chrome extension
phishhook
real-time scam post detection on instagram, facebook, twitter, and reddit - ml risk badge injected directly into each post, no page reload required
text model
TF-IDF (50k features, unigrams + bigrams) + logistic regression. Trained on 199 extension-collected Instagram posts fused with 36k DIFrauD samples across phishing, job scam, and SMS fraud domains.
metadata model
Logistic regression over 15 engagement and account features: follower/following counts, post frequency, like/comment ratios, verified status, account age, and URL density.
fusion
Weighted probability fusion (70% text, 30% metadata) via logit combination. Three-label output: safe / suspicious / scam, with probability bands tuned to minimise false positives on ambiguous content.
risk badge injection
colored safe/suspicious/scam pill injected inline into each post header. survives SPA navigation via MutationObserver.
full analysis overlay
360px right-panel overlay with model scores, risk phrase detection, profile data, comment breakdown, and raw JSON payload viewer.
profile scraping
service worker opens a hidden background tab to extract account age, country, former usernames, and follower counts from 'About this account'.
data collection mode
toggle to label posts as scam/suspicious/safe. streams to a local receiver server for continuous training data collection.
4 platforms
instagram, facebook, twitter/x, and reddit. platform-specific DOM extractors with shared inference pipeline.
fully on-device
both models serialized as JSON and bundled with the extension. no external API calls for inference - all classification runs in the service worker.