Scam Detection Assistant: Automated Protection from Scammers

Abstract

Scams, also known as social engineering attacks, are an extremely common and dangerous threat today. Scams typically result in financial loss by convincing a victim to perform an ill-advised action such as sending money, or convincing him to provide private information. In this paper we present an approach to detect scams, focusing on scams which are conveyed in-person, over the phone, or via text/chat message. We present a tool called Scam Detection Assistant (SDA) which analyzes attack content to detect inappropriate statements which are indicative of social engineering attacks. A great deal of previous research in the detection of scams focuses on the detection of email scams, phishing emails. Previous work relies heavily on the analysis of various metadata specific to the email attack vector, including header information and URL links. SDA is novel compared to previous work because it focuses on the natural language contained in the attack, performing semantic analysis of the content to detect malicious intent. Focusing on content analysis makes our approach applicable to detect scams using non-email attack vectors, including texting applications, chat applications, and phone/in-person attacks which have been converted to text using a speech-to-text application.