Fraud

Posts tagged with Fraud.

Evoluindo o HADES

04 Jan 2026

Este post descreve a evolução do HADES na detecção de URLs fraudulentas sem depender de serviços pagos.
O foco foi fortalecer a detecção com código próprio, heurísticas locais (PT/BR) e fontes públicas abertas, mantendo controle total do pipeline.

Nota: o CNPJ presente nos exemplos foi alterado para 11917932300169.
O objetivo é ilustrar o caso, não expor pessoas físicas ou jurídicas reais.

1) Problema inicial: heurística simples falha com golpes locais

O HADES usava regras simples: palavras suspeitas em inglês (login/verify), HTTP sem TLS, IP na URL, subdomínios excessivos e domínio recém-registrado.
Essas regras funcionam para exemplos didáticos, mas falham com golpes brasileiros.

Evolving HADES

04 Jan 2026

This post describes how HADES evolved to detect fraudulent URLs without relying on paid services.
The focus was to strengthen detection with in-house code, local heuristics (PT/BR), and open public sources, while keeping full control of the pipeline.

Note: the CNPJ used in the examples was changed to 11917932300169.
The goal is to illustrate the case, not to expose real individuals or companies.

Note #2: CNPJ is the Brazilian business tax ID, similar to the EIN in the U.S.

Update: Email (.eml) Analysis with FraudTalon

28 Jun 2025

FraudTalon just took another important step.

I’m only able to work on FraudTalon a few hours per week, but I’m committed to making steady progress and sharing weekly updates.0

Starting today, you can upload .eml files directly through the interface, and the system will run a complete analysis using a combination of email security heuristics and artificial intelligence.

fraudtalon-banner

The pipeline now works like this:

  • Automatic .eml parsing with extraction of headers, sender, recipient, subject, and body
  • Heuristic evaluation with signals such as:
    • Mismatch between From, Reply-To, and Return-Path
    • Authentication failures (DKIM, SPF, DMARC)
    • Relaying through unknown servers
  • AI analysis (via OpenAI) that takes into account the full textual content
  • Final score with a breakdown of suspicious indicators

This update makes FraudTalon a much more powerful tool for analyzing suspicious emails like phishing, Pix scams, or fake investment offers.

Fighting online fraud with FraudTalon

20 Jun 2025

After getting so many messages from my parents, wife, sister, and friends asking if emails or ads they saw on social media were legit, I decided to build a tool to help identify fraud, scams, and phishing attempts.

That’s how FraudTalon was born.

It’s currently in MVP version 0.0.1 — basic functionality, simple heuristics (I started with NLP but dropped it — not needed for now), and a single cloud-based LLM. The goal at this stage is to validate the idea.