nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Disabled Scam Protection after 3 false positives in 2 day

overrate

Sharing this in case others have hit the same issue; screenshot attached.

Two of the alerts are from Find my IP, an app I use to log my own IP addresses (VPN). It flagged the same IP notification twice as "Phishing." The third is a Telegram chat message containing the string `rootproject.name`, flagged as "Dangerous." That's a standard Gradle config key; it shows up in literally every Android project's `settings.gradle`, and in our case also across localization strings, permission rationales, backup filenames, and the About page in four languages.

No malicious content, just developer tooling being pattern-matched as threats.

I get that erring on the side of caution is the point, but when legitimate workflows trigger this consistently it stops feeling like protection and starts feeling like noise. Turned it off for now.

Would be good if there was a way to whitelist sources or mark false positives so the model improves over time?

Find more posts tagged with

Comments

Alexandru_BD

Hello,

Really appreciate you sharing this with us, super helpful. This behavior is expected right now, but I totally understand how it can feel noisy in your workflow. We'll keep improving it, the mobile security development team noted the whitelisting idea.👍️

Thanks again!

overrate

Hi Alexandru, thanks for the prompt reply. Looking forward to reenable the feature once I can whitelist preferably by pattern, exact string/value, app, etc.

Best 🤝🏼