experimental: in page scam warning #5035
Conversation
|
I'm not sure how this works – is it based on a denylist in which this iOS URL in particular is manually included and maintained by us? It might be more scalable / effective to detect scams based on heuristics rather than static URL lists. E.g. any iOS store visit that has the word "Leather" in the app title (that's not us) should be flagged. |
This. Would like to keep this simple though. Building a general scam detector seems infeasible to me, both in terms of required work and likelihood of false positive. It'd be fun to try, though. We could use the GPT4 API to query each user page visit, and get it to return a scam probability score where we show the banner on results scoring 50 or above? |
|
Let's turn this into a project page in Notion so we can figure out the scope there and figure out relative priority, etc? I'm not sure we need to go as far as using AI for this; I'm thinking a simpler set of heuristics could get us pretty far, perhaps in addition to a static list of known malicious URLs. |
|
Also, if you're keen on getting something out quickly here, let's do two things:
|
|
This looks great @mica000 — though, are there ways we can warn users earlier than this? At this point, they've already interacted with the scam site. Also note that this new scam site doesn't actually interact with the extension, it just asks for the user's mnemonic. |
|
Got it! How about these two triggers @kyranjamie and @fabric-8?
|
This PR demos a prototype scam prevention feature that injects content to the page when an extension user visits a known massive scam.
2024-03-06-000125.mp4
cc/ @mica000 @fabric-8 @markmhendrickson