I fixed the flags. The bot works as it was designed. In a previous out break we had reports of at least 2 accounts stolen when someone accidentally opened a clickable link in a post warning others. Some browsers, particularly mobile browsers, and browser extensions make domain names without the "http://" clickable links.

In my opinion, right now it is more important to stop the spread even if a few users get accidentally flagged. These phishers have been changing tactics frequently to avoid being flagged. Buying domains costs them money. Adding sub-domains like abc.badlink.com doesn't and I won't be surprised if that is the next step. Specifying https://www.badlink.com or https://badlink.com would make the bot ineffective.