Steam Sheriff helps gamers using the Steam platform by checking URLs as they are visited to see if they are potentially impersonating a 'brand'.
Malware/Phishing actors make websites that closely resemble a 'brand'. For example, the legitimate Steam website is www.steamcommunity.com. Phishers leverage 'homograph' attacks to trick you to clicking a URL that you think you trust. So, st3amcommunity.com or steamcomunity.com might look legitimate to a human, but very different for a computer.
In order to detect these attacks, Steam Sheriff uses a combination of techniques to find out the 'similarity' of a target compared to a white list. This whitelist are common websites collected from feedback from the community that have also been used in attacks in the past. The list is as follows:
'gyazo.com',
'flickr.com',
'imgur.com',
'photobucket.com',
'tinypic.com',
'dota2lounge.com',
'csgolounge.com',
'steamcommunity.com',
'csgoticket.com',
'csgojackpot.com',
'csgoskins.net',
'mumble.info',
'teamspeak.com',
'raidcall.com',
'ventrilo.com'
This list will be updated periodically as the tactics of the phishers change.
**NOTE**
There might be issues with steamcommunity and websites that use akamai where it wont load resources if its being loaded by content distribution networks (CDNs). If something breaks, please e-mail the contact e-mail listed on this extension page or the warning page.
Features:
- 'Real-time' detection of potential phishing websites
- Option menu when a website is potentially bad
- 'Continue Once' which allows the website to be visited for 5 minutes before Steam Sheriff alerts on it again
- 'Continue & Whitelist' which adds the website to a user-defined whitelist if there is a false positive. This gets cleared if Chrome browser data is cleared
- 'Get me out of here!' Redirect to google.com
Upcoming Features:
- Reporting mechanism
- Configuration page to edit whitelists and blacklists
Reporting:
-If there is ever a false positive, you can report it to steamsheriff@gmail.com. A false positive results from Steam Sheriff thinking that a legitimate website is a bad website.
-If there is ever a false negative, you can report it to steamsheriff@gmail.com. A false negative results from Steam Sheriff *NOT* alerting on a bad website and thinking its a legitimate website.
DONATION!
Please visit https://hackandflash.com/?page_id=110 to donate and help me pay for hosting feeds, app dev time and also paying the my amazing designer/UX friends who help make Steam Sheriff look professional and clean.
谷歌浏览器、其他Chromium内核的浏览器
为打击盗链困扰,本站已启用人机验证
微信扫码关注左侧公众号,发送“插件”二字获得验证码,验证码5分钟全站有效