Live Threat Feed
Auto-sync a community blocklist of known scam and phishing domains so new scam waves are caught the day they launch.
Scam and phishing domains rotate constantly, so a hand-kept blocklist goes stale fast. The Live Threat Feed auto-syncs a shared community blocklist of known bad domains into your phishing protection, catching new scam waves the day they appear. It is off by default and rides on top of phishing protection.
Commands
The feed feeds exceed's phishing engine, which you control with ,phishing (needs Manage Server):
,phishing enable turn phishing protection on
,phishing action delete what happens to a scam link: delete, warn, timeout, ban
,phishing log #scam-log set the phishing log channel
,phishing block badsite.com block a domain yourself
,phishing allow oursite.com allow a domain (your allow list wins)
,phishing unblock badsite.com remove a domain from either list
,phishing status show config and domain counts
Example
Turn on protection and let the feed handle the rest:
,phishing enable
,phishing action delete
Then open the dashboard's Live Threat Feed page and toggle the feed on (it requires phishing protection). The page shows domains synced and last sync time. Your allow list is always authoritative, so ,phishing allow anything the feed wrongly flags.
Related
- For catching scam images and QR codes, see Image Automod.
- For text-based filters, see Automod.