content related to trading a CS:GO item, and it's not in the real steam community website. Same for Discord gifts, those are pretty common, so maybe it's worth implementing.
(??) Analyze exe files, maybe using VirusTotal? (This condition is really intensive), or maybe prevent any scripts/executables to be sent? (as an option, it would be good)
NOTE: When fetching a remote website (for deep analysis), it should be better to use a legit user-agent (Chrome, Firefox), because some scam sites attempt to detect bots from user-agent and blacklist them
The text was updated successfully, but these errors were encountered:
Though about using https://developers.google.com/safe-browsing to detect phishing links.
Conditions:
ms-cxh-full://0when executed, opens a black window covering the screen, hard to eliminate).NOTE: When fetching a remote website (for deep analysis), it should be better to use a legit user-agent (Chrome, Firefox), because some scam sites attempt to detect bots from user-agent and blacklist them
The text was updated successfully, but these errors were encountered: