npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

scam-detector

v1.1.0

Published

Fast, accurate scam detection for images, text, and links. Catches fake celebrity tweets, casino screenshots, QR phishing, Discord Nitro scams, phishing links, and more.

Readme

scam-detector

Fast, accurate scam detection for images, text, and links.

npm Node.js TypeScript License: MIT


Features

| Category | What it catches | |---|---| | 🖼️ Image scams | Fake celebrity tweets (Elon Musk, MrBeast), casino "Withdrawal Success" screenshots, QR code phishing, fake giveaway images, fake Discord Nitro / Steam gift screenshots | | 📝 Text scams | Phishing messages, crypto scams, prize-winner cons, account-suspension threats, tech-support scams, job scams, romance scams | | 🔗 Link / URL | Phishing links, typosquatting, homoglyph attacks, known phishing domains, suspicious TLDs, open redirects, malicious URL shorteners |

Two detection modes:

  • Heuristic (default) — zero dependencies, fully offline, instant results
  • AI mode — GPT-4 Vision for image analysis, GPT-4o-mini for text — 95%+ accuracy (requires your OpenAI API key)

Installation

npm install scam-detector
# or
pnpm add scam-detector
# or
yarn add scam-detector

Node ≥ 18 required (uses native fetch).


Quick Start

import { detect } from 'scam-detector';

// Auto-detect input type
const result = await detect("Congratulations! You've won a $500 Amazon gift card. Click here to claim.");
console.log(result.isScam);     // true
console.log(result.confidence); // 0.87
console.log(result.types);      // ['prize_winner']
console.log(result.severity);   // 'high'
console.log(result.reasons);    // ['Unsolicited prize winner claim', ...]

API

detect(input, options?) — auto router

The simplest entry point. Automatically routes to the right detector based on input type.

import { detect } from 'scam-detector';

// String that looks like a URL → link detection
await detect('https://discord-nitro.com/free-gift');

// Buffer/Uint8Array → image detection
await detect(imageBuffer, { openaiApiKey: 'sk-...' });

// Any other string → text detection (also scans embedded URLs)
await detect('Your account has been suspended. Verify now: http://paypa1.com');

detectText(text, options?) — text analysis

import { detectText } from 'scam-detector';

const result = await detectText(
  "ELON MUSK GIVEAWAY: Send 1 BTC, get 2 back! Limited time only!",
  { openaiApiKey: process.env.OPENAI_API_KEY } // optional
);

Options:

| Option | Type | Description | |---|---|---| | openaiApiKey | string | Enables AI-enhanced analysis via GPT-4o-mini | | customPatterns | RegExp[] | Additional patterns to flag as scams | | whitelistDomains | string[] | Domains to never flag |


detectLink(url, options?) — URL / link analysis

import { detectLink } from 'scam-detector';

const result = await detectLink('http://paypa1.com/login');
// { isScam: true, confidence: 0.92, types: ['homoglyph_attack'], ... }

What it checks:

  • Known phishing domain database
  • Typosquatting against 30+ popular domains (Levenshtein distance)
  • Homoglyph attacks (paypa1.com, disc0rd.com, etc.)
  • High-risk free TLDs (.tk, .ml, .ga, .xyz, etc.)
  • IP-address hosts
  • Excessive subdomains
  • Open redirect parameters
  • Scam keywords in path/query
  • URL shorteners hiding the real destination
  • Non-HTTPS connections

detectImage(image, options?) — image analysis

import { detectImage } from 'scam-detector';
import { readFileSync } from 'fs';

const imageBuffer = readFileSync('./suspicious-screenshot.png');

// Heuristic only (filename + caption signals, no API key)
const r1 = await detectImage(imageBuffer, {
  filename: 'withdrawal-success-5000usd.jpg',
  caption: 'Casino payout approved!',
});

// AI mode — full GPT-4 Vision analysis
const r2 = await detectImage(imageBuffer, {
  openaiApiKey: process.env.OPENAI_API_KEY,
  filename: 'elon-musk-bitcoin-giveaway.png',
});

Accepts:

  • Buffer — from fs.readFile, axios responses, etc.
  • Uint8Array — from fetch / Web APIs
  • string — raw base64 or data:image/...;base64,... data URL

Options:

| Option | Type | Description | |---|---|---| | openaiApiKey | string | Enables GPT-4 Vision (highest accuracy) | | filename | string | Filename for heuristic signals | | caption | string | Alt text / caption for heuristic analysis | | timeout | number | OpenAI request timeout in ms (default 30000) |


Detection Result

All detectors return a DetectionResult:

interface DetectionResult {
  isScam: boolean;           // Primary verdict
  confidence: number;        // 0.0 – 1.0
  types: ScamType[];         // Detected scam categories
  reasons: string[];         // Human-readable explanations
  severity: Severity;        // 'low' | 'medium' | 'high' | 'critical'
  scores: Record<string, number>; // Raw signal scores for debugging
}

ScamType values

fake_celebrity_tweet · crypto_scam · casino_withdrawal · qr_phishing · fake_giveaway · discord_nitro · steam_gift · phishing_link · phishing_text · account_suspension · prize_winner · investment_scam · romance_scam · tech_support_scam · job_scam · suspicious_url · homoglyph_attack · typosquatting · malicious_shortlink · unknown


Usage Examples

Discord bot moderation

import { detect } from 'scam-detector';

client.on('messageCreate', async (msg) => {
  const result = await detect(msg.content);
  if (result.isScam && result.severity !== 'low') {
    await msg.delete();
    await msg.channel.send(`🚨 Scam blocked: ${result.reasons[0]}`);
  }
});

Image upload validation

import { detectImage } from 'scam-detector';

app.post('/upload', async (req, res) => {
  const result = await detectImage(req.file.buffer, {
    openaiApiKey: process.env.OPENAI_API_KEY,
    filename: req.file.originalname,
  });

  if (result.isScam) {
    return res.status(400).json({
      error: 'Scam content detected',
      details: result.reasons,
    });
  }
  // proceed with upload...
});

Batch URL scanning

import { detectLink } from 'scam-detector';

const urls = [
  'https://discord-nitro.com/free-gift',
  'https://paypa1.com/login',
  'https://github.com',
];

const results = await Promise.all(urls.map((url) => detectLink(url)));
const flagged = results.filter((r) => r.isScam);
console.log(`${flagged.length}/${urls.length} URLs flagged as scams`);

Accuracy

| Mode | Image | Text | Links | |---|---|---|---| | Heuristic only | ~60–70% | ~80–90% | ~85–95% | | + AI (OpenAI key) | 95%+ | 95%+ | 85–95% |

Link detection is entirely heuristic and requires no API key.


Privacy

  • Heuristic mode: 100% local — no data leaves your machine.
  • AI mode: Image/text content is sent to OpenAI's API for analysis. Review OpenAI's privacy policy before processing sensitive data.

License

MIT © scam-detector contributors