Skip to content

feat: re-add phishing detection configuration with separate fuzzy matching toggle #63

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: prod
Choose a base branch
from
Open

feat: re-add phishing detection configuration with separate fuzzy matching toggle #63

wants to merge 6 commits into from

Conversation

@brenopolanski
Copy link
Contributor

@brenopolanski brenopolanski commented Oct 30, 2025
edited
Loading

Summary

Re-adds the phishing detection configuration feature from v0.8.6 with an enhanced implementation that separates fuzzy matching into its own toggle.

New Settings:

  • settings:phishingDetector (default: true) - Master switch to enable/disable all phishing detection
  • settings:phishingFuzzyMatch (default: false) - Toggle for approximate/spelling-based impersonation detection

Preview

Screenshot from 2025-10-30 15-38-19

Tests

  • Keep "Enable phishing detection" ON
  • Toggle "Enable fuzzy matching" ON
Screenshot from 2025-10-30 22-34-56

Try accessing:

False positive:

// Legitimate domains that might be in the fuzzy list:
"coinbase.com"   // Popular exchange
"coingecko.com"  // Market data
"coinmarketcap.com" // Market rankings
"coin98.com"     // Wallet/DeFi platform

// User visits:
"coin360.com"

// Levenshtein distances:
levenshtein.get("coinbase.com", "coin360.com")
// coinbase.com  = 12 chars
// coin360.com   = 11 chars
// Need to: delete 'b','a','s','e', insert '3','6','0'
// Distance = ~7 (too different, won't match)

levenshtein.get("coingecko.com", "coin360.com")
// coingecko.com = 13 chars
// coin360.com   = 11 chars
// Need to: replace 'gecko' with '360'
// Distance = ~5 (too different, won't match)

levenshtein.get("coin98.com", "coin360.com")
// coin98.com  = 10 chars
// coin360.com = 11 chars
// coin98  vs coin360
// Replace '98' with '360' (2 chars removed, 3 added)
// Distance = ~3 (might match!)

if (distance <= 3) → ⚠️ POSSIBLE FALSE POSITIVE

@brenopolanski brenopolanski marked this pull request as draft October 30, 2025 18:18
@brenopolanski brenopolanski changed the title [DRAFT] feat: re-add phishing detection configuration with separate fuzzy matching toggle feat: re-add phishing detection configuration with separate fuzzy matching toggle Oct 30, 2025
@brenopolanski brenopolanski marked this pull request as ready for review October 31, 2025 01:10
@treeoflife2 treeoflife2 self-requested a review October 31, 2025 15:53
@brenopolanski brenopolanski mentioned this pull request Nov 3, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@treeoflife2 treeoflife2 treeoflife2 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@brenopolanski @treeoflife2