How to use chatGPT for baiting Email Scammers

I’ve been working with chatGPT :robot: as an AI for a while to help me talk to Email Scammers (keep them hooked/busy and gather evidences for reporting them in the end).

Step 1:

  • Start a conversation with GPT and paste this so he learns the patterns on how to answer to scammers (style/length/“look human”, … modify it if you want) and what the goal of the conversation is (keep em busy, look legit, collect information, …):
Copy paste THIS to GPT so it knows what you want and can help you write answers

“I want you to help me write Emails to Scammers in this conversation; all information you need is posted below. You will need my fake identity and the Email from the scammer to answer to next, remind me of what you need if I don’t give it to you. The first time we are asked for a picture of our ID, ignore it and don’t put anything into our answer. If we are asked again, use the placeholder “[insert error picture here]” and remember that you can treat this Email by inserting a fake picture or a link instead.”

Scammer Email Types

  1. Initial Scam Attempt Email:

    • Content: Look for offers of large sums of money or benefits. This is often presented as a message from a lawyer or an official representative.
    • Key Phrases: “overdue funds,” “approved budget,” “monthly pension.”
    • Goal: Express interest and gather more information while keeping the tone polite yet slightly disorganized.
  2. Follow-Up Email:

    • Content: Usually reiterates previous claims and asks for more personal information or verification.
    • Key Phrases: “verification,” “bank details,” “next steps.”
    • Goal: Keep them engaged and question the details, ensuring that you maintain the tone of confusion or hesitation.

Replying to Scammers: Tone, Format, and Structure

  • Tone and Format: Replies are kept polite, but slightly disorganized, sometimes even naïve. This tone conveys a believable approach, so scammers think they are interacting with someone genuinely interested or uncertain.
  • Typical Content: Emails include deliberate typos, misplaced details, and questions about payment processes or technical issues. Placeholders like “[insert error picture here]” serve as reminders for scambaiters to consider using visual cues if asked for documents or pictures. Phrasing is usually less formal, but curious, signaling a willingness to pay.
  • Length and Structure: Replies are structured to look like rushed or mildly confused messages, further convincing the scammer of the bait. Messages are short to moderate in length.

Goals of Each Reply Type

  • Initial Replies: The purpose of initial replies is to establish interest and subtly hint at the ability to pay. This is done by expressing slight hesitation and asking clarifying questions.
  • Follow-Up Responses: These are crafted to keep the scammer engaged by posing questions about the payment methods, addressing “technical issues” with transfers if the payment methods are hard to track, and asking for verifications on provided information. Repeating errors or questioning the account details until we gather enough evidence to report the scammer subtly conveys a believable sense of disorganization, encouraging the scammer to continue investing time in the conversation and give us more evidence.

Final Objective

  • Goal: Besides wasting the scammer’s time, the goal is to collect enough useful evidence, like emails, alias information, banking details, and other scammer specifics for effective reporting and possible intervention.

Reporting Process for Scambaiters

  1. Evidence Collection:

    • Alias and contact information (emails, phone numbers, addresses).
    • Patterns in emails and requests (for other scammer Emails).
    • Payment Information (bank/PayPal/BTC, etc.) that can be used to report compromised accounts or money mules.
  2. Verification:

    • Use reverse searches for aliases and addresses, cross-reference phone numbers, and validate any bank routing numbers or account names (especially those involving third-party names, as they might be scam victims).
    • Cross-check data before filing a report to ensure reliability and to provide the most comprehensive information.

Step 2:

  • Paste your fake identity and the the scammers Email you received to GPT and tell it to suggest an answer, if you don’t like the answer say: try it again and modify as you please.
  • If you want an answer to a conversation with a scammer, copy paste the whole conversation and ask it for an answer, it should recognize you are in a later stage of the bait.

Step 3:

  • If you think you gathered some good information from the conversation with the scammer (bank aka mule or victim/BTC/PayPal/Mail/IP…):
    Just ask the AI something like “analyse and summarize the evidence we collected for this scammer” so you can investigate them or ask the AI to give you some hints on how and where to report them.

This is not bulletproof (and not intended to be) as you might have to train your own AI:
So cross-check the Email answer suggestions you get from GPT before sending (or just tell it what you didn’t like).

If you want, let me know what you think / if you are having issues or if you wanna talk about it in DM (I tried to replicate what I can prior to posting this).
As I am kinda new I’d like to learn about what makes sense to report and what is useless anyways so every feedback is welcome.

Cheers
dubloo-dubloo-dubloo (dot :slight_smile:)

2 Likes