I used to refer loads of people to Badbitcoin.org in a time when there were loads of scams doing the rounds. (Ponzi schemes and scam ICOs and also Phishing sites)
Topic: Anti fraud / scam tools for Bitcoin - UPDATES! (Read 356 times)
There was a site called, Badbitcoin.org that did something similar. It started way back in 2014 and they lost interest in the project, so it is not being updated anymore. I hope the same thing is not going to happen with your pet project, once you finish with your studies and then go onto something else.
I used to refer loads of people to Badbitcoin.org in a time when there were loads of scams doing the rounds. (Ponzi schemes and scam ICOs and also Phishing sites)
I used to refer loads of people to Badbitcoin.org in a time when there were loads of scams doing the rounds. (Ponzi schemes and scam ICOs and also Phishing sites)
------ NEWS/UPDATES (14 July 2023) --------
4. The algorithm now responds in real time. The inference calculation on an address, if it hasn't been in the database for the last three months, is now calculated on the fly.
You are welcome to list features you would like to see on our site!
/Michele
4. The algorithm now responds in real time. The inference calculation on an address, if it hasn't been in the database for the last three months, is now calculated on the fly.
You are welcome to list features you would like to see on our site!
/Michele
------ NEWS/UPDATES (4 July 2023) --------
1. Login removed! This change is based on numerous requests and concerns we received from various channels.
2. Scam Search Engine Section Added: We now report results from google.com, reddit.com, and ChainAbuse.
3. A technical document explaining the technology behind our service has been published on our main page.
/Michele
1. Login removed! This change is based on numerous requests and concerns we received from various channels.
2. Scam Search Engine Section Added: We now report results from google.com, reddit.com, and ChainAbuse.
3. A technical document explaining the technology behind our service has been published on our main page.
/Michele
Dear Mr. Magkaisa,
Thank you for your inquiry. The purpose of our platform is to provide a tool that calculates a score on the likelihood that a given address has been used for fraudulent activities or scam APPs (Authorized Push Payment), i.e., those scams where the user is convinced to send funds.
We believe it's always beneficial to test an address before sending funds, especially if you are not an experienced user or unfamiliar with the counterparty. I hope this clarifies our platform's objective.
PS: We previously required registration to limit platform access, but we have removed it based on user feedback.
Best regards,
Michele
Thank you for your inquiry. The purpose of our platform is to provide a tool that calculates a score on the likelihood that a given address has been used for fraudulent activities or scam APPs (Authorized Push Payment), i.e., those scams where the user is convinced to send funds.
We believe it's always beneficial to test an address before sending funds, especially if you are not an experienced user or unfamiliar with the counterparty. I hope this clarifies our platform's objective.
PS: We previously required registration to limit platform access, but we have removed it based on user feedback.
Best regards,
Michele
- I don't really understand the catch of that platform, please correct me, maybe I misunderstood. Is the function of the site platform to tell if the address we paste on their website is to know if it is still safe or not?
Is that what it means? Is it far from the risk of being hacked or phishing? is that right? Then I don't see any log-in or sign-up either. I don't care what this site platform that OP posted here can really help with?
Is that what it means? Is it far from the risk of being hacked or phishing? is that right? Then I don't see any log-in or sign-up either. I don't care what this site platform that OP posted here can really help with?
Thank you NotATether for your feedback!
Based on your numerous requests, we have removed the login requirement from our service: https://carscore.io
Now you can access the scores and information simply by browsing the website without any restrictions.
Furthermore, we are working on creating a comprehensive FAQ section that will contain a technical document explaining the functionality and workings of our service. This document will provide detailed insights into what our service does and how it accomplishes it.
We appreciate your ongoing support and encourage you to continue providing us with your suggestions and feedback. Your input helps us improve and shape the website according to your needs.
Michele
Based on your numerous requests, we have removed the login requirement from our service: https://carscore.io
Now you can access the scores and information simply by browsing the website without any restrictions.
Furthermore, we are working on creating a comprehensive FAQ section that will contain a technical document explaining the functionality and workings of our service. This document will provide detailed insights into what our service does and how it accomplishes it.
We appreciate your ongoing support and encourage you to continue providing us with your suggestions and feedback. Your input helps us improve and shape the website according to your needs.
Michele
Ideally, the service shouldn't require any login even, and should be able to be used as a guest. Sure, this means more network infrastructure is required to prevent DDoS, but this is an important service to have anyway, so it works out. Also an API + a detailed list of components and their sub scores in addition to the main score will serve to be useful to determine what are the specific problems with this address.
Thank you for the feedback. Based on your responses, we've built a small roadmap.
1. In a few days, we will remove the login and introduce Google reCAPTCHA v3.
2. As a further step, we'll then add evidence from third-party sites like BitcoinAbuse and BitcoinWhosWho (if you have other sites you'd be interested in integrating, feel free to write to us here!).
The third stage of the roadmap involves adding more cryptocurrencies, but the work required to find reliable data and train a machine learning algorithm is on the order of 3-6 months, so it will be a development that we can undertake later on if the service should be used in the meantime.
Talk to you soon!
1. In a few days, we will remove the login and introduce Google reCAPTCHA v3.
2. As a further step, we'll then add evidence from third-party sites like BitcoinAbuse and BitcoinWhosWho (if you have other sites you'd be interested in integrating, feel free to write to us here!).
The third stage of the roadmap involves adding more cryptocurrencies, but the work required to find reliable data and train a machine learning algorithm is on the order of 3-6 months, so it will be a development that we can undertake later on if the service should be used in the meantime.
Talk to you soon!
hero member
Activity: 2590
Merit: 650
Want top-notch marketing for your project, Hire me
The concept of this creation is good because it will help a lot of Bitcoin users and investors from being other victims of fraud but it will be nice if the area aspect of sign-in before using the tool is removed because it is a turnoff for me personally since some platform use the idea to collect cryptocurrency enthusiasts email which they later sell.
Second, it will be good if you could extend to tool capacity to the most or at least top 10 crypto and the time span it can bark.
Second, it will be good if you could extend to tool capacity to the most or at least top 10 crypto and the time span it can bark.
We use AI that has been trained with 10,000 addresses from user fraud reports (at least 10 reports on an address) as well as fraudulent addresses labeled by chain analysis experts provided by elliptic.co. A fraudster can change their address with each transaction, although this doesn't always seem to be the case. For instance, if they run email SPAM campaigns, they always use the same address, not a different one for each email.
So, it's reasonable for someone sending money to question if an address with 0 transactions isn't already an indication.
It's like buying from a supplier with 0 reviews on eBay or Amazon. A "unrated" creditor isn't the pinnacle of reliability, so while we may not classify them, this does not make them reliable, quite the opposite.
\M
So, it's reasonable for someone sending money to question if an address with 0 transactions isn't already an indication.
It's like buying from a supplier with 0 reviews on eBay or Amazon. A "unrated" creditor isn't the pinnacle of reliability, so while we may not classify them, this does not make them reliable, quite the opposite.
\M
I am very curious to know how you determine that a Bitcoin address are fraudulent or not? Do you only use AI algorithms or do you get data from people who has been scammed?
Why would a skilled fraudster re-use a Bitcoin address that were used for a scam? It is very easy to generate several paper wallets in seconds and then dispose of it, once it was used and swept to another wallet and pushed through a Mixer service.
Why would a skilled fraudster re-use a Bitcoin address that were used for a scam? It is very easy to generate several paper wallets in seconds and then dispose of it, once it was used and swept to another wallet and pushed through a Mixer service.
Thanks for the feedback! We are updating the FAQ section.
It was written by a colleague who works in marketing, and we are now reviewing the content!
We were considering a roadmap where we could also incorporate different kinds of information.
When you mention more traditional tools providing information on the possibility of fraud, what exactly are you referring to? For example, bitcoinabuse.com?
Could you provide me with a brief list of tools that you currently use to determine whether an address is a scam and that you'd like to see also embedded in our service?
This would be very useful for us, thank you so much!
It was written by a colleague who works in marketing, and we are now reviewing the content!
We were considering a roadmap where we could also incorporate different kinds of information.
When you mention more traditional tools providing information on the possibility of fraud, what exactly are you referring to? For example, bitcoinabuse.com?
Could you provide me with a brief list of tools that you currently use to determine whether an address is a scam and that you'd like to see also embedded in our service?
This would be very useful for us, thank you so much!
There is no source from which we take data, no user reports,
But your FAQ section says otherwise [you might want to edit those parts (e.g. this)]!Now, if an address has at least 3 transactions in 6 months, our AI can "bark"! :-)
Considering that some of the scammers tend to move their assets after a year or two, I think you should extend the period in which your AI barks 
Similar technologies are used in advanced anti-fraud systems across the payment industry.
You're correct, but it's worth noting that there are a lot of false positive results as well [unfortunately].Through your own experience, you can gauge whether its predictive capabilities are of value to the community.
IMO, there's value in it, but I'd still combine it with the traditional tools.
Thank you for giving me the chance to clarify this. Our research, as a part of our master's program at Politecnico, has been devoted to the analysis of Bitcoin transaction records. We aimed to discern whether it's possible to identify fraudulent behavior just by scrutinizing these transactions. Our results were encouraging; we look solely at the transaction record, not at the network of interconnected transactions, at least in this phase.
In terms of the algorithm, here's a bit more detail. From a transaction record, we derive roughly 200 attributes or 'features.' Some of these are proprietary, but most can be shared. They include the average of received and sent amounts over different time periods (day, week, month), as well as the minimum and maximum amounts received and sent. We also look at the frequency of transactions. These are mostly simple statistical metrics, though some more complex features are also calculated from the transaction record.
At this point, our artificial intelligence (AI) steps in. It's been trained to take all these factors into account and understand which are the most significant in identifying a fraudster's behavior. As for how the AI makes these decisions, it's a bit of a black box – hence why machine learning algorithms are often referred to as 'unexplainable.' The AI surpasses human ability to evaluate large amounts of statistical data, making it an ideal tool for tasks like this one. Similar technologies are used in advanced anti-fraud systems across the payment industry.
To summarize, our process works as follows:
1. For a given address, we examine the transaction history.
2. We calculate roughly 200 statistical metrics related to that address and pass this data to an algorithm, which has been trained to spot the telltale signs of a fraudulent actor.
The exact way the algorithm weighs each of these metrics, and why, is something that remains opaque to us. We know that during training, the algorithm adjusted the weights of the features, looking for the combination that was most successful in identifying fraudulent behavior from the pool of 10,000 addresses (good and bad) that we used for training it.
At this juncture, I would recommend that you give it a try: https://carscore.io . Through your own experience, you can gauge whether its predictive capabilities are of value to the community. That's the very reason we embarked on this project. See you soon! /M
In terms of the algorithm, here's a bit more detail. From a transaction record, we derive roughly 200 attributes or 'features.' Some of these are proprietary, but most can be shared. They include the average of received and sent amounts over different time periods (day, week, month), as well as the minimum and maximum amounts received and sent. We also look at the frequency of transactions. These are mostly simple statistical metrics, though some more complex features are also calculated from the transaction record.
At this point, our artificial intelligence (AI) steps in. It's been trained to take all these factors into account and understand which are the most significant in identifying a fraudster's behavior. As for how the AI makes these decisions, it's a bit of a black box – hence why machine learning algorithms are often referred to as 'unexplainable.' The AI surpasses human ability to evaluate large amounts of statistical data, making it an ideal tool for tasks like this one. Similar technologies are used in advanced anti-fraud systems across the payment industry.
To summarize, our process works as follows:
1. For a given address, we examine the transaction history.
2. We calculate roughly 200 statistical metrics related to that address and pass this data to an algorithm, which has been trained to spot the telltale signs of a fraudulent actor.
The exact way the algorithm weighs each of these metrics, and why, is something that remains opaque to us. We know that during training, the algorithm adjusted the weights of the features, looking for the combination that was most successful in identifying fraudulent behavior from the pool of 10,000 addresses (good and bad) that we used for training it.
At this juncture, I would recommend that you give it a try: https://carscore.io . Through your own experience, you can gauge whether its predictive capabilities are of value to the community. That's the very reason we embarked on this project. See you soon! /M
The analogy I could use is that of police dogs trained to sniff out drugs. They undergo training where they're conditioned to recognize certain smells and situations. Then, when they're used in the field, they've developed the ability to identify new situations they've never encountered before. Machine Learning works in the same way. We've trained our electronic "sniffer" using a database from elliptic.co and bitcoinabuse.
Dog training is known for way longer, and the trainer can explain the way they train it as far as I'm aware. I don't think you can say the same thing if you just say "our machine learning works by reading some data" without adding some context. For example, giving reasons why the number X or Y is safe, and which transaction is considered suspicious, and so on. I do think there is a formula or algorithm at play even if you use AI. The basic one would be "transaction linked to previously known scammer address is likely to be a scammer", or something similar. CMIIW.
Ok, we'll work on the login feature.
I understand the reluctance to use a non-deterministic algorithm, especially if not all users have a basic understanding of AI. The analogy I could use is that of police dogs trained to sniff out drugs. They undergo training where they're conditioned to recognize certain smells and situations. Then, when they're used in the field, they've developed the ability to identify new situations they've never encountered before. Machine Learning works in the same way. We've trained our electronic "sniffer" using a database from elliptic.co and bitcoinabuse.
Now, if an address has at least 3 transactions in 6 months, our AI can "bark"! :-)
I understand the reluctance to use a non-deterministic algorithm, especially if not all users have a basic understanding of AI. The analogy I could use is that of police dogs trained to sniff out drugs. They undergo training where they're conditioned to recognize certain smells and situations. Then, when they're used in the field, they've developed the ability to identify new situations they've never encountered before. Machine Learning works in the same way. We've trained our electronic "sniffer" using a database from elliptic.co and bitcoinabuse.
Now, if an address has at least 3 transactions in 6 months, our AI can "bark"! :-)
Thank you all, but please bear in mind that there's no formula behind it, it's an application of artificial intelligence and machine learning. At the moment, an ensemble of XGBoost and Logistic Regression is used for inference. There is no source from which we take data, no user reports, no averaging or summing of external opinions. The algorithm was calibrated using mostly data from Elliptic on Kaggle and from Bitcoinabuse data filtered for at least 5 or 10 reports.
Your score will be like many scores from many review websites. If they don't public their formulas, source code, you will no be able to check the reasonable formula and its accuracy.
There are some websites to get community warnings, reports labels about tagged scam addresses. Those tags are from community reports, tags so they can be inaccurate. Like Trust Rating on Trust pilot and the likes. We can use them for references but validity and accuracy are unknown.
https://bitcoinwhoswho.com/tags
https://insight.is/
https://github.com/janoside/btc-rpc-explorer
There are some websites to get community warnings, reports labels about tagged scam addresses. Those tags are from community reports, tags so they can be inaccurate. Like Trust Rating on Trust pilot and the likes. We can use them for references but validity and accuracy are unknown.
https://bitcoinwhoswho.com/tags
https://insight.is/
https://github.com/janoside/btc-rpc-explorer
We can predict behavior before the address is reported somewhere. Our thesis is based on the analysis of an address's account statement and we have trained artificial intelligence to recognize the usage pattern of an address through various sources (elliptic.co, kaggle, bitcoinabuse).
Does your AI also contribute exclusively to search output, I mean without involving the valuation of the three sites you use?I'm also curious about each ranking from the most risky to the safest, for example you gave an example of 76/100 for a safe ranking label, then what about the labels if it's 53, 99 or something else? I recommend that you also provide detailed descriptions of ranking on that page. I see a lot of space available there.
Yes, there is no registration, only login. For now, login with email and password is disabled and you can only log in with Google. Once you do that, paste the address you are interested in verifying. If we have recently analyzed it, we give you the score immediately, if not, we have to calculate it. Today we calculate all addresses at 00 CEST, but one proposal could be to calculate new addresses every hour for now since usage is very limited. What do you think?
Firstly, thank you all so much for your contributions, this exchange is extremely useful for us. A clarification: our research is different from what you do on Google. We have trained an AI to recognize a behavior. We do not search for that specific address anywhere, we ask the AI if, in its opinion, the behavior of that address seems suspicious compared to how we trained it.
Firstly, thank you all so much for your contributions, this exchange is extremely useful for us. A clarification: our research is different from what you do on Google. We have trained an AI to recognize a behavior. We do not search for that specific address anywhere, we ask the AI if, in its opinion, the behavior of that address seems suspicious compared to how we trained it.
Jump to: