> ## Documentation Index
> Fetch the complete documentation index at: https://hashbot.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Malicious Link Detection

> Automatically detect and handle phishing, scam, and malicious URLs in messages.

Hashbot can automatically scan messages for known malicious URLs and take action before members click dangerous links. This is a premium feature that uses real-time threat intelligence for URL scanning.

<Check>
  When enabled, Hashbot silently scans every message for known phishing, drainer, and scam URLs — and takes action automatically.
</Check>

### What It Detects

* **Phishing links** — fake login pages impersonating Discord, crypto wallets, exchanges, etc.
* **Drainer sites** — malicious DApps designed to steal cryptocurrency
* **Scam domains** — fake giveaway sites, impersonation domains, and known scam URLs
* **Obfuscated URLs** — shortened links and redirects that resolve to known threats

### Enabling Malicious Link Detection

<Steps>
  <Step title="Open the Dashboard">
    Go to [dashboard.hashbot.com](https://dashboard.hashbot.com), select your server, and navigate to **Settings**.
  </Step>

  <Step title="Enable the toggle">
    Toggle on **Malicious Link Detection**. This requires an active Hashbot subscription.
  </Step>
</Steps>

You can also enable it via Discord:

```
/settings malicious-link set-state detection-state:enable
```

### Setting the Timeout Duration

When a malicious link is detected, the offending member receives a timeout. You can configure the timeout duration:

```
/settings malicious-link set-timeout hours:1
```

You can specify any combination of `minutes`, `hours`, and `days`.

### How It Works

1. A member sends a message containing a URL
2. Hashbot extracts and checks the URL against a real-time threat intelligence database
3. If the URL is flagged as malicious:
   * The message is **deleted**
   * The member is **timed out** for the configured duration
   * The action is **logged** to your log channel with the flagged URL and reason

<Info>
  Allowlisted users and manager roles are excluded from malicious link detection — they can share any URL without being flagged.
</Info>

### Commands

| Command                                                                | Description                                            |
| ---------------------------------------------------------------------- | ------------------------------------------------------ |
| `/settings malicious-link set-state detection-state:<enable\|disable>` | Enable or disable malicious link detection             |
| `/settings malicious-link set-timeout minutes: hours: days:`           | Set the timeout duration for malicious link violations |

### Need Help?

If you need support with malicious link detection:
[**Join our Discord**](https://discord.gg/hashbot) and open a ticket. Our team is happy to assist you.
