Look-alike domains
Punycode tricks, brand names buried in subdomains, typosquats, and credential pages living on off-brand domains.
v0.1.0 Β· MV3 browser extension Β· MIT license
Fraud Watch is a local-first fraud-defense extension. It watches for high-risk moments β fake logins, wallet-seed grabs, scareware popups β runs deterministic detectors entirely on your device, and shows a calm, specific warning before harm occurs. Nothing leaves your browser.
Fraud Watch isn't on the extension stores yet, so you load the release build yourself. It's a normal developer-mode install β no build tools needed.
manifest.json.chrome://extensions and switch on Developer mode (top right).about:debugging#/runtime/this-firefox.Firefox removes temporary add-ons when it closes, so you'll reload it each session. A signed permanent build is planned once the extension is submitted to addons.mozilla.org.
Independent analyzers each score the page; a weighted policy engine turns those scores into one 1β10 site rating and, when needed, an inline warning you can always override.
Punycode tricks, brand names buried in subdomains, typosquats, and credential pages living on off-brand domains.
Login, payment, bank, tax, and crypto-seed intent β and forms that quietly submit your credentials to a different origin.
Fake system warnings, "call Microsoft now" remote-support scripts, and fullscreen lock-in attempts.
Bonus: a user-triggered AI-text detector highlights suspected AI-written content inline with a 0β100 score β fully offline by default.
The whole design starts from one rule: you should feel protected without being watched.