What's the bot exactly about and how it is working.
SCAMELEON Scam Protection Network
is primarily aimed at larger communities and developer discords, especially of games that are present on Steam who are struggling with scambots. The goal is to provide security between different communities.
As a moderator of an official developer discord of an upcoming PC game, I have to deal with scammers trying to steal the Steam data of users every day.
Out of this problem I came up with the idea to create a bot that specializes in exactly this problem.
In the best case, the bot remains completely passive, but otherwise it is a global ban list that protects your server preventively if a scammer has already been reported.
The bot is checking the server auditlog for ban actions. If a user gets banned with the term "scam" in the reason, the bot comes into effect.
Scam is not case sensitive and can be wrapped in a sentence or another term like "scammer".
As the bot monitors the audit log, it also works in combination with other moderation bots such as Dyno.
To avoid abuse, the bot now evaluates the report value based on the server size. This value is now saved.
If other servers also ban the account because of "scam", their values are added to the existing value. Thus, no single server can trigger the following step.
If the summed report value exceeds a certain level, the user gets ban listed and cannot join any other server that uses this bot.
Another security aspect to avoid abuse is the fact that the banned user must have been on the server to be counted. Banning users who are not on the server has no effect.
For the basic functionality the bot does not need any setup. Once you have invited it to your server, it will work as long as it gets the requested permissions.
Of course, the bot can be customized a bit. You need managing guild permissions to change the settings. All changes can be done in the web interface.
For example, you can enable a logging function that is disabled by default.
You can also set how the bot should react to users from the ban list.
- to kick these users directly when they join (default behaviour) - good security:
- to ban these users directly when they join - best security:
- to enable only a warning in the log channel instead of direct kicking/banning when they join. - low security:
- to disable the functionality of the bot (the ban tracking will continue) - no security:
Users from the ban list will get a short explanation from the bot why they were kicked/banned directly. With the possibility of an appeal to us to be removed from the ban list.
Transparency is important, so here are some explanations about data processing.
What are the permissions needed for?
Kicking and banning
- The bot offers the possibility based on the ban list to prevent users from entering the server by kick or ban. There is no moderation of the already active members.
- During a ban action of a moderator, the bot accesses the server's audit log to check if "scam" is specified in the reason. By retrieving the data via the auditlog, the bot is also compatible with other moderation bots. The bot does not process any other
See channels, write messages, embed links
- This is used to set up the log channel. Also, the bot responds via embed texts. The bot does not process any
text away from its commands.
This data is stored by the bot
Only the ID of the server and its name are stored to allow individual configuration of the server.
For "scam" bans, the server ID is also stored with the associated ban reason to be able to retrace the ban listing in case of an appeal.
In adition, the UserID of the "scammer" is added to the watch- and later ban list.
When you remove the bot from your server, all data will be deleted except for the already registered scammer IDs and the information related to the ban.
Big communities using the bot