Resources

Scams rely on urgency, impersonation, and exploiting trust. Watch for these red flags:

• Domains - look-alike domains (e.g. paypa1.com), newly registered sites (under 30 days), free hosting or unusual TLDs (.xyz, .top, .click)
• Emails - mismatched sender domains, urgent language ("act now"), requests for credentials or payment, generic greetings
• Social accounts - recently created profiles, few followers, copied bios, DMs with links or "investment opportunities"
• Crypto - guaranteed returns, pressure to send funds to a specific wallet, "recovery services" requesting upfront payment
• Phone - spoofed caller ID, government impersonation, requests for remote access or gift cards

Use AVA to screen any entity before engaging. A 30-second check can prevent significant financial loss.

Trust should be earned through verification, not assumed. Before transacting or sharing information:

• Screen the entity - paste the domain, URL, wallet address, or social handle into AVA for an instant risk assessment
• Check domain age - legitimate businesses have domains registered for years, not days
• Inspect SSL certificates - a padlock icon alone means nothing. Check who issued the certificate and whether it matches the organisation
• Cross-reference - search the entity name alongside words like "scam", "review", or "complaint" before engaging
• Verify independently - contact organisations through their official website (not links in messages) to confirm legitimacy

• Enable 2FA everywhere - use authenticator apps (not SMS) for critical accounts. Hardware keys for highest-value accounts
• Use a password manager - unique 16+ character passwords per site. Bitwarden (free) or 1Password are strong choices
• Separate email identities - use different email addresses for banking, social media, and subscriptions to limit blast radius
• Monitor for breaches - check Have I Been Pwned regularly. Change credentials immediately if exposed
• Limit public information - social media oversharing provides attackers with answers to security questions
• Keep software updated - enable automatic updates for OS, browsers, and applications

If you suspect you have been targeted or have fallen victim to a scam, act immediately:

• Contact your bank - request a transaction freeze or chargeback within 24 hours for the best chance of recovery
• Change compromised credentials - update passwords for any accounts that may have been exposed, starting with email and banking
• Report to authorities: Australia: ScamWatch, ReportCyber. US: IC3, FTC. UK: Action Fraud
• Preserve evidence - screenshot messages, emails, transaction records, and URLs before they disappear
• Warn others - report the scam entity on relevant platforms and share with your network

Organisations operating in Australia face increasing regulatory obligations under the Scams Prevention Framework Act 2025:

• Mandatory scam prevention - banks, telcos, and digital platforms must implement reasonable scam prevention measures (penalties up to AUD $50M)
• Real-time screening - integrate entity verification into payment flows, onboarding, and communication channels via the AVA API
• Audit trail - maintain records of screening decisions for compliance reporting. AVA provides exportable audit logs
• Incident response plan - document procedures for breach notification (72-hour NDB Act requirement), customer communication, and evidence preservation

For enterprise API integration and compliance consulting, contact enterprise@checkwithava.com.

Screen any entity with a single API call:

curl -X POST https://api.checkwithava.com/v1/screen \
  -H "Content-Type: application/json" \
  -H "X-API-Key: YOUR_KEY" \
  -d '{"entity_value": "suspicious-domain.com"}'

The response includes a risk score (0-100), risk level, confidence rating, and detailed signal breakdown.

• POST /v1/screen - Synchronous screening (full pipeline, returns verdict)
• POST /v1/screen/async - Async screening (returns job ID, optional webhook callback)
• POST /v1/screen/batch - Batch up to 100 entities per request
• GET /v1/jobs/{id} - Poll async job status
• GET /v1/graph/{type}/{value} - Relationship graph (BFS traversal)
• GET /v1/history - Recent screening history
• GET /v1/audit/{id} - Full screening audit record
• GET /v1/audit/export - Compliance-ready CSV export
• POST /v1/report - Community scam report (cross-platform)

AVA auto-detects entity type, or you can specify explicitly:

• domain - example.com
• url - https://example.com/page
• wallet - ETH (0x...), BTC, SOL addresses
• email - user@example.com
• ip_address - IPv4 addresses
• phone - International format (+61...)
• social_account - platform:handle (e.g. x:@handle, instagram:handle)

Setup (30 seconds):

1. Add @CheckWithAvaBot to your Telegram group
2. Make the bot an admin (required for reading messages and enforcing policies)
3. Done. Monitoring starts automatically.

Everyday

• /check <entity> - Check if a URL, domain, wallet, or email is a scam
• /report <entity> - Report a suspected scam (available to all group members)
• /status - View monitoring stats and queue depth

Admin (group admins only)

• /protect - Quick-start monitoring with default policy
• /monitor / /unmonitor - Start or stop monitoring
• /policy <notify|delete|ban> - Set action policy
• /alerts <here|me|chat_id> - Set where alerts are sent
• /antiraid <joins> <minutes> - Configure anti-raid thresholds
• /welcome on|off|set <text> - Configure welcome messages
• /learn [days] - Observe channel behaviour before monitoring
• /link <api_key> - Connect to your AVA account

Security (group admins only)

• /audit - Scan members for admin impersonation
• /verify <user> - Check if a user is a real admin
• /banuser <user> - Ban a suspected impersonator

Content Control (group admins only)

• /blocklist add|remove|clear <pattern> - Manage custom blocklist patterns
• /allowlist user|domain <value> - Manage approved users and domains

Audit (group admins only)

• /setlog <channel> - Configure audit log channel
• /settings - View all bot settings for this group

Account

• /subscribe - Upgrade your plan via Telegram Stars
• /support <issue> - Create a support ticket
• /start - Bot info and all commands

Personal scanning (DM the bot): Forward a suspicious message or paste a URL, wallet, or domain directly. The bot replies with a risk verdict for each entity found.

Slash commands with ephemeral responses. Requires Starter plan ($29/mo) or higher.

• /checkwithava <entity> - Check if something is a scam
• /monitor / /unmonitor - Start or stop monitoring a channel
• /policy <notify|delete|ban> - Set action policy
• /report <entity> [reason] - Report a suspected scam
• /link <api_key> - Connect to your paid AVA account
• /audit - Scan members for admin impersonation
• /learn - Start learning mode

Workspace integration with slash commands. Requires Pro plan ($99/mo) or higher.

• /ava-check <entity> - Check if something is a scam
• /ava-monitor / /ava-unmonitor - Start or stop monitoring
• /ava-policy <notify> - Set action policy
• /ava-report <entity> - Report a suspected scam
• /ava-connect <api_key> - Connect to your paid AVA account
• /ava-learn - Start learning mode

Meta Cloud API integration with text commands. Requires Starter plan ($29/mo) or higher.

• !ava status - Show monitoring status
• !ava monitor / !ava unmonitor - Start or stop monitoring
• !ava policy <notify> - Set action policy
• !ava report <entity> - Report a suspected scam
• !ava admin add <phone> - Add an admin

The user who first connects the group is automatically the admin.

By accessing or using AVA ("the Service"), operated by Check With AVA ("we", "us", "our") at checkwithava.com, you agree to be bound by these Terms & Conditions. If you do not agree, do not use the Service.

We reserve the right to modify these terms at any time. Continued use of the Service after changes constitutes acceptance of the updated terms.

AVA is an entity verification and scam detection platform that screens domains, URLs, wallet addresses, social media accounts, emails, IP addresses, and other digital entities for fraud indicators and risk signals.

IMPORTANT: AVA provides risk indicators for informational purposes only. AVA does NOT provide legal, financial, investment, or professional advice of any kind. Trust Scores and risk levels are automated assessments based on available data. They are not guarantees of safety or danger.

You are solely responsible for your own decisions. Always verify independently before sending money, sharing personal information, or engaging with any entity.

• You must provide accurate information when creating an account via social login.
• You are responsible for maintaining the security of your account and API keys.
• Free accounts are subject to usage limits. Paid plans provide higher limits as described on the Pricing page.
• We reserve the right to suspend or terminate accounts that violate these terms or exhibit abusive usage patterns.

You agree NOT to:

• Use the Service to harass, stalk, or target individuals
• Reverse engineer, scrape, or extract AVA's detection logic or intelligence data
• Use the API to build a competing service
• Submit false or misleading entities to manipulate AVA's threat intelligence
• Attempt to circumvent rate limits, authentication, or access controls
• Use the Service for any unlawful purpose

• Paid subscriptions are billed monthly via Stripe. Prices are in USD unless otherwise stated.
• You may cancel at any time. Cancellation takes effect at the end of the current billing period.
• Refunds are provided at our discretion within 14 days of initial purchase.
• Telegram Stars purchases are processed through Telegram's payment system. Refunds via /paysupport or support@checkwithava.com within 14 business days.

NO WARRANTY. THE SERVICE IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. WE DO NOT WARRANT THAT ANY RISK ASSESSMENT WILL BE ACCURATE, COMPLETE, OR ERROR-FREE.

LIMITATION OF LIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY LAW, OUR TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE GREATER OF THE AMOUNT YOU PAID IN THE 12 MONTHS PRECEDING THE CLAIM, OR AUD $100.

Contact: legal@checkwithava.com. Governed by the laws of Australia.

Account information: When you sign in via social login, we receive your name, email address, and profile picture. We do not receive or store your password.

Screening data: Entities you submit for screening are processed and stored to generate risk verdicts and improve our threat intelligence.

Telegram data: If you use the Telegram bot, we process message content in monitored channels to extract and screen entities. We do not store full message content.

• Provide the Service: Process screenings, generate verdicts, maintain your account
• Improve detection: Screening results contribute to our threat intelligence graph. Entity data is anonymised in public-facing insights.
• Security: Detect and prevent abuse, fraud, and prompt injection attacks

We do NOT sell your personal data. We do NOT use your data for advertising.

Cookies: One essential session cookie (ava_session), httpOnly and secure. No tracking cookies, no Google Analytics, no advertising cookies.

Data sharing: Only with third-party enrichment services (VirusTotal, Google Web Risk, URLScan, Cloudflare), payment processor (Stripe), email (Resend), and law enforcement if required by law. No data brokers or advertisers.

Retention: Account data retained while active, deleted within 30 days of deletion request. Screening verdicts retained indefinitely as anonymised threat intelligence. Sessions expire after 72 hours.

Under GDPR and the Australian Privacy Act, you have the right to: access, rectification, erasure, portability, objection, and withdrawal of consent.

You have the right to request human review of any automated assessment.

In the event of a data breach, we will notify the relevant supervisory authority within 72 hours and affected individuals within 30 days.

Contact: privacy@checkwithava.com. We respond to all privacy requests within 30 days.