Victim as a Service: Designing a System for Engaging with Interactive Scammers
Published in USENIX Security, 2025
Daniel Spokoyny, Nikolai Vogler, Xin Gao, Tianyi Zheng, Yufei Weng, Jonghyun Park, Jiajun Jiao, Geoffrey M. Voelker, Stefan Savage, Taylor Berg-Kirkpatrick
Pig butchering and similar interactive online scams lower their victims’ defenses by building trust over extended periods of conversation—sometimes spanning weeks or months. These scams have resulted in massive public losses, estimated at over $75 billion in a recent study. In this paper, we describe the motivation, design, implementation, and experience with CHATTERBOX, an LLM-based system that automates long-term engagement with online scammers, making large-scale investigations of their tactics possible. We detail the techniques developed to attract scam attempts, the system architecture and LLM engineering required to convincingly engage with scammers, and the necessary capabilities to satisfy or evade “milestones” in the scammers’ workflow.