About ScamLens

Mission

Phishing, fake-bank pages, and fraudulent investment schemes work because they look real at a glance. Blocklists catch the ones security teams have already reported — scammers just spin up new domains. ScamLens pairs a classic DNS sinkhole with a real-time AI verdict, so fresh scams get caught the first time anyone loads them.

How the AI works

When our DNS resolver sees a domain it has never scored, the query is still answered instantly — from upstream — so you don't wait. In the background, a headless browser loads the page, captures the HTML and a screenshot, and asks a vision-enabled model (Claude by default, Gemini optional) to flag scam patterns: fake login forms, urgency tactics, typosquatting, prize scams, and credential theft. The verdict is cached, so the second visitor gets blocked instantly.

What we log

• Blocked domain, timestamp, and the reason the AI gave.
• The querying client IP, for abuse/rate-limit protection only.
• No full query logs. No cleartext browsing history. No payloads.

Safe by default

Unknown domains are forwarded, not blocked. The AI only sinkholes a domain after classifying it as scam with high confidence. You can report false positives on the report page.