Scams rely on urgency, impersonation, and exploiting trust. Watch for these red flags:

• Domains — look-alike domains (e.g. paypa1.com), newly registered sites (under 30 days), free hosting or unusual TLDs (.xyz, .top, .click)
• Emails — mismatched sender domains, urgent language ("act now"), requests for credentials or payment, generic greetings
• Social accounts — recently created profiles, few followers, copied bios, DMs with links or "investment opportunities"
• Crypto — guaranteed returns, pressure to send funds to a specific wallet, "recovery services" requesting upfront payment, unverified smart contracts
• Phone — spoofed caller ID, government impersonation, requests for remote access or gift cards

Use AVA to check any entity before engaging. A 30-second check can prevent significant financial loss.

Trust should be earned through verification, not assumed. Before transacting or sharing information:

• Check the entity — paste the domain, URL, wallet address, or social handle into AVA for an instant risk assessment
• Check domain age — legitimate businesses have domains registered for years, not days. WHOIS data reveals registration dates
• Inspect SSL certificates — a padlock icon alone means nothing. Check who issued the certificate and whether it matches the organisation
• Cross-reference — search the entity name alongside words like "scam", "review", or "complaint" before engaging
• Verify independently — contact organisations through their official website (not links in messages) to confirm legitimacy

• Enable 2FA everywhere — use authenticator apps (not SMS) for critical accounts. Hardware keys (YubiKey) for highest-value accounts
• Use a password manager — unique 16+ character passwords per site. Bitwarden (free) or 1Password are strong choices
• Separate email identities — use different email addresses for banking, social media, and subscriptions to limit blast radius
• Monitor for breaches — check Have I Been Pwned regularly. Change credentials immediately if exposed
• Limit public information — social media oversharing provides attackers with answers to security questions and social engineering vectors
• Keep software updated — enable automatic updates for OS, browsers, and applications. Unpatched software is the leading attack vector

If you suspect you have been targeted or have fallen victim to a scam, act immediately:

• Contact your bank — request a transaction freeze or chargeback within 24 hours for the best chance of recovery
• Change compromised credentials — update passwords for any accounts that may have been exposed, starting with email and banking
• Report to authorities:
  • Australia: ScamWatch (ACCC) and ReportCyber (ACSC)
  • United States: IC3 (FBI) and FTC
  • United Kingdom: Action Fraud
  • International: eConsumer.gov
• Preserve evidence — screenshot messages, emails, transaction records, and URLs before they disappear
• Warn others — report the scam entity on relevant platforms and share with your network to prevent further victims

Organisations operating in Australia face increasing regulatory obligations under the Scams Prevention Framework Act 2025:

• Mandatory scam prevention — banks, telcos, and digital platforms must implement reasonable scam prevention measures (penalties up to AUD $50M)
• Real-time checks — integrate entity verification into payment flows, onboarding, and communication channels via the AVA API
• Audit trail — maintain records of every check for compliance reporting. AVA provides exportable audit logs
• Employee training — regular security awareness training reduces phishing susceptibility. Resources: ACSC Learn
• Incident response plan — document procedures for breach notification (72-hour NDB Act requirement), customer communication, and evidence preservation

For enterprise API integration and compliance consulting, contact AVA at [email protected].

• POST /v1/screen — Synchronous check (full pipeline, returns verdict)
• POST /v1/screen/async — Async check (returns job ID, optional webhook callback)
• POST /v1/screen/batch — Batch up to 100 entities per request
• GET /v1/jobs/{id} — Poll async job status
• GET /v1/graph/{type}/{value} — Relationship graph (BFS traversal)
• GET /v1/history — Recent check history
• GET /v1/audit/{id} — Full check audit record
• GET /v1/audit/export — Compliance-ready CSV export
• POST /v1/report — Community scam report (cross-platform)

Detailed API reference is available to enterprise customers under engagement. Contact [email protected] to discuss.

AVA auto-detects entity type, or you can specify explicitly:

• domain — example.com
• url — https://example.com/page
• wallet — ETH (0x...), BTC, SOL addresses
• email — [email protected]
• ip_address — IPv4 addresses
• phone — International format (+61...)
• social_account — platform:handle (e.g. x:@handle, instagram:handle)

• Free — 30 checks/day, 1 auto-monitored group, impersonation shield (sign in with social account)
• Starter ($29/mo) — 200/day, 5 channels, full scam detection, batch checks, webhooks
• Pro ($99/mo) — 1,000/day, 50 channels per platform, multi-platform, API, webhooks
• Business — Custom pricing, unlimited channels, SSO/SAML, dedicated support

AVA's Telegram bot monitors groups and channels in real time, automatically checking URLs, domains, wallet addresses, and social handles posted by members.

Setup (30 seconds):

• Add @CheckWithAvaBot to your Telegram group
• Make the bot an admin (required for reading messages and enforcing policies)
• Done. Monitoring starts automatically.

Everyday commands:

• /check <entity> — Check if a URL, domain, wallet, or email is a scam
• /report <entity> — Report a suspected scam (available to all group members)
• /status — View monitoring stats and queue depth
• /subscribe — Upgrade your plan via Telegram Stars
• /support <issue> — Create a support ticket

Admin commands (group admins only):

• /protect — Quick-start monitoring with default notify policy
• /monitor / /unmonitor — Start or stop monitoring
• /policy <notify|delete|ban> — Set action policy:
  • notify (default) — Alert only, human decides
  • delete — Auto-delete messages with high-risk entities, plus alert
  • ban — Delete message, ban sender, plus alert
• /alerts <here|me|chat_id> — Choose where alerts are sent
• /antiraid <joins> <minutes> — Set anti-raid thresholds (e.g. /antiraid 5 3)
• /welcome on|off|set <text> — Configure welcome messages for new members
• /link <api_key> — Connect to your paid AVA dashboard (optional, for analytics and API access)
• /learn [days] — Observe channel behaviour before monitoring (1-30 days)

Security commands (group admins only):

• /audit — Scan members for admin impersonation (name copying, Unicode lookalikes)
• /verify <user> — Check if a user is a real admin
• /banuser <user> — Ban a suspected impersonator

Getting started:

1. Add @CheckWithAvaBot to your group as admin. Free monitoring starts automatically.
2. Optionally run /learn to profile the channel first
3. For full features: sign up at checkwithava.com, then run /link <your_api_key> to connect your paid account

Personal scanning (DM the bot):

• Forward a suspicious message to the bot — it extracts all entities and checks them instantly
• Paste a URL, wallet, or domain directly — same result
• The bot replies with a risk verdict for each entity found

What the bot detects:

• Phishing and malware URLs
• Known scam wallet addresses and rug pull tokens
• Fraudulent social accounts and admin impersonation
• Suspicious newly registered domains
• Scam emails and phone numbers

How it works:

• The bot passively reads all messages in monitored groups
• Entities (URLs, wallets, emails, domains, IPs) are automatically extracted
• Each entity is checked through AVA's comprehensive multi-source verification system
• Entities flagged as suspicious or dangerous trigger the configured action policy
• Recently checked entities are cached — repeat posts get instant verdicts without re-checking
• All findings feed into AVA's intelligence graph, improving detection over time

AVA's Discord bot monitors servers using slash commands, checking URLs, wallets, and entities in real time with the same comprehensive enrichment system.

Setup:

• Invite the AVA bot to your Discord server using the invite link from checkwithava.com
• The bot requires Read Messages, Send Messages, Manage Messages, and Ban Members permissions
• Run /monitor in the channel you want to protect

Slash commands:

• /checkwithava <entity> - Check if something is a scam
• /monitor / /unmonitor - Start or stop monitoring a channel
• /policy <notify|delete|ban> - Set action policy
• /report <entity> [reason] - Report a suspected scam
• /support <description> - Create a support ticket
• /link <api_key> - Connect to your paid AVA account (ephemeral, key hidden)
• /audit - Scan members for admin impersonation
• /learn - Start learning mode to profile channel behaviour

All slash command responses are ephemeral (visible only to you) when they contain sensitive data like API keys or check details.

Requires: Starter plan ($29/mo) or higher.

AVA's Slack bot integrates with your workspace using Slack's slash commands and Events API, checking messages in monitored channels.

Setup:

• Install the AVA Slack app from your workspace admin panel
• Invite @AVA to the channels you want to monitor
• Run /ava-monitor to start monitoring

Commands (prefixed with /ava-):

• /ava-check <entity> - Check if something is a scam
• /ava-monitor / /ava-unmonitor - Start or stop monitoring
• /ava-policy <notify> - Set action policy
• /ava-report <entity> - Report a suspected scam
• /ava-support <description> - Create a support ticket
• /ava-connect <api_key> - Connect to your paid AVA account
• /ava-learn - Start learning mode

Responses are ephemeral by default, keeping your workspace clean.

Requires: Pro plan ($99/mo) or higher.

AVA's WhatsApp integration uses the Meta Cloud API to check messages in WhatsApp groups via text commands.

Setup:

• Add AVA's WhatsApp number to your group
• The first user to connect becomes the admin
• Send !ava monitor to start monitoring

Commands (prefixed with !ava):

• !ava status - Show monitoring status (no admin required)
• !ava monitor / !ava unmonitor - Start or stop monitoring
• !ava policy <notify> - Set action policy
• !ava report <entity> - Report a suspected scam (no admin required)
• !ava support <description> - Create a support ticket (no admin required)
• !ava admin add <phone> - Add an admin
• !ava admin remove <phone> - Remove an admin

Config-changing commands require admin status. The user who first connects the group is automatically the admin.

Requires: Starter plan ($29/mo) or higher. WhatsApp Business API access.

AVA is an entity verification and scam detection platform that checks domains, URLs, wallet addresses, social media accounts, emails, IP addresses, and other digital entities for fraud indicators and risk signals.

IMPORTANT — PLEASE READ CAREFULLY:

AVA provides risk indicators for informational purposes only. AVA does NOT provide legal, financial, investment, or professional advice of any kind.

Trust Scores, risk levels, recommendations, and analysis summaries are automated assessments based on available data at the time of the check. They are not guarantees of safety or danger. A high Trust Score does not mean an entity is safe. A low Trust Score does not mean an entity is definitely a scam.

You are solely responsible for your own decisions. Always verify independently and exercise your own judgement before sending money, sharing personal information, or engaging with any entity — regardless of what AVA's assessment says.

AVA's analysis is based on publicly available data, third-party intelligence sources, and automated pattern detection. Data sources may be incomplete, outdated, or incorrect. New scams may not yet be in our databases.

• You must provide accurate information when creating an account via social login (Google, GitHub, Microsoft, Facebook, LinkedIn, Apple).
• You are responsible for maintaining the security of your account and API keys.
• Free accounts are subject to usage limits. Paid plans (Starter, Pro, Business) provide higher limits as described on the Pricing page.
• We reserve the right to suspend or terminate accounts that violate these terms or exhibit abusive usage patterns.

You agree NOT to:

• Use the Service to harass, stalk, or target individuals
• Reverse engineer, scrape, or extract AVA's detection logic, scoring algorithms, or intelligence data
• Use the API to build a competing service
• Submit false or misleading entities to manipulate AVA's threat intelligence
• Attempt to circumvent rate limits, authentication, or access controls
• Use the Service for any unlawful purpose

All content, branding, scoring algorithms, detection patterns, intelligence data, and software comprising AVA are the intellectual property of Check With AVA and are protected by applicable copyright, trademark, and trade secret laws.

Your use of the Service does not grant you any rights to our intellectual property beyond the limited licence to use the Service as intended.

• Paid subscriptions are billed monthly via Stripe. Prices are in USD unless otherwise stated.
• You may cancel at any time. Cancellation takes effect at the end of the current billing period.
• Refunds are provided at our discretion within 14 days of initial purchase. No refunds for partial months.
• We reserve the right to change pricing with 30 days notice to existing subscribers.

Telegram Stars / Digital Payments:

• All Telegram Stars purchases are processed through Telegram's payment system.
• Refund requests can be submitted via the /paysupport command or by contacting [email protected].
• Refunds are processed within 14 business days.

NO WARRANTY. THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, OR NON-INFRINGEMENT.

NO GUARANTEE OF ACCURACY. WE DO NOT WARRANT THAT ANY RISK ASSESSMENT, TRUST SCORE, VERDICT, OR ANALYSIS WILL BE ACCURATE, COMPLETE, RELIABLE, OR ERROR-FREE. SCAM DETECTION IS INHERENTLY IMPERFECT — LEGITIMATE ENTITIES MAY BE FLAGGED, AND MALICIOUS ENTITIES MAY NOT BE DETECTED.

NOT ADVICE. NOTHING PROVIDED BY THE SERVICE CONSTITUTES LEGAL, FINANCIAL, INVESTMENT, TAX, OR PROFESSIONAL ADVICE. YOU SHOULD NOT RELY SOLELY ON AVA'S ASSESSMENTS WHEN MAKING DECISIONS INVOLVING MONEY, PERSONAL INFORMATION, OR SECURITY.

LIMITATION OF LIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, CHECK WITH AVA, ITS OFFICERS, DIRECTORS, EMPLOYEES, AND AGENTS SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, DATA, FUNDS, OR GOODWILL, ARISING FROM OR RELATED TO YOUR USE OF OR INABILITY TO USE THE SERVICE, ANY RELIANCE ON RISK ASSESSMENTS OR VERDICTS PROVIDED BY THE SERVICE, OR ANY THIRD-PARTY CONDUCT OR CONTENT.

OUR TOTAL AGGREGATE LIABILITY SHALL NOT EXCEED THE GREATER OF (A) THE AMOUNT YOU PAID FOR THE SERVICE IN THE 12 MONTHS PRECEDING THE CLAIM, OR (B) ONE HUNDRED AUSTRALIAN DOLLARS (AUD $100).

INDEMNIFICATION. You agree to indemnify, defend, and hold harmless Check With AVA and its officers, directors, employees, and agents from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising from or related to: (a) your use of the Service; (b) any decision you make based on information provided by the Service; (c) your violation of these Terms; or (d) your violation of any rights of a third party.

• AVA may flag legitimate entities as suspicious (false positives). AVA is not liable for any reputational harm resulting from automated risk assessments.
• AVA may fail to detect scams (false negatives). Users must not rely solely on AVA's assessments for financial or safety decisions.
• AVA's risk assessments are automated opinions based on publicly available data and third-party intelligence sources. They do not constitute allegations of fraud or criminal activity.

• Reports must be made in good faith based on genuine concern about scam activity.
• False or malicious reports may result in account suspension or termination.
• AVA reserves the right to disclose reporter identity to law enforcement if required.
• Reported entities may contest assessments by contacting [email protected].
• Community reports are weighted inputs to AVA's assessment system, not standalone verdicts.

• Any entity owner that believes they have been incorrectly assessed may submit a re-evaluation request to [email protected].
• AVA will re-evaluate contested assessments within 14 business days.
• AVA reserves the right to maintain its assessment if the evidence supports it.

• API access is subject to rate limits as defined by your plan tier.
• AVA verdicts must not be redistributed, resold, or used to build competing intelligence services.
• AVA does not guarantee API uptime. Business customers may negotiate SLA terms separately.
• API consumers must not use AVA verdicts as the sole basis for automated blocking, account termination, or financial decisions without human review.

These terms are governed by the laws of Australia. For matters relating to published verdicts and public-facing content, the laws of England and Wales apply (Defamation Act 2013).

Any disputes shall be resolved through binding arbitration in the jurisdiction of the applicable governing law.

Contact: [email protected]

• Account data: Contract performance (GDPR Article 6(1)(b))
• Group message scanning: Legitimate interests in fraud prevention and security (Article 6(1)(f))
• Threat intelligence: Legitimate interests in preventing financial crime
• Marketing: Consent (Article 6(1)(a))

• AVA reads messages in monitored groups to extract entities (URLs, wallets, emails, domains, phone numbers).
• We do NOT store message content. Only extracted entities and their risk verdicts are retained.
• Sender IDs and reputation scores are retained to detect coordinated scam behaviour.
• Message processing occurs in memory. No full message text is written to permanent storage.

• Provide the Service: Process checks, generate verdicts, maintain your account
• Improve detection: Check results contribute to our threat intelligence graph, improving detection for all users. Entity data is anonymised in public-facing insights.
• Security: Detect and prevent abuse, fraud, and prompt injection attacks
• Communication: Service notifications, support responses, and (with consent) product updates

We do NOT sell your personal data. We do NOT use your data for advertising.

We share data only with:

• Third-party enrichment services: Entities you check are sent to services like VirusTotal, Google Safe Browsing, and URLScan for analysis. These services have their own privacy policies.
• Payment processor: Stripe processes payments. We do not store credit card details.
• Law enforcement: If required by law or to protect against imminent harm.

We do NOT share your personal information with advertisers or data brokers.

Essential cookies: We use a single session cookie (ava_session) to maintain your login state. This is httpOnly and secure — it cannot be read by JavaScript or third parties.

No tracking cookies: We do not use Google Analytics, Facebook Pixel, or any third-party tracking. We do not fingerprint your browser.

No advertising cookies: We do not serve ads or use advertising-related cookies.

Self-hosted fonts are loaded from our own servers — no requests to Google Fonts or other CDNs.

• Account data: Retained while your account is active. Deleted within 30 days of account deletion request.
• Check verdicts: Retained indefinitely as part of our threat intelligence database. Verdicts are anonymised in public-facing features.
• Enrichment evidence: Compressed enrichment snapshots retained for audit trail purposes. Available for export on Business plans.
• Session data: Sessions expire after 72 hours. Expired sessions are automatically purged.

Under GDPR and the Australian Privacy Act, you have the right to:

• Access: Request a copy of all personal data we hold about you
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your personal data (right to be forgotten)
• Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing of your personal data
• Withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact: [email protected]

• All data encrypted in transit (TLS/HTTPS) and at rest (AES-256/KMS)
• API keys are stored as one-way hashes — we cannot retrieve your full key after creation
• Session tokens are cryptographically random with httpOnly, secure, SameSite attributes
• Prompt injection defences prevent adversarial manipulation of our analysis pipeline
• Infrastructure hosted on AWS with SOC 2 and ISO 27001 compliance

AVA uses the following third-party services to process data:

• Google (Web Risk API, YouTube Data API): entity reputation checks
• Cloudflare (URL Scanner, DNS): domain and URL analysis
• Etherscan: blockchain wallet age verification
• URLScan.io: website screenshot and technology analysis
• Stripe: payment processing
• Resend: transactional email
• Telegram: bot messaging platform
• Hosting: currently local development, production planned on AWS (Sydney, Ireland regions)

• Entity values (URLs, domains, wallets) may be sent to US-based enrichment APIs for analysis.
• No personally identifiable information is included in cross-border API calls.
• Where personal data transfers occur, appropriate safeguards (Standard Contractual Clauses or adequacy decisions) are in place.

• AVA uses automated systems to generate risk assessments for entities.
• Risk scores are generated by combining multiple data sources with the AVA Intelligence Engine.
• You have the right to request human review of any automated assessment by contacting [email protected].

In the event of a data breach affecting personal data, we will notify the relevant supervisory authority within 72 hours and affected individuals within 30 days.

For privacy-related enquiries:

• Email: [email protected]
• General support: [email protected]

We will respond to all privacy requests within 30 days.