{"id":10850,"library":"eth-phishing-detect","title":"Ethereum Phishing Domain Detector","description":"The `eth-phishing-detect` utility is a JavaScript library designed to identify and block domains known for targeting Ethereum users with phishing attacks. Maintained by MetaMask, it provides an up-to-date list of malicious websites, actively evolving its blocking policy to include sites that impersonate established services or attempt to collect cryptocurrency keys. The package is currently at version `1.2.0` and was last published about 4 years ago (as of April 2026), with prior versions indicating a more active cadence for configuration updates. It differentiates itself through its direct integration and maintenance by a major wallet provider, offering a robust and proactive defense mechanism against specific web3-related threats. Developers can use it to integrate real-time phishing detection into their applications, enhancing user security by preventing access to known harmful sites.","status":"active","version":"1.2.0","language":"javascript","source_language":"en","source_url":"https://github.com/MetaMask/eth-phishing-detect","tags":["javascript"],"install":[{"cmd":"npm install eth-phishing-detect","lang":"bash","label":"npm"},{"cmd":"yarn add eth-phishing-detect","lang":"bash","label":"yarn"},{"cmd":"pnpm add eth-phishing-detect","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Core dependency for phishing detection logic and data management.","package":"@metamask/phishing-controller","optional":false},{"reason":"Likely used for fuzzy matching domains to detect variations of known phishing sites.","package":"fastest-levenshtein","optional":false}],"imports":[{"note":"The main entry point is a default export in ESM, and a direct module export in CJS. Avoid destructuring for CJS.","wrong":"const { checkForPhishing } = require('eth-phishing-detect')","symbol":"checkForPhishing","correct":"import checkForPhishing from 'eth-phishing-detect'"},{"note":"The README's CJS example uses `require('eth-phishing-detect/src/detector')`. For ESM and stability, import from `eth-phishing-detect/detector`.","wrong":"const PhishingDetector = require('eth-phishing-detect/src/detector')","symbol":"PhishingDetector","correct":"import { PhishingDetector } from 'eth-phishing-detect/detector'"},{"note":"This specific path is provided in the README for CommonJS advanced usage. While it uses `src/`, it's the documented CJS path for this class.","symbol":"PhishingDetector (CommonJS)","correct":"const PhishingDetector = require('eth-phishing-detect/src/detector')"}],"quickstart":{"code":"import { PhishingDetector } from 'eth-phishing-detect/detector';\n\n// Example configuration (these are just illustrative values)\nconst whitelist = ['mylegitwallet.com'];\nconst blacklist = ['fakephishingsite.net'];\nconst fuzzylist = ['fuzzyphishing.io'];\nconst tolerance = 2;\n\nconst detector = new PhishingDetector({\n  whitelist,\n  blacklist,\n  fuzzylist,\n  tolerance\n});\n\n// Check a known phishing domain\nconst resultPhishing = detector.check('fakephishingsite.net');\nconsole.log('Is fakephishingsite.net phishing?', resultPhishing); \n// Expected: { type: 'blacklist', result: true, url: 'fakephishingsite.net' }\n\n// Check a legitimate domain\nconst resultLegit = detector.check('google.com');\nconsole.log('Is google.com phishing?', resultLegit);\n// Expected: { result: false, url: 'google.com' }\n\n// Check a fuzzy match\nconst resultFuzzy = detector.check('fuzzyphising.io'); // typo 'phising'\nconsole.log('Is fuzzyphising.io phishing?', resultFuzzy);\n// Expected: { type: 'fuzzylist', result: true, url: 'fuzzyphising.io', ... }\n","lang":"typescript","description":"Demonstrates initializing the `PhishingDetector` with custom lists and checking various domains for phishing status, including legitimate, blacklisted, and fuzzy-matched examples."},"warnings":[{"fix":"Review the documentation for `PhishingDetector` constructor when passing an array of configurations. Adjust code to handle the new return value structure (e.g., an array of results instead of a single object).","message":"Version 1.2.0 changed the configuration object and return value if an array of configuration values is passed to the PhishingDetector constructor. While backward compatible for single configuration objects, new usage with arrays will have a different API shape and return type.","severity":"breaking","affected_versions":">=1.2.0"},{"fix":"For CommonJS, use the documented `require('eth-phishing-detect/src/detector')` if you must, but be aware of potential instability. For ESM, prefer `import { PhishingDetector } from 'eth-phishing-detect/detector'` for potentially better stability and compatibility.","message":"The README's advanced usage example for CommonJS directly imports from `eth-phishing-detect/src/detector`. Directly importing from `src/` paths is generally discouraged as they are often internal, unstable, and may change in minor or patch releases, potentially breaking your application.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Integrators should be aware that the underlying blocklist is dynamic. Avoid hardcoding assumptions about specific blocked or whitelisted domains. Regularly check the interactive page or library updates for policy changes.","message":"The blocking policy for phishing domains is constantly evolving and updated by MetaMask. While this ensures up-to-date protection, it means the exact list of blocked domains can change without a new package version, only through configuration updates.","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-19T00:00:00.000Z","next_check":"2026-07-18T00:00:00.000Z","problems":[{"fix":"For CommonJS: `const checkForPhishing = require('eth-phishing-detect')`. For ESM: `import checkForPhishing from 'eth-phishing-detect'`.","cause":"Attempting to import `checkForPhishing` as a named export in CommonJS, or incorrectly destructuring the default ESM import.","error":"TypeError: checkForPhishing is not a function"},{"fix":"For ESM, try `import { PhishingDetector } from 'eth-phishing-detect/detector'`. If using CJS and facing this issue, ensure your build system supports direct `src/` imports or check for an alternative, stable path in the package's `package.json` `exports` field.","cause":"This error can occur in ESM environments or with certain bundler configurations if the `src/` path is not correctly resolved as a subpath export, or if the `detector` module has been refactored.","error":"Cannot find module 'eth-phishing-detect/src/detector'"}],"ecosystem":"npm"}