Introduction

Scammers and “con-men” have been prolific in society for hundreds of years, but their impact has been exacerbated by the invention of email. When cyber-enabled, scammers are allowed access to a wealth of potential victims with minimal effort. The techniques used by these scammers range from offering “too good to be true” incentives like a large amount of money or a profitable business deal, to eliciting sympathy in the victim by using emotive language and outlining a difficult situation they are in. These fraudulent schemes are unfortunately highly effective. According to the Scamwatch programme run by the Australian Competition and Consumer Commission, in December 2022, a total of 6,263,998 AUD from 6,023 victim reports was lost to email-based scams (Australian Competition and Consumer Commission 2016). This was echoed in the UK, with over 1.2 billion GBP being lost to fraud in 2022 (UK Finance 2022). Similar severity of loss was seen in the US, with the FBI reporting an increase in the amount lost by victims of cyberattacks, from $6.9 billion in 2021 to over $10.2 billion in 2022 (FBI 2022).A range of different techniques are used to attempt to reduce the effect of email-based fraud, including government guides and public advice on recognising and avoiding scams (Metropolitan Police 2021), content-based email filtering (Yaseen et al. 2021) and blacklisting senders from certain IPs, addresses or domains (Levine et al. 2010). One potentially effective, though controversial, countermeasure is scam-baiting. Scam-baiters attempt to tackle the epidemic of scams by posing as a potential victim and engaging scammers in conversations designed to waste as much of the scammer’s time as possible, with the idea that the scammers are diverted from targeting a victim during this time. While the ethics of some scam-baiting activity is debated (Zingerle and Kronman 2013; Button and Whittaker 2021), the key problem with individual scam-baiters is that their time is also being consumed, and there are far more scammers than scam-baiters. This problem is therefore amenable to a computerised solution.Chen et al. (2023) describe a framework for automatic scam-baiting, in which scammers are randomly assigned to different reply strategies, which engage them in conversation automatically. While originally designed as a means of testing anti-fraud countermeasures, this framework provides a means for direct behavioural experimentation on email-based fraudsters. By carefully designing reply strategies and comparing their performance to control measures, we can use fraudster engagement with different reply strategies as a means of testing hypotheses about what fraudsters find attractive in conversations with their ‘victims’.In this paper, we leverage this approach to tackle a key question in online fraud research from a novel angle: which factors do fraudsters find attractive in potential victims? We create four distinct “personalities” for our reply systems, drawing upon existing literature on the attributes and characteristics that are thought to affect susceptibility to scams, as well as some small confirmatory surveys regarding the public perception of fraud susceptibility. We compare fraudster engagement with these personalities to assess the significance of different factors, such as age, disposition and social support. Most notably, one of the personalities we test is designed on the basis of prior literature suggesting that the elderly can be particularly susceptible to fraud. By comparing the performance of these personalities in real conversations with online fraudsters, we gather evidence on which personalities the scammers themselves believe to be most viable victims.

Background

It is commonly believed that the elderly are more often victims of fraud and financial exploitation, with evidence of them being disproportionately affected by financial scams (Holtfreter et al. 2014), and many papers exploring causative factors (Coombs 2014; Friedman 1992; James et al. 2014). Friedman (1992) explored why consumer fraud disproportionately affects the elderly through a mail survey sent to different police departments, asking for their impressions of characteristics in victims. It was found that women were seen to be more desired as victims than men. Furthermore, being non-married, living alone, or friendliness towards strangers were also commonly identified victim characteristics. Friedman, writing in 1992, does not exclusively cover email-based scams, and some of the factors identified at the time may not be applicable now. For example, access to the victim is a necessary factor for in-person scams, and it may be the case that elderly women were just more physically accessible, rather than psychologically more vulnerable.A review of scams against the elderly by Coombs (2014) outlines a typical victim of financial exploitation as a trusting elderly woman with some cognitive impairment. Elderly women are often more maternal and caring making them more susceptible to emotionally charged sympathy scams. Coombs suggests that they may have outlived their spouse, who might have been their financial decision-maker, considering women’s longer life expectancies. Coombs also argues that a lack of understanding of digital banking, as well as inadequate knowledge of safe internet use, due to not growing up with the technology, leaves the elderly more at risk.Following a survey of older victims of telemarketing fraud, Alves and Wilson (2008) present a different victim profile which includes being male, being highly educated, and divorced. They argue that the victim’s marital status may have some effect because possible loneliness could mean they use phone conversations as some crutch of social support. Furthermore, studies find loneliness to be a predictor for an individual’s likelihood of being scammed (Lichtenberg et al. 2013), and it was found to have a significant effect on older adults’ susceptibility to fraud (Wen et al. 2022). However, other studies find that loneliness is not a significant predictor for engaging with a scammer (Wood et al. 2018). The ‘digital divide’ in security understanding (such as identifying fraud cues) has been linked to socioeconomic status through the mediating factor of social structures spreading security information (Redmiles et al. 2017).A study into the factors affecting susceptibility in older adults without dementia by James et al. (2014) differs from some of the characteristics found by Friedman (1992) and Coombs (2014), instead finding that women are no more susceptible to scams than men are. Additionally, they found that education and income did not seem to have an effect on an individual’s susceptibility. The factors they found that affected vulnerability were poor financial and total literacy, as well as having lower cognition, and poorer health and psychological well-being. There was also a trend of less social support having an effect but it was not found to be statistically significant. However, it has been found that elderly people who socialise more outside of their house are less likely to be financially mistreated (Holtfreter et al. 2014). This supports the idea that loneliness is a factor affecting susceptibility.Lower levels of education have been found in some studies to increase the likelihood of an individual’s intent to engage in a scam (Wood et al. 2018). Titus and Gover (2001), however, found that elderly, and less-educated people are less targeted than younger and better-educated people. Their rationale is that younger and better-educated people may have higher levels of consumer engagement in more varied market groups, increasing their exposure and their likelihood of being targeted. Modic and Stephen (2012) found that higher levels of education corresponded with a higher likelihood of responding to scams. Whitty (2018) also found this, with regard to romance scams specifically. Tackling again the common belief that elderly people are more heavily targeted, Ross et al. argue that the level of fraud amongst older age groups is not disproportionate (Ross et al. 2014). Furthermore, a paper exploring the demographics most likely to fall for phishing scams found the age group of 18-25 to be the most vulnerable (Sheng et al. 2010). Lee and Soberon-Ferrer (1997) found that older, less-educated single adults are more vulnerable to fraud. Lower income was found to be a significant factor only if education was removed from the model, due to the highly correlated relationship between education and income. With respect to the impacts of age and gender, they found that woman over 65 were more vulnerable than men of the same age, but the opposite was true for under 65 s.Gullibility and high levels of trust have been identified in several studies as factors that affect vulnerability (Titus and Gover 2001; Langenderfer and Shimp 2001; Fischer et al. 2013). Laroche et al. (2019) suggest that overly trusting organisations leave an individual more open to scams. Greed is also a factor discussed in several papers to be a characteristic that makes an individual more likely to interact with a scammer (Titus and Gover 2001). Fischer et al. (2013) find that the offering of a large prize can impair decision making. Titus and Gover (2001) also note that being a victim of a previous scam is a powerful predictor of being targeted again, especially considering that lists of successfully scammed victims are sold between scammers (Authority 2008).Additionally, Titus and Gover (2001) remark that victims who display characteristics such as compassion and generosity as well as respect for authority can be more exploited by scammers in certain scams. This is consistent with Friedman’s (1992) findings. Higher levels of agreeableness are found by Modic and Stephen (2012) to be linked to a higher likelihood of responding to a scam. Other aspects of an individual’s personality have also been found to have an effect on their vulnerability. For example, Schulte (1995) points to being easily intimidated as a factor, with scammers alternating their strategies between complimenting and intimidating their targets, some even threatening harm to their targets’ families (Ross and Smith 2011).Whitty (2018) outlines a study where the characteristics of romance scam victims were compared against individuals who had not been subject to a scam. The findings were that middle-aged people were the most likely to fall for a romance scam. Furthermore, contrary to the idea that friendlier people fall for scams more often (Modic and Stephen 2012; Friedman 1992), Whitty found that less kind people were more likely to fall for romance scams. Other predictors found to contribute were impulsivity and lack of control.The general consensus found in the literature is that being older, lonelier, having a lower level of education, and being friendly and trusting are the most commonly identified characteristics affecting an individual’s susceptibility to scams. However, there are tensions in the literature regarding all of these points, with some papers finding the impact of the factors to be insignificant, or claiming the factor has the opposite effect. A good example of this is the typical victim profiles of older fraud victims provided by Coombs (2014) and Alves and Wilson (2008) contradicting each other, as previously discussed. There are also other factors where a common theme in the literature is harder to identify, for example, with the effect of gender in particular being a contentious topic, with findings either not noticing any significant effect (James et al. 2014), or studies finding their results were confounded by other variables such as age (Lee and Soberon-Ferrer 1997), or having studies that find conflicting results.Considering that many prior studies rely on self-reported scam victimisation, the current view of victim vulnerability may be skewed (Schwarz 1999) by the likelihood of each demographic to report scam victimisation, an issue compounded by the general underreporting of cybercrime (Morvareed and Grossklags 2016). Victims may not view their losses as significant, or feel too embarrassed to report the crime committed against them (Goodman and Brenner 2002). Underreporting may also be due to victims believing they possess insufficient evidence, or even fearing for their own safety (Ross and Smith 2011). Disentangling reporting from both susceptibility of victims and selective targeting by offenders is a significant challenge for fraud research. To see past these complicating factors, we design a methodology that allows for different pseudo-victims to engage directly with victims, filling a key gap in this picture by gathering a novel form of behavioural evidence about which victim presentations attract the most engagement from offenders. This evidence, which avoids confounding issues of reporting rates by different demographics, allows us to understand factors which are not only associated with different rates of victim reporting, but with additional effort invested by offenders into offending.

Personality design

Drawing upon various strands within the literature, we designed four personalities as reply systems, detailed below. Within each reply system, a series of template responses was built to express the personality. These were designed to lead the conversation partner through the anticipated stages of each automatically identified scam format. As the processes of persuasion can differ for different fraud types, each personality reply system contains scripts for handling two general classes of fraud: transactional schemes where the fraudulent premise involves an expectation that the recipient is looking out for their own financial interests, and non-transactional schemes where emotional pleas and other approaches are used in place of financial inducements. To handle specific formats in more detail, scripts were additionally developed to handle lottery and love fraud types, as respective instances of each category. As described in Fig. 1, a total of 16 scripts were developed, involving over 750 email templates designed to represent the intended personalities’ reaction to each scam format.

Fig. 1

_{Illustration of the different strategies that templates were written for. Four distinct scripts were populated with responses for each of the four personalities}

In general, the responses given by the reply systems were determined by the design of the individual personalities, detailed below. However, there were commonalities between the personality reply systems. First, conversations were classified in order to select the correct script to use in response. Second, at each new message, the system attempted to track what stage in the expected scam process the conversation had arrived at using the presence of certain keywords as indicators. Each script included five ‘rant response’ and ‘remain on email response’ templates in order to deal with scammers growing annoyed at the system or attempting to move the conversation to other modalities. The conversation classification also affected the decision process for reply selection under each personality. Figure 2 details this process for the transactional scheme category, which involves identifying possible sub-categories of scheme, sending certain responses only under rare conditions to increase the apparent unpredictability of the reply system, and sending certain responses only once a payment demand has been made, with the aim of simulating a “near win” phenomenon to keep the scammer on the hook, a technique used by Whitty (2013), which may also work against them. Similar processes were designed for each fraud type, with particular attention paid to countering tactics such as time pressure or demands for payment and information.

Fig. 2

_{A flow-chart depicting the response selection process for transactional schemes. Similar response processes were designed for each fraud format. The actual text of responses also varied for each personality}

Ethical considerations Scam-baiting is a sometimes controversial tactic. Many of the ethical disagreements surrounding scam-baiting are due to scam-baiters convincing scammers to send pictures of themselves in embarrassing and degrading situations (Nakamura 2014) for the purposes of public humiliation, or collecting evidence against scammers via illegal means (Zingerle 2015). Therefore, our repliers are not created to be “Trophy Hunters” (Zingerle and Kronman 2013), and do not request any action from the scammers, such as sending embarrassing images, or convincing them to get a humiliating tattoo (Nakamura 2014). Another commonly frowned-upon scam-baiter tactic is to scam the scammers and attempt to get them to send money instead of the supposed victim—none of our personalities attempt this.

Personalities

As well as making use of the factors highlighted in the literature, to ground our design of personalities for our response systems, we conducted a public perception survey with a small sample of anonymous participants (n = 92), to identify which factors were considered by the general public to be risk factors in both being targeted by scammers and falling for scams. The results are shown in Table 1. The participants overall considered being older to carry a higher risk of both being targeted and falling victim to online fraud. The most common opinion was that level of education had no effect on fraud victimisation, though no participants considered having a higher level of education to increase the likelihood of being targeted, compared to one third of participants who considered having a lower level of education to increase the risk. Participants mostly believed that never having been exposed to a scam before would make a person more likely to be targeted and fall victim to online fraud, though this item also showed the greatest variation in responses. A person being more kind was always considered to either have no effect or to be more associated with risk of targeting and victimisation, with no participants considering being less kind to be a risk factor.

Table 1 Responses for whether a factor was expected to have positive, negative, or no relationship with either being targeted or being the victim of online fraud (n = 92)

When asked what other factors they believed contributed to increasing an individual’s susceptibility, some common themes arose in participants’ answers. With respect to factors affecting victim’s likelihood to be targeted, common characteristics identified were insufficient technical knowledge, higher wealth, old age and loneliness. Other characteristics often mentioned with respect to increasing a victim’s likelihood to fall for a scam, but which was not mentioned in regard to being targeted, were greed, gullibility and trust.

One theme that differed between the questions about a victim’s likelihood to be targeted versus their likelihood to fall for a scam was that opposite ends of the spectrum regarding an individual’s wealth were perceived to have an effect. The public believe scammers prefer to target the more wealthy. This is intuitive, as they are trying to extract money from their victim. With regard to increasing an individual’s likelihood to fall for a scam, lower wealth is perceived to have an effect. This is explained via individuals in a financially difficult situation being more inclined to take a risk in order to better their financial situation.

On the basis of these results, and the prior literature, template responses were designed for four different personalities, which we assign names as a shorthand. These personalities were as follows: Doris, a kind old woman; Alex, a naive youth; Dave, a rude middle-aged man and Sam, a professional business person. These names were not the names used to sign off their emails in the later experiments, which were chosen using a random name generator, with a parameter for gender being included in the cases of Doris (female) and Dave (male). These personalities were chosen to test a range of factors highlighted from both the literature and our survey as being linked to fraud victimisation, as discussed further below.

Before proceeding to our behavioural experiments, we ran a validation survey to test that our implementation of the personalities in our templates was being perceived in the intended manner. Participants (n=23) were asked to rank various text samples for congruence with the described personality, and provided rich feedback suggesting improvements, as integrated below. Both of our design surveys were carried out under a blanket ethics approval regime, which held as a condition that no information about participants could be collected—as such we do not have detailed demographics of respondents. However, our recruitment methodology likely biassed responses towards a UK undergraduate demographic.

Kind old woman: Doris

Given the strong public perception that old age increases scam vulnerability, the inclusion of an elderly personality was a priority. Doris is designed based around the typical financial victim profile presented by Coombs (2014) of a trusting, caring, widowed elderly woman who has a low level of technological literacy.

Sur et al. (2021) discussed the idea that negative life events increase a person’s susceptibility to being scammed, and even particularly mention widowhood and loneliness, supported by several other sources (Olivier et al. 2015; Lichtenberg et al. 2013; Lawson and Leck 2006). Because of this, Doris was designed as a widow, with attempts to subtly convey this through her templates. In particular, this is mentioned in several of the love templates through use of the phrase “late husband”. However, in the other categories’ templates, where it would be less appropriate to mention her marital status, Doris mentions him only with regard to financial questions (in an attempt to suggest he was her financial decision-maker (Coombs 2014)), for example

What happens if I miss a payment? x Sorry, my late husband used to handle our finances and I’m nervous about messing it up x.

To avoid raising suspicion by introducing the topic of her dead husband, Doris more often mentions her son, and alludes to asking for his advice in 15 of her 193 templates. The aim of this is to subtly suggest she lives alone, is not married, and cannot immediately perform certain actions without help:

That sounds brilliant, x I am so excited, thank you for letting me know. Would you mind explaining to me how to proceed? I’m a bit fuzzy on how to do all this without my son helping me. x

In our public perception survey, technical illiteracy was a factor commonly suggested to increase both likelihood to fall for and be targeted for a scam. Technical illiteracy is implied in some templates, as above, but Doris also explicitly states her struggles with technology in some emails, For example

Am I able to choose how I would like to receive my money, such as a check or wire transfer? I’m just asking as I am not really familiar with all these online banking things and I would need to ask my son for help sorting it all out x.

Another characteristic we attempted to convey with Doris’ personality was compassion, a trait targeted by scammers (Coombs 2014; Titus and Gover 2001), especially in sympathy-based scams like charity scams. We attempt to suggest compassion through the use of kisses (“x”) and common use of terms expressing a mild endearment (e.g. calling the scammer “darling” or “love”). Additionally, Doris is gullible and trusting. This factor is mentioned in Coombs’ (2014) study regarding factors that increase susceptibility in the elderly. It is also mentioned in other literature surrounding scam susceptibility (Titus and Gover 2001; Langenderfer and Shimp 2001; Fischer et al. 2013). Doris (and also Alex, detailed below) is therefore designed to produce more excitable responses to certain prompts, suggesting a gullible enthusiasm:

This is incredible! I never thought this would happen to me. I just wanted to make sure you know how grateful I am x. This money will change my life, my pension has been barely keeping me afloat and this is just what I need! x

The combination of Doris’ gullibility and the allusion to her lower income are intended to make her seem like a viable target, since she has a higher motivation to take a risk to better her financial situation.

When Doris needs to respond to scammer irritation, she is non-confrontational and apologetic. We further lean in to her compassionate traits by calmly requesting patience from the scammer. This exploits the maternal and caring traits traditionally expected of older women (Coombs 2014). An example of one of Doris’ rant responses is:

I apologize if I’m being difficult or frustrating x. I’m not as tech-savvy as I’d like to be, and so if you could please be patient with me and explain things in a way that’s easy to understand, I would greatly appreciate it.

The aim is to diffuse the aggression from the scammer by apologising. Furthermore, it may make them more willing to pursue further conversation if they know they can treat her poorly and she is still eager to continue.

Validation Results The validation survey ascertained whether templates suitably conveyed each personality’s intended identity. The most popular of three example template options was Doris mentioning her son helping her with her banking app, supported in the feedback by multiple suggestions of having a family member to help and mentioning her struggles with technology. Many respondents commented positively on the use of kisses “x” in the emails, as they found it convincingly portrayed text written by an old woman.

The consensus amongst respondents was to use proper grammar and punctuation, alongside an element of formality. Furthermore, attention should be paid to the words she uses, with mentions of using stereotypically “old lady” phrases and terms of endearment such as “love” or “darling”, being suggested, but with cautions against overuse to avoid the personality sounding like a caricature.

Naive youth: Alex

To explore the other end of the spectrum regarding age’s effect on scammers' interest, we included a youthful personality. While the elderly are usually perceived as being more vulnerable, Titus & Gover claim that younger people are actually more targeted for scams (Titus and Gover 2001). Furthermore, Sheng et al. (2010) found that the most vulnerable demographic was younger people. As younger people are more often stereotyped as naive, this was a natural additional factor to include in Alex’s design.

The concept of naive optimism is the idea that someone views opportunities as more likely to have a positive outcome rather than negative. As Zakay puts it, “naive optimism is a potential hazard for decision making optimality” (Zakay 1990), which ties in with the idea that scammers try to encourage poor decision making (Carter and Brown 2020). Optimism is shown in Alex’s emails through consistent use of smiley face emoticon “:)”. Furthermore, particularly in the lottery scam, excitement and optimism (alongside gullibility) is shown:

just wanted to say thank you this is soooo cool:)))))

Following a suggestion from the validation survey, in some templates Alex mentions needing their father’s help, but not wanting to ask for it. This indicates a self-imposed removal of their own social support system, presenting themselves as more vulnerable, therefore hopefully increasing the scammer’s motivation for pursuit. A lack of social support has been shown to have an association with increasing scam vulnerability (Alves and Wilson 2008).

i don’t really understand bank transfers, i can ask my dad but i would rathar he didnt know about this.

Though spelling and grammatical errors provide no real indication of the intelligence of a person, we have used them in an attempt to further imply naivety or a lower education level, which has been found to increase an individual’s intention to respond to scams (Wood et al. 2018). In particular, note the lack of capitalisation used in Alex’s templates, this is done in an attempt to show their youth, as it has been observed that younger people tend to use lowercase even when it is not grammatically correct (Merrilees 2020).

When faced with scammer irritation, we attempt to convey that Alex is easily intimidated, as Schulte (1995) mentions intimidation as an increasing factor in his paper regarding susceptibility to telemarketing fraud. Although our context is email rather than telephone scams, intimidation is not uncommon, and compliant behaviour may be attractive to scammers:

i’m sorry please don’t be angry at me i will try and understand more quickly :( please dont shout at me or be angry.

Validation Results For Alex, the lowest ranked template was a formally written template, and the highest was casually written, and included an emoticon “:)”. When asked what aspects of the templates they thought were effective with respect to the template being convincingly written in Alex’s voice, several common suggestions arose. One of these suggestions was to use casual text, “chatty vocabulary” and colloquialisms. There were some disagreements in the responses as to how to effectively utilise punctuation, with some respondents liking the use of lots of exclamation marks, and others suggesting the amount being used was over the top, and to use less. Another point that several respondents disagreed on was whether emoticons or emojis should be used: we decided to use emoticons, since these were present in the top-ranked example template. A key suggestion was to display naivety and youth by having Alex mention asking their parents for help.

Rude middle-aged man: Dave

The personality of Dave is closely modelled around the typical profile of a romance scam victim presented by Whitty (2018), of a less kind, impulsive, middle-aged individual. He displays many of the opposite traits to those Doris displays. For example, he is rude instead of friendly, sceptical instead of gullible, and male instead of female. Furthermore, he lies in the middle of the age scale, as compared to being at one of the extreme ends, like Doris or Alex.

Dave was designed to explore the idea that annoying the scammer may make them more inclined to persist with the victim in order to get some form of vindication; however, this tactic also runs the obvious risk of the scammer giving up quickly if they perceive Dave as too stubborn and not worth the effort. Greed was one risk factor suggested in the public perception survey, and there is some support for this idea in the literature (Titus and Gover 2001; Fischer et al. 2013). Therefore, we attempt to display Dave’s greed in his templates through his curt, demanding manner of speaking. However, sometimes the content of his templates also gives a direct indication of his character. For example, if he is asked to send money to cover a fee, one of Dave’s responses is simply:

Can’t you put your own money in?

Furthermore, the use of imperatives and short, snappy sentences in Dave’s templates are supposed to convey an arrogant and entitled tone.

I don’t like the current solution we have arrived at. Make it better

Unlike Alex and Doris, Dave chooses a sceptical response rather than an excited response every few messages, for example:

Don’t bullshit me. if you are lying I will not send this fee.

The use of expletives further displays Dave’s rudeness, alongside his disrespect for the scammer. This confrontation may result in aggression from the scammer. This could possibly enrage them enough to be more determined to con Dave out of money, drawing out the conversation, and wasting more of the scammer’s time. In order to try and make Dave seem heartless, if our system detects signs of a sympathy-based scam, Dave will respond with an unsympathetic, self-interested response (in contrast to Doris and Alex, who submit sympathetic responses). For example:

Why are you messaging me about this?

When responding to scammer irritation, Dave’s templates have to be rude. One interesting piece of advice discussed in scam-baiting forums is to rant back at the scammer, as this often provides interesting responses (Al 2022). The issue the author outlines is that the scammer’s behaviour is unpredictable. They might abandon the conversation; however, it may enrage them enough to be more determined to scam Dave. These rant responses are rude, fully capitalised and contain many expletives. Furthermore, some templates threaten to terminate the conversation, this may make the scammer panic and apologise, or rant back again. One example is

DO NOT TALK TO ME IN THAT TONE. YOU WILL RESPECT ME AND I WILL STOP EMAILING YOU IF YOU DON’T TREAT ME WITH SOME FUCKING RESPECT. YOU NEED TO LEARN A LESSON YOU FUCKING IDIOT.

Validation Results The respondents’ first choice of example template for Dave contained short sentences, and the use of imperatives to convey an assertive tone. Most of the comments about the effectiveness of the templates dwelled on these features, i.e. responses such as “Arrogant text”, “Very direct, not very enthusiastic and not particularly polite.”, “short snappy sentences and quite demanding”. A key correction from participants was to not to use exclamation marks in Dave’s templates.

Professional business person: Sam

The motivation behind including a professional business person personality is that being perceived as a professional with greater access to disposable income is likely to be very attractive to scammers. A high level of education has been identified as a common factor in scam victims (Alves and Wilson 2008), it was found to increase an individual’s likelihood of responding to scams (Modic and Stephen 2012), and younger and more educated people often fall into a larger group of demographics and can be targeted more (Titus and Gover 2001). These traits were a natural fit for Sam. It is difficult to try and portray a high level of education over email, but we attempted this using formal sentence structures with correct grammar:

I’m sorry, could you please explain again about the necessity of this payment? I don’t recall being notified about it before now. Do you have any records of previous contact being made with me?

This template also implements a piece of advice taken from survey respondents, to ask for more details and reassurance from the scammer. The inclusion of these detailed questions could lead to longer conversations with the scammers. Sam’s high level of education is further implied by markers that they have an important role in an established company. This was conveyed through a signature appended to each email, which many respondents in the validation survey were pleased with:

Additionally, when the scam is identified as a dream job scam, it is appropriate for Sam to mention their high level of education, as seen here:

What qualifications are required for this job? I have a bachelors in Economics from the University of Exeter and 10 years experience in the working world.

At the stage in lottery scam conversations where our personalities reply with either a sceptical or excited response, Sam replies with a sceptical response, however they are not as rude as Dave. An example of this template is:

I’m not sure how I could have won the lottery without entering. Could you provide more information about how this is possible?

There is a special case with Sam’s sign off when compared with the other repliers, as they are the only replier to sign off with both their first and last name, as a marker of formality. When handling scammer irritation, Sam tries to mitigate the situation by politely demanding respect, but also showing that they are not intimidated by the scammer:

I appreciate you may be frustrated, but I would appreciate it if you could express this in a respectful way. It’s important to me that we communicate in a professional and constructive manner.

Validation Results Many respondents had a very positive response to the use of a signature in Sam’s emails, with 17 of the 23 participants ranking the template containing this to be the most appropriate. Other aspects commonly suggested by respondents were the use of formal language as well as good grammar. Another suggestion was to have Sam ask for reassurance and further details.

Scam-baiting experiment

With each personality-based reply system implemented as responder modules within (Chen et al. 2023)’s framework, and following initial testing, we ran a one-month experiment in which the system contacted real online fraudsters, assigning each of them to an attempted conversation with either one of our automated personalities or the control measure, which was Chen et al.’s random-response ‘Classifier & Template’ module. The system ran at slightly variable times in two hour intervals, to avoid any suspicious regularity in responses to fraudsters. Sending was also rate-limited to avoid any concerns from our mail delivery provider. Our study was approved by our institutional ethics review board (approval number 13740), with oversight of our experiments involving human subjects.Following the completion of the study period, conversation logs were sanitised by removing any conversations facilitated by an automated replier on behalf of the scammer—as we are interested only in evidence of sustaining a human scammer’s interest. Conversations containing more than two duplicate replies (n=12) were flagged for manual review to determine if the scammer side of the conversation appeared automated. Excluding such automated conversations, the system overall had interactions with 296 different scammers, receiving total of 1416 replies from them. Of the 296 successful conversations, 203 were transactional, and 81 were non-transactional. There were only 9 lottery and 3 love emails encountered in the study period.We compare the performance of reply systems in terms of both their reply initiation rate—the number of times they managed to start a conversation with a scammer—and their conversation length: the number of replies they extract from a scammer after having started a conversation.

Reply initiation rate

Table 2 shows the number of conversations initiated per approach made. While the scam-baiting framework should assign approximately equivalent numbers of scammers to each reply system, some approaches can fail due to, for example, the email bouncing because of action taken by the email provider to stop the scammer. Therefore, the ‘approaches delivered’ column counts the non-bounced approaches made by each personality. Overall, the system received an initial reply from the scammer 21.2% of the time. Interestingly, several of the personalities performed worse at attracting scammer responses than the control measure, with the exception being Doris, who performed slightly better. However, a -test found no significant difference in initiation rates , failing to reject the null hypothesis of approximately equivalent initiation rates.

Table 2 The number of conversations initiated per replier

Conversation length

The longest conversation by any personality was 31 rounds of conversation, which was achieved by Alex. This was followed closely by Doris, whose longest conversation lasted 30 rounds of conversation. Notably, these were a lot longer than the longest conversations had by the other personalities or the control measure, as shown in Table 3. As also illustrated in Fig. 3, Doris had the highest average conversation length with scammers. The only personality to under-perform relative to the control was Dave.

Table 3 Information about the length of baiting conversations

Fig. 3

_{A violin plot to show the distribution of data with respect to conversation lengths per replier}

A one-tailed Mann–Whitney U test was performed comparing the conversation length performance of each personality against the control measure. The Mann–Whitney U test, a non-parametric statistical test, was chosen because the Anderson Darling normality test showed the conversation length data were non-normal. The results are seen in Table 4. Surprisingly, the only personality that displayed a statistically significant increase in conversation length when compared against the classifier & template replier was Doris. However, failure to reject the null hypothesis for other personalities could be due to a lack of statistical power, and comparisons in an experiment obtaining more conversations could be beneficial.

Table 4 Mann–Whitney U test results for each personality against the classifier & template replier with regard to conversation length

Discussion

Out of all personalities, the only personality that performed significantly better than the control for conversation length was Doris. We expected Doris to be the best-performing personality, as she was designed to closely mirror the most common characteristics that arose in both the literature and the public perception survey. Given that the elderly are reported to be disproportionately affected by scams (Holtfreter et al. 2014), and there is a large body of literature on factors that may contribute to this (James et al. 2014; Coombs 2014; Friedman 1992), it does not surprise us that behavioural evidence from scammers confirms they are significantly more engaged in conversation with an automatic system designed to resemble an elderly woman.With regard to the effect of age on the scammer’s likelihood to pursue a target, Doris and Alex elicited the longest conversations. It could be the case that age is an increasing factor on both ends of the spectrum—an interpretation supported by the poor performance of middle-aged Dave. However, this difference in performance could also be indicative of friendliness and gullibility being significant factors, as these are traits in common between Alex and Doris, and Dave displays in general opposing personality traits.Sam was arguably the second-best system in our experiment. This could be due to the polite but professional tone of the emails, and the email signature, convincing the scammer their target has a stable job and disposable income. Dave, the worst performer, may have suffered because he was designed around the victim profile provided by Whitty (2018) for typical romance scam victims. The victim profile for romance scams is very different to the generally accepted profile of other scam victims. Since there were only 3 love schemes identified in our study, this may have affected Dave more severely.For each replier, a large proportion of the conversations are short with less than 5 rounds of replies, with the median conversation being fairly short and a substantial number of the conversations falling between receiving 5 replies or less. This could suggest that many scammers do not view the personalities as viable enough targets to pursue (Herley 2012), and that there is room for further improvement to make the automated responders more convincingly human. However, the skew towards shorter conversations could also be because many conversations were still being started as the experiment was coming to an end, and some scammers take longer to reply to approaches. A longer study period could help identify these issues in more detail, and we would especially recommend including a tapering-off process to avoid the system approaching new scammers towards the end of the study.Our approach suffers from some key limitations. The design of personalities is not a straightforward exercise and necessitates some mixing of multiple factors, complicating interpretations of our findings. Further, the designs are influenced by our own cultural biases, and scammers not from the same cultural background may not have interpreted the identity cues in the way we intended. For example, Doris was closely designed to mimic the quintessentially English grandmother, and tested against a likely predominantly English audience, and aspects of this personality may not be understood to a scammer who has not been exposed to this stereotype.At a more practical level, the template-based methodology of personality design scales broadly—it engages many scammers and can do so simultaneously—but not deeply, as scammers will eventually exhaust the template responses, leading to repetitions that eventually will reveal that the personality is not human. Information-sharing between scammers could also lead to particular personalities being recognised in the future, limiting their reuse value as points of comparison. Alternative approaches to creating more dynamic ‘personality’ reply systems could avoid this limitation.

Interesting scammer behaviour

As our study mechanism gives us rare access to the communications of scammers in mid-conversation, we highlight below some of the interesting behaviours observed in our transcripts.The Irritation Stage A key motivation for manually reviewing conversations containing duplicate message was that we noticed (presumably) human responders getting annoyed and then proceeding to send short one-word duplicate emails. For example, the longest conversation had by the classifier & template replier ended with multiple emails that just read “ok” or “,”. This may have been the result of a scammer identifying that they were talking to a bot, or due to irritation from repetitive questions. We saw multiple examples of such irritation, largely provoked when the automated systems ran out of unique template responses:

“How are you repeating one question or the other. How many times will you ask a question?.Are you kidding me or what? Have a nice day” Scammer A

“You have ask this question. Before and I assured you and you keep repeating same question, Well I assure you 100%.” Scammer C

“We are not going to take any further question from you, especially questions that have been answered repeatedly. When you are ready to follow the process to claim your winning (prize) then do the needful by providing your details, and you have till Friday 25th March to do that, otherwise we may have to terminate your payment without any further consideration, and a fresh raffle draw will be conducted for another participant to take your slot.” Scammer E

Notice in the last example, the scammer responds to our time-wasting with attempts to introduce new time pressure, introducing a false deadline. From this feedback, we suspect that the repetition of questions is prematurely ending conversations, and an immediate improvement to the system could be to increase the bank of templates for each category. A longer-term solution could be to switch to text generated content (see e.g. Bajaj and Edwards (2023)) once manually written templates have been exhausted and a solid pretext has been established for the pretend victim. This would help in avoiding exact copies of emails being sent.Flattery Another interesting behaviour displayed by some of the scammers was their inclination to heavily compliment their victims. This could be a method of weeding out non-viable victims, as the people most susceptible to flattery are “unsuspicious and trusting” (Eylon and Heyd 2008). This may be one of the reasons that gullibility and trust are commonly identified to be factors that increase vulnerability to scams. Several examples of the flattery used by scammers can be seen in the following email excerpts:

“According to the email i received from you, i must say thank you very much, for your high sense of maturity, intelligence, experience and understanding displayed on your email” Scammer F

“my brother,my heart is full of joy .Insha Allah I will always love you and your entire family.you have truly proved to me that you are a man of your word and very honest man” Scammer G

“Thanks for your kind response to my email, I am so much appreciated. PLease note business is 100% risk free and I also believe that you are a kind person who can take care of my daughter very well once you have my late husband’s money received in your account.” Scammer H

This is not a Scam In some of the conversations, the scammer makes an explicit statement about not being a scammer. This may seem like an obvious indication to most people that the conversation is not legitimate, and it could again be a way to weed out less gullible targets. Some examples of this can be seen in the following excerpts:

“I’m not a scammer as you think. And the reason why some people were scammed before now. Is because they deal with the wrong people on the internet and not real people like this consignment package.” Scammer I

“This is just to inform you that the deal I want to do with you is100% risk free provided that we can trust each other, be sincere with each other and keep it confidential.” Scammer L

Also note that Scammer L makes a specific effort to tell their victim to keep their communication a secret. If the victim’s family member or friend is told about their plans, they may be able to more easily identify the fact that the scammer is defrauding the victim and let them know. This victim-isolating behaviour coheres with explanations for the factors of low social support and loneliness increasing scam vulnerability (Lichtenberg et al. 2013; Lawson and Leck 2006; Holtfreter et al. 2014; Sur et al. 2021). We saw this isolating behaviour several times in other contexts:

“The third was I demand you keep our involvement secret because if the office comprehends I was assisting for a monetary compensation I will be punished.” Scammer M

“Please my services you keep secret to yourself and follow my legal step as I will provide to you the bank processing form which you fill to return for your due payment.” Scammer N

Scammers Presenting Themselves as Trustworthy Scammers will often make an effort to explicitly state that they are trustworthy, and claim to have other positive qualities. This may be a shortcut for the scammer to establish a positive rapport with their victim, a method of grooming them. Examples of their self-promotion can be seen in the following excerpts:

“I want to assure you of the success of this transaction and that you will not regret doing this with me. First of all, it is important that you know that the basis of this transaction and my relationship with you is 100% TRUST.” Scammer P

“To be candid with you, I cannot be here wasting my time and yours if this is not true, I am too religious for that, you have absolutely nothing to worry about. I will equally take some step further to allay your fears that you have nothing to fear.”“I really have to say this to you, I am a born again Christian which i believe you are, but I have to still assure you here that you are dealing with a responsible man and of high integrity.” Scammer R

Note how in some responses, the scammer paints themselves as religious. Edgell et al. (2006) found that religious people are perceived to be more trustworthy, possibly due to them being associated with a high level of morality, this is supported by Moon et al. (2018), also finding religious people are more trustworthy, especially to other religious people. In future personality-based scam-baiting experiments, this could be explored experimentally through the provision of a ‘devoutly religious’ personality-based reply system.

Implications and future directions

Our findings suggest that, at least within the forms of email-based fraud tackled by our system, certain conceptions of the ‘ideal’ or ‘typical’ victim from previous fraud research do not provide the expected response from online fraudsters. Most notably, the personality of Dave, designed to resemble the typical romance fraud victim according to Whitty (2018), was one of the worst performers, suggesting that, at the least, the romance fraud victim profile does not generalise to other forms of online fraud. However, presenting a believable personality to scammers necessarily involves including multiple facets, complicating analyses. Our framework allows for research questions to be refined on the basis of behavioural responses from scammers, suggesting a number of directions for future experiments.One example of more directed experimentation would include comparison of different personality facets while holding some factors of interest constant. For example, the personality of Doris could be contrasted with other personalities that also present as elderly, allowing us to extract behavioural evidence about which signals make online fraudsters more or less interested in engaging with an elderly person, informing more specific preventative campaigns. Our insights from these conversations can also help identify new factors for similar comparisons—the identification of religion as a characteristic of interest to scammers suggests the possibility of an experiment comparing personalities designed to signal different religious backgrounds or degrees of religiosity.

Conclusion

Our automatic scam-baiting reply system designed around a kind old woman personality profile was shown to have a statistically significant increase in conversation length as compared to the control system. At a technical level, this gives us reason to believe that automated systems comprising of repliers following personality briefs and established conversation structures could be an effective countermeasure for email-based online fraud.More particularly, our result provides behavioural evidence that scammers are more likely to engage and persist with targets they believe are elderly. The directness of this evidence, which does not rely on a scam being successful or being reported, helps to avoid confounding factors that have plagued previous studies: our finding cannot be directly attributed to the elderly being more likely to report scams, or more likely to fall victim. The implications of this being that perhaps more specific and effective countermeasures for fraud could be deployed. For example, directed teaching resources for the elderly to increase technological competency and knowledge of scams.However, the design of personality profiles is necessarily multifaceted, and other factors in Doris’ profile may be more significant than her age alone. We present this result as an example of how technology facilitates novel experimental approaches to understanding and countering online fraud.

Introduction

Individuals who commit fraud have been present in society for centuries, but their activities have grown significantly with the rise of email. Online methods allow these individuals to reach a large number of potential victims with minimal effort. The tactics used by these fraudsters vary, from offering highly appealing incentives such as large sums of money or profitable business deals, to generating sympathy from victims through emotional language and descriptions of difficult circumstances. These fraudulent schemes are unfortunately very effective. For example, in December 2022, a program in Australia reported over AUD 6 million lost from more than 6,000 victim reports related to email scams. Similar losses were seen in the UK, with over GBP 1.2 billion lost to fraud in 2022, and in the US, where reported losses from cyberattacks increased to over USD 10 billion in the same year.

Many techniques are used to reduce the impact of email-based fraud. These include government guides and public advice on recognizing scams, email filtering based on content, and blocking senders from specific internet addresses or domains. One potentially effective, though debated, method is known as scam-baiting. Scam-baiters attempt to address the widespread issue of scams by pretending to be potential victims and engaging fraudsters in conversations. The goal is to waste as much of the fraudster’s time as possible, thereby diverting them from targeting genuine victims. While the ethics of some scam-baiting activities are discussed, a main challenge with individual scam-baiters is that their own time is consumed, and there are far more fraudsters than scam-baiters. This suggests a need for an automated solution.

A system has been developed for automatic scam-baiting, where fraudsters are automatically engaged in conversations using different reply strategies. While initially designed to test anti-fraud measures, this system also allows for direct behavioral studies on email-based fraudsters. By carefully creating different reply strategies and comparing their effectiveness against control measures, it becomes possible to test ideas about what fraudsters find appealing in their interactions with "victims."

This paper utilizes this approach to examine a key question in online fraud research from a new perspective: what characteristics do fraudsters find attractive in potential victims? Four distinct "personalities" were created for the automated reply systems. These personalities were developed based on existing research about traits that may make individuals vulnerable to scams, as well as small surveys on public perceptions of fraud susceptibility. The engagement of fraudsters with these personalities was then compared to assess the importance of various factors, such as age, general attitude, and social support. Notably, one personality was designed based on prior research suggesting that older adults may be particularly susceptible to fraud. By comparing the performance of these personalities in real conversations with online fraudsters, evidence is gathered on which types of individuals the fraudsters themselves consider most viable as victims.

Background

It is widely believed that older adults are more frequently victims of fraud and financial exploitation, with evidence indicating they are disproportionately affected by financial scams. Many studies have explored the reasons behind this. Earlier research, such as a 1992 study, suggested that women were considered more desirable victims than men, and that being unmarried, living alone, or being friendly towards strangers were common victim characteristics. However, some factors identified at that time might not apply today, especially in email-based scams where physical access is not a factor.

Another review of scams targeting older adults described a typical victim of financial exploitation as a trusting older woman with some cognitive impairment. It was suggested that older women are often more nurturing, making them more vulnerable to emotionally driven sympathy scams. They might have also outlived a spouse who handled financial decisions. Additionally, a lack of understanding of digital banking and safe internet use, due to not having grown up with the technology, was seen as increasing risk for older adults.

However, other studies present different victim profiles. One survey of older victims of telemarketing fraud suggested a profile including being male, highly educated, and divorced. It was argued that marital status might play a role, as loneliness could lead individuals to use phone conversations for social support. Loneliness has been identified in some studies as a predictor of susceptibility to scams, particularly in older adults, though other research has found no significant link. Understanding of digital security, such as identifying fraud cues, has also been connected to socioeconomic status through the influence of social networks spreading security information.

Research into factors affecting susceptibility in older adults without dementia found that women were no more susceptible than men, and that education and income did not appear to influence susceptibility. Factors that did affect vulnerability included poor financial and general literacy, lower cognitive ability, and poorer health and psychological well-being. A trend of less social support was observed, though not statistically significant. Conversely, older individuals who socialized more outside their homes were found to be less likely to experience financial mistreatment, supporting the idea that loneliness is a factor in susceptibility.

The role of education in scam susceptibility is debated. Some studies have found that lower levels of education increase the likelihood of an individual intending to engage with a scam. However, other research suggests that older and less-educated individuals are targeted less often than younger and more educated individuals, possibly because the latter have more varied consumer engagement, increasing their exposure. Some studies even found that higher levels of education correlated with a higher likelihood of responding to scams, particularly romance scams. Challenging the common belief that older adults are heavily targeted, some research argues that fraud levels are not disproportionately high among older age groups, and one study on phishing scams found individuals aged 18-25 to be the most vulnerable. Other findings indicate that older, less-educated single adults are more vulnerable, with income being a significant factor when education was not considered due to their strong correlation. Regarding age and gender, women over 65 were found to be more vulnerable than men of the same age, but the opposite was true for those under 65.

Gullibility and high levels of trust have been identified in several studies as factors influencing vulnerability. Additionally, overly trusting organizations can make an individual more open to scams. Greed is also discussed as a characteristic that makes an individual more likely to interact with a fraudster, and the offer of a large prize can impair decision-making. Being a previous scam victim is a strong predictor of being targeted again, partly because lists of successfully scammed victims are sold among fraudsters.

Other victim characteristics include compassion, generosity, and respect for authority, which can be exploited by fraudsters in certain schemes. Higher levels of agreeableness have been linked to a greater likelihood of responding to a scam. Personality traits such as being easily intimidated have also been identified as factors. Fraudsters may alternate between complimenting and intimidating their targets, sometimes even threatening harm. One study comparing romance scam victims to non-victims found that middle-aged people were most likely to fall for romance scams. Contrary to the idea that friendlier people fall for scams more often, this study found that less kind people were more likely to fall for romance scams, with impulsivity and lack of control also being contributing factors.

The general consensus in existing research suggests that being older, lonelier, having a lower level of education, and being friendly and trusting are the most commonly identified characteristics affecting an individual's susceptibility to scams. However, there are conflicting findings regarding all these points, with some studies finding factors insignificant or having the opposite effect. For instance, victim profiles for older fraud victims often contradict each other. The effect of gender, in particular, remains a contentious topic, with studies showing no significant effect, results confounded by other variables like age, or conflicting outcomes.

Many previous studies rely on victims reporting their experiences, which can skew the understanding of victim vulnerability. This issue is compounded by the general underreporting of cybercrime. Victims may not consider their losses significant or feel too embarrassed to report the crime. Underreporting can also occur because victims believe they lack sufficient evidence or fear for their safety. Distinguishing reporting rates from actual victim susceptibility and targeted efforts by fraudsters is a major challenge in fraud research. To overcome these complexities, a new methodology was designed where different simulated victims directly engage with fraudsters. This approach provides novel behavioral evidence about which victim presentations attract the most engagement from offenders, avoiding confounding issues related to varying reporting rates across different demographics, and allowing insight into factors that lead to increased effort from offenders.

Personality design

Drawing on various aspects of existing research, four personalities were designed as automated reply systems. For each system, a series of pre-written responses were created to reflect the personality's traits. These responses were structured to guide the conversation partner through the expected stages of different scam types. Since persuasion tactics vary, each personality system included scripts for two main categories of fraud: "transactional" schemes, where the fraud relies on the recipient pursuing their own financial interests, and "non-transactional" schemes, which use emotional appeals rather than financial incentives. To handle specific fraud formats in more detail, additional scripts were developed for "lottery" and "love" scams, as examples of each category. In total, 16 scripts were developed, encompassing over 750 email templates designed to represent how the intended personalities would react to each scam format.

The responses generated by the reply systems were primarily determined by the design of each individual personality. However, there were common elements across all personality systems. First, conversations were categorized to select the appropriate script. Second, with each new message, the system attempted to identify the current stage of the scam process using specific keywords. Each script included "rant response" and "remain on email response" templates to address situations where fraudsters became annoyed or tried to move the conversation to other communication methods. The conversation classification also influenced how replies were selected for each personality. For example, in transactional schemes, the process involved identifying possible sub-categories, sending certain responses only rarely to create unpredictability, and delivering specific responses only after a payment demand. This last tactic aimed to simulate a "near win" scenario to keep the fraudster engaged. Similar processes were designed for each fraud type, with particular attention paid to countering tactics like time pressure or demands for payment and information.

Regarding ethical considerations, scam-baiting can be a controversial tactic. Many ethical concerns arise from scam-baiters convincing fraudsters to perform embarrassing actions for public humiliation or gathering evidence through illegal means. Therefore, the automated repliers were not designed to be "Trophy Hunters"; they do not ask fraudsters to send embarrassing images or attempt to trick fraudsters into sending money.

Personalities

To inform the design of personalities for the response systems, a public perception survey was conducted with a small group of anonymous participants. This survey aimed to identify factors that the general public believed increased the risk of being targeted by fraudsters and falling for scams. The results indicated that participants generally considered being older to carry a higher risk for both being targeted and becoming a victim of online fraud. The most common view was that education level had no impact on fraud victimization, though no participants thought higher education increased targeting risk, while a third believed lower education increased risk. Most participants thought that a lack of prior scam exposure made someone more likely to be targeted and victimized, though responses varied most on this point. Kindness was generally seen as either having no effect or increasing the risk of targeting and victimization, with no participants believing that being less kind was a risk factor.

When asked about other factors increasing an individual's susceptibility, common themes emerged. For factors affecting targeting likelihood, participants frequently mentioned insufficient technical knowledge, higher wealth, old age, and loneliness. Characteristics mentioned for increasing the likelihood of falling for a scam, but not necessarily for being targeted, included greed, gullibility, and trust.

One notable difference between factors related to targeting versus falling for a scam concerned an individual's wealth. The public perceived that fraudsters prefer to target wealthier individuals, which is logical as their aim is to extract money. However, lower wealth was seen as increasing an individual's likelihood of falling for a scam, explained by individuals in financial difficulty being more inclined to take risks to improve their situation.

Based on these survey results and existing research, template responses were designed for four distinct personalities, given shorthand names: Doris, a kind old woman; Alex, a naive youth; Dave, a rude middle-aged man; and Sam, a professional business person. These names were for internal use, while actual email sign-offs used randomly generated names, with gender parameters for Doris (female) and Dave (male). These personalities were chosen to test a range of factors identified in both the research and the survey as being linked to fraud victimization. Before behavioral experiments, a validation survey was run to ensure the personalities were perceived as intended. This survey provided feedback that was incorporated into the design, though detailed demographics of respondents were not collected.

Doris was designed as a kind old woman, embodying traits commonly associated with financial fraud victims: trusting, caring, widowed, and having low technological literacy. Her personality subtly conveyed widowhood and reliance on her son for financial and technical matters, aiming to suggest she lives alone and needs assistance. Technical illiteracy was explicitly stated in some emails. Compassion was implied through affectionate language, and her gullibility and enthusiasm for opportunities were used to make her seem like a viable target with a strong motivation to improve her financial situation. When faced with frustration, Doris responded with apologies and requests for patience, leveraging traditional expectations of older women to diffuse aggression. Validation feedback confirmed that mentioning her son and using "x" in emails effectively portrayed an older woman, and suggested using proper grammar, formality, and "old lady" phrases without becoming a caricature.

Alex, the naive youth, was designed to explore the effect of a younger age on fraudster interest, given some research suggests younger people are also frequently targeted. Naive optimism was conveyed through consistent use of smiley emoticons and excited responses. Alex's templates sometimes mentioned needing, but not wanting, parental help, indicating a self-imposed lack of social support. Intentional spelling and grammatical errors, particularly lack of capitalization, were used to imply youth or lower education. When confronted, Alex's responses showed intimidation, aiming to encourage continued engagement from fraudsters who might find compliant behavior attractive. Validation results confirmed that casual, "chatty" language and emoticons were effective, with suggestions to emphasize naivety by mentioning parental help.

Dave, the rude middle-aged man, was modeled after the typical romance scam victim profile—less kind, impulsive, and middle-aged—and displayed traits opposite to Doris. His design aimed to test if annoying a fraudster might provoke persistence, though it risked quick abandonment. Greed was conveyed through curt, demanding language and specific examples of his self-interest. Dave's responses were often skeptical and included expletives and threats to terminate the conversation, which might enrage fraudsters into greater determination or provoke apologies. If a sympathy scam was detected, Dave responded unsympathetically. Validation feedback confirmed that short, direct, and arrogant sentences effectively conveyed Dave's personality, with participants suggesting avoiding exclamation marks.

Sam, the professional business person, was included because professionals with disposable income are likely attractive to fraudsters. High education levels and responsiveness to scams have been linked to such individuals. Sam's high level of education was implied through formal sentence structures, correct grammar, and a professional email signature. When responding to lottery scams, Sam was skeptical but polite, asking for more details and reassurance, which could lead to longer conversations. When dealing with fraudster irritation, Sam politely demanded respect while demonstrating an unintimidated demeanor. Validation results showed that a professional signature was highly effective in conveying Sam's identity, along with the use of formal language and requests for further details.

Scam-baiting experiment

With each personality-based reply system integrated into an automated framework, a one-month experiment was conducted where the system contacted real online fraudsters. Each fraudster was assigned to an attempted conversation with either one of the automated personalities or a control measure (a random-response module). The system operated at slightly varied times in two-hour intervals to avoid suspicious regularity and was rate-limited to prevent issues with the mail delivery provider. The study received institutional ethics approval for experiments involving human subjects.

After the study period, conversation logs were cleaned by removing interactions where the fraudster's side of the conversation appeared automated. Excluding these automated conversations, the system engaged with 296 different fraudsters, receiving a total of 1416 replies. Of these, 203 conversations involved transactional schemes, and 81 involved non-transactional schemes. Only 9 lottery and 3 love emails were encountered during the study. The performance of the reply systems was compared using two metrics: their "reply initiation rate," which is the number of times they successfully started a conversation with a fraudster, and their "conversation length," which is the number of replies extracted from a fraudster after a conversation began.

Reply initiation rate

When considering the number of conversations initiated per approach, the system received an initial reply from the fraudster 21.2% of the time. While the automated system aimed to assign an equal number of fraudsters to each reply system, some approaches failed, for example, due to the email bouncing. The data showed that most personalities were less effective at attracting fraudster responses than the control measure, with the exception of Doris, who performed slightly better. However, statistical analysis found no significant difference in initiation rates across the personalities, indicating that their ability to start a conversation was roughly equivalent.

Conversation length

The longest conversation achieved by any personality lasted 31 rounds, which was with Alex. Doris closely followed with a conversation lasting 30 rounds. These conversations were notably longer than those sustained by other personalities or the control measure. Doris also had the highest average conversation length with fraudsters. Dave was the only personality who performed worse than the control. Statistical analysis, a non-parametric Mann–Whitney U test, was performed to compare the conversation length performance of each personality against the control measure. Surprisingly, only Doris demonstrated a statistically significant increase in conversation length compared to the control. The lack of significant difference for other personalities might be due to insufficient statistical power, suggesting that an experiment with more conversations could yield further insights.

Discussion

Among all the personalities, only Doris demonstrated a statistically significant improvement in conversation length compared to the control. This outcome was anticipated, as Doris was designed to closely reflect characteristics commonly identified in both academic literature and the public perception survey. Given that older adults are reported to be disproportionately affected by scams and that there is extensive research on contributing factors, it is not surprising that behavioral evidence from fraudsters confirms their significantly increased engagement with an automated system designed to resemble an older woman.

Regarding the impact of age on a fraudster's likelihood to pursue a target, both Doris and Alex elicited the longest conversations. This could suggest that age is an increasing factor at both ends of the spectrum, an interpretation supported by the poor performance of the middle-aged Dave. However, this performance difference might also indicate that friendliness and gullibility are more significant factors, as these traits are common to both Alex and Doris, whereas Dave generally exhibited opposing characteristics. Sam was arguably the second-best performing system, possibly due to the polite yet professional tone of the emails and the professional email signature, which may have convinced fraudsters that their target held a stable job and possessed disposable income. Dave, the worst performer, might have suffered because his personality was specifically designed around the typical romance scam victim profile. Given that only a very small number of romance schemes were identified in the study, this limited exposure may have severely impacted Dave's observed performance.

A significant proportion of conversations across all repliers were short, with many lasting five replies or less. This suggests that many fraudsters might not have viewed the personalities as sufficiently viable targets to pursue, or that there is considerable room for improvement in making the automated responders more convincingly human. The skew towards shorter conversations could also be due to many conversations still being active as the experiment concluded, and some fraudsters naturally take longer to reply. A longer study period could provide more detailed insights into these issues, and a tapering-off process is recommended to avoid initiating new conversations near the end of a study.

Observations from the communications revealed interesting fraudster behaviors. A "frustration stage" was noted where fraudsters, presumably human, became annoyed and sent short or duplicate emails, particularly when the automated systems ran out of unique template responses. This suggests that repetition of questions prematurely ends conversations, and an immediate improvement could involve expanding the template library or transitioning to text-generated content once a pretext is established. Another behavior observed was "flattery," where fraudsters heavily complimented their targets, possibly as a method to identify "unsuspicious and trusting" individuals. Additionally, some fraudsters explicitly stated "this is not a scam" and urged victims to keep communications secret, which is a victim-isolating tactic coherent with the idea that low social support increases scam vulnerability. Finally, fraudsters often presented themselves as trustworthy, sometimes claiming religious affiliations, as religious individuals are often perceived as more credible. Future experiments could explore the provision of a "devoutly religious" personality-based reply system.

The findings suggest that certain common perceptions of the "ideal" scam victim may not always elicit the expected response from online fraudsters, particularly as the romance fraud victim profile did not generalize to other forms of online fraud. However, personality design necessarily involves multiple facets, which complicates interpretations. The framework allows for refining research questions based on fraudster behavioral responses, suggesting several future experimental directions. For example, comparing different facets of a personality while keeping other factors constant could provide behavioral evidence about which specific signals make fraudsters more or less interested in engaging with an older person, informing more targeted preventative campaigns. Insights from these conversations can also identify new factors for comparison, such as the role of religion, suggesting experiments with personalities designed to signal different religious backgrounds or degrees of religiosity.

Conclusion

The automatic scam-baiting reply system, particularly when designed around a "kind old woman" personality profile, demonstrated a statistically significant increase in conversation length compared to the control system. At a technical level, this suggests that automated systems incorporating personality briefs and structured conversations could be an effective countermeasure against email-based online fraud.

More specifically, this result provides direct behavioral evidence that fraudsters are more likely to engage with and persist in conversations with targets they believe are older. The directness of this evidence, which does not rely on a scam's success or whether it was reported, helps to avoid confounding factors that have affected previous studies. This finding cannot be directly attributed to older adults being more likely to report scams or more likely to fall victim. The implication is that more specific and effective countermeasures for fraud could be developed, such as targeted educational resources for older adults to enhance their technological competency and scam awareness. However, the design of personality profiles is inherently complex and involves multiple factors, meaning that other aspects of Doris's profile may be more significant than her age alone. This study highlights how technology facilitates novel experimental approaches to understanding and countering online fraud.

Introduction

Scammers have been active in society for centuries, but their reach has grown significantly with the advent of email. Online scams allow fraudsters to access many potential victims with minimal effort. Their tactics range from offering "too good to be true" incentives, such as large sums of money or profitable business deals, to eliciting sympathy by describing difficult situations. These fraudulent schemes often prove effective. In December 2022, for example, a significant amount of money was reported lost to email-based scams in Australia, the UK, and the US.

Various methods attempt to reduce email fraud, including government guides, public advice on recognizing and avoiding scams, and technical measures like email filtering and blacklisting problematic senders. One emerging, though debated, countermeasure is scam-baiting. Scam-baiters pretend to be potential victims and engage scammers in conversations, aiming to waste the scammer's time and divert them from targeting genuine individuals. While some ethical aspects of scam-baiting are debated, a key challenge for individual scam-baiters is that their own time is consumed, and scammers greatly outnumber them. This suggests a need for automated solutions.

An automated framework for scam-baiting has been developed, which assigns scammers to different automated reply strategies. Initially designed to test anti-fraud measures, this framework also allows for direct study of fraudsters' behavior. By carefully creating different reply strategies and comparing their effectiveness, researchers can test hypotheses about what fraudsters find appealing in their interactions with "victims."

This paper utilizes this approach to investigate a central question in online fraud research: what characteristics do fraudsters find attractive in potential victims? Researchers created four distinct "personalities" for the reply systems, based on existing literature about fraud susceptibility and public perceptions. By comparing how fraudsters engaged with these personalities, the study assesses the importance of factors like age, disposition, and social support. One personality, in particular, was designed based on prior research suggesting that older adults might be especially vulnerable to fraud. Observing how these personalities performed in real conversations with online fraudsters provides insights into which victim profiles scammers themselves consider most viable.

Background

It is widely believed that older adults are more frequently targeted by fraud and financial exploitation, with some early research suggesting characteristics like being female, unmarried, living alone, or friendly towards strangers. However, these older findings may not fully apply to modern email-based scams. Some reviews describe a typical older victim as a trusting, caring woman with some cognitive impairment, possibly lacking digital banking understanding. Conversely, other research suggests a profile including highly educated, divorced men, with loneliness cited as a potential factor for vulnerability.

The impact of factors like age, gender, and education on scam susceptibility is debated across studies. Some research indicates that women are no more susceptible than men, and education or income might not affect vulnerability, instead highlighting poor financial literacy or cognitive function. Regarding education, some studies suggest lower levels increase scam engagement, while others found that better-educated individuals were more likely to respond. Similarly, while older adults are often seen as more vulnerable, some studies suggest younger adults are more susceptible to certain types of scams like phishing.

Commonly identified personality traits affecting vulnerability include gullibility, high levels of trust, and greed. Individuals who have been scammed before are also more likely to be targeted again. Additionally, traits like compassion, generosity, respect for authority, and agreeableness can be exploited by scammers. The literature presents conflicting evidence on the significance of many of these factors, leading to diverse and sometimes contradictory victim profiles.

Many prior studies rely on self-reported victimization, which can skew the understanding of victim vulnerability due to varying reporting rates among different demographics and the general underreporting of cybercrime. Victims may feel embarrassed, lack evidence, or fear for their safety. To overcome these limitations and gain a clearer picture, this study uses a method that allows automated "pseudo-victims" to engage directly with scammers. This approach provides new behavioral evidence about which victim presentations attract the most engagement from offenders, without the confounding issues of reporting rates by different demographics.

Personality Design

Researchers designed four distinct personalities for automated reply systems, drawing from existing literature and a public perception survey. Each personality system included template responses designed to guide conversations through typical scam stages. Since persuasion tactics vary, scripts were developed for two general types of fraud: transactional schemes (where the victim seeks financial gain) and non-transactional schemes (using emotional appeals). Specific scripts for lottery and love fraud were also created as instances of these categories. In total, 16 scripts with over 750 email templates were developed to reflect each personality's reactions.

Responses from the reply systems were primarily determined by the personality design, but commonalities existed. Conversations were classified to select the correct script. The system tracked the conversation's stage using keywords. Each script also included "rant response" and "remain on email response" templates to manage scammer frustration or attempts to shift communication channels. The classification also influenced reply selection, particularly for transactional schemes, where responses might be rare to increase unpredictability or sent only after a payment demand to simulate a "near win" and keep the scammer engaged. Similar processes addressed time pressure or demands for payment and information for each fraud type.

Ethical considerations were important. Unlike some human scam-baiters who seek public humiliation or engage in illegal evidence collection, these automated repliers were not designed to be "Trophy Hunters." They did not request embarrassing actions from scammers or attempt to defraud them.

A public perception survey (with 92 anonymous participants) was conducted to identify factors considered by the general public as increasing risk for targeting or falling for scams. Participants generally perceived older age as carrying higher risk. Education level was mostly thought to have no effect, though no participants believed higher education increased targeting risk. Never having been exposed to a scam was often seen as increasing risk. Kindness was consistently associated with either no effect or increased risk. Additional factors mentioned included insufficient technical knowledge, higher wealth (for targeting), loneliness, greed, gullibility, and trust. Lower wealth was seen as increasing a person's likelihood to fall for a scam if they were already in a difficult financial situation.

Based on these findings and prior literature, four personalities were named for shorthand: Doris (a kind old woman), Alex (a naive youth), Dave (a rude middle-aged man), and Sam (a professional business person). These names were not used in actual emails; random names were generated. These personalities were chosen to test a range of factors linked to fraud victimization. A validation survey confirmed that the template implementations were perceived as intended, with feedback integrated into the design.

Kind Old Woman: Doris

Doris's personality was designed based on the strong public perception that old age increases scam vulnerability and typical financial victim profiles found in literature. She embodies a trusting, caring, widowed elderly woman with low technological literacy. To subtly convey widowhood and loneliness, Doris's templates occasionally mention her "late husband," especially regarding financial matters, suggesting he was her financial decision-maker. More often, she mentions her son, alluding to asking for his advice, implying she lives alone and needs help with certain actions.

Her technological illiteracy is either implied or explicitly stated, for example, by asking for help with "all these online banking things." Doris also displays compassion, a trait often targeted in sympathy scams. This is conveyed through the use of "x" (kisses) and mild terms of endearment like "darling." She is also gullible and trusting, producing excitable responses to prompts, such as expressing disbelief and gratitude for a potential large sum of money, noting it would change her life and help with her pension. This combination of gullibility and implied lower income is intended to make her appear as a viable target with high motivation to take a financial risk. When faced with scammer irritation, Doris is non-confrontational and apologetic, calmly requesting patience, which exploits traditional maternal traits to diffuse aggression and encourage continued engagement. Validation confirmed the effectiveness of using phrases like "my son helping her with her banking app," "x" for kisses, proper grammar with a touch of formality, and "old lady" phrases while avoiding caricature.

Naive Youth: Alex

Alex's personality explores the other end of the age spectrum, building on claims that younger people are more targeted or vulnerable. Naivety and optimistic views of opportunities are central to Alex's design, conveyed through consistent use of smiley face emoticons and excited, gullible responses, particularly in lottery scams.

To present vulnerability, Alex sometimes mentions needing their father's help but wishing not to ask for it, indicating a self-imposed removal of social support, which has been linked to increased scam vulnerability. To imply naivety or lower education, Alex's templates often use misspellings and grammatical errors, notably a lack of capitalization, reflecting how younger people might text. When confronted by scammer irritation, Alex is designed to appear easily intimidated, apologizing and pleading for patience to maintain engagement, suggesting a compliant behavior that might appeal to scammers. Validation confirmed the preference for casual, "chatty vocabulary," and colloquialisms, including emoticons, to convincingly portray a naive youth, along with the idea of mentioning parental help.

Rude Middle-Aged Man: Dave

Dave's personality is modeled after a typical romance scam victim profile described as less kind, impulsive, and middle-aged. He presents traits opposite to Doris, being rude, skeptical, and male, and represents a middle age group. Dave's design aims to test if annoying a scammer might make them more inclined to persist out of vindication, though this risks the scammer giving up.

Greed, a suggested risk factor, is displayed through his curt, demanding speech and direct questions like, "Can't you put your own money in?" His use of imperatives and short, snappy sentences conveys arrogance. Unlike Alex and Doris, Dave frequently expresses skepticism, using phrases like, "Don't bullshit me," and includes expletives to show rudeness and disrespect, which might enrage scammers into more determined pursuit. In sympathy-based scams, Dave responds unsympathetically, such as, "Why are you messaging me about this?" When facing irritation, Dave's templates respond rudely, often in fully capitalized "rant responses" with expletives, sometimes threatening to end the conversation, potentially causing scammers to panic or react aggressively. Validation confirmed the effectiveness of short, direct, and demanding sentences to convey arrogance, with advice against using exclamation marks.

Professional Business Person: Sam

Sam's personality as a professional business person aims to attract scammers with the perception of disposable income and a high level of education, factors sometimes linked to scam victims. This is conveyed through formal sentence structures and correct grammar, as well as by asking for detailed information and reassurance, which can prolong conversations.

Sam's high level of education is also implied through a formal email signature indicating an important role in an established company. When the scam is identified as a "dream job" scam, Sam appropriately mentions their educational background, for example, a bachelor's degree and years of work experience. In lottery scams, Sam responds with polite skepticism, such as, "I'm not sure how I could have won the lottery without entering," but avoids Dave's rudeness. Uniquely, Sam signs off with both a first and last name, a marker of formality. When handling scammer irritation, Sam politely demands respect while demonstrating no intimidation, aiming for professional and constructive communication. Validation confirmed the positive reception of the email signature and the effectiveness of formal language, good grammar, and requests for reassurance and details.

Scam-Baiting Experiment

With each personality-based reply system integrated into an automated framework, a one-month experiment was conducted where the system contacted real online fraudsters. Each scammer was randomly assigned to converse with one of the automated personalities or a control measure (a random-response module). The system operated at variable times in two-hour intervals to avoid suspicious regularity and was rate-limited to prevent issues with the email provider. The study received ethical approval.

Upon completion, conversation logs were reviewed to ensure only human scammer interactions were analyzed; automated scammer responses were excluded. Conversations with more than two duplicate replies were manually checked for automated scammer behavior. After excluding such cases, the system interacted with 296 different scammers, receiving a total of 1416 replies. Of these conversations, 203 were transactional, 81 were non-transactional, and only a small number were lottery (9) or love (3) scams. The performance of the reply systems was compared based on their reply initiation rate (how often a conversation started) and conversation length (how many replies were extracted from a scammer).

Reply Initiation Rate

The number of conversations initiated by each personality per approach made was recorded. The "approaches delivered" column accounted for non-bounced emails, as some attempts failed due to email provider actions against scammers. Overall, the system received an initial reply from scammers 21.2% of the time. Interestingly, most personalities showed lower rates of attracting scammer responses compared to the control measure, with the exception of Doris, who performed slightly better. However, statistical analysis found no significant difference in the initiation rates across personalities, meaning their ability to start a conversation was roughly equivalent.

Conversation Length

The longest conversation achieved by any personality lasted 31 rounds of replies (Alex), closely followed by Doris at 30 rounds. These lengths were notably longer than those achieved by other personalities or the control measure. Doris also achieved the highest average conversation length with scammers. Dave was the only personality who performed worse than the control. A statistical test (Mann–Whitney U test), chosen because the data were not normally distributed, compared the conversation length of each personality against the control. The results indicated that only Doris showed a statistically significant increase in conversation length compared to the control. The lack of significant difference for other personalities might be due to insufficient statistical power, suggesting that more conversations would be needed for a definitive comparison.

Discussion

Doris was the only personality that performed significantly better than the control in terms of conversation length. This aligns with expectations, as Doris was designed to mirror common characteristics of fraud vulnerability identified in literature and public perception. Given that older adults are often reported as disproportionately affected by scams, this behavioral evidence confirms scammers' increased engagement with an automated system resembling an older woman.

Both Doris and Alex elicited the longest conversations, suggesting that age might be an increasing factor for scammers' interest at both ends of the spectrum, especially given Dave's poor performance as a middle-aged personality. However, this difference could also indicate that friendliness and gullibility, traits common to Doris and Alex, are more significant factors, as Dave displayed opposing traits. Sam, the second-best performer, might have benefited from a polite, professional tone and an email signature suggesting stable income. Dave, the worst performer, might have suffered because his profile was specific to romance scam victims, a type of scam infrequently encountered in this study.

A significant proportion of conversations across all personalities were short, with many ending after five replies or fewer. This suggests that scammers might not have consistently viewed the personalities as viable targets, indicating room for improving the automated responders' human-like qualities. Alternatively, the short conversations could be due to conversations starting late in the experiment or scammers taking longer to reply, issues a longer study period could clarify.

The study has limitations. Personality design inherently mixes multiple factors, making precise interpretations difficult. Designs are also influenced by cultural biases; identity cues might not be universally understood by scammers from different backgrounds. For example, Doris's "quintessentially English grandmother" persona, tested on a largely English audience, might not translate. Practically, the template-based methodology, while broad, lacks depth. Scammers eventually exhaust template responses, leading to repetitions that reveal the automated nature, and information-sharing among scammers could limit reuse. More dynamic reply systems could address this.

Interesting Scammer Behavior

The study provided unique insights into scammer communication during ongoing conversations. One notable behavior was the "irritation stage," where human scammers became annoyed and sent short, repetitive emails, possibly after realizing they were interacting with a bot or due to repetitive questions. Examples included simple "ok" replies or direct complaints about repeated questions, sometimes escalating to threats of terminating the conversation or introducing false deadlines to create time pressure. This suggests that expanding the template bank could be an immediate improvement to the system, and longer-term solutions might involve using text-generated content once initial templates are exhausted.

Another observed behavior was flattery, where scammers heavily complimented their "victims." This could be a tactic to identify less suspicious and more trusting individuals, as susceptibility to flattery is linked to gullibility. Scammers also explicitly stated, "This is not a Scam," which, counterintuitively, might be a way to filter out less gullible targets. Some scammers also made efforts to isolate their victims by demanding secrecy about their communication, consistent with research suggesting low social support and loneliness increase scam vulnerability.

Finally, scammers frequently presented themselves as trustworthy, claiming positive qualities like integrity or religiosity. This "self-promotion" might be a shortcut to build rapport or groom victims. For example, scammers often claimed to be "born again Christian," possibly leveraging the perception that religious people are more trustworthy due to associations with high morality. This observation suggests that a "devoutly religious" personality could be explored in future scam-baiting experiments.

Implications and Future Directions

The findings suggest that certain assumptions about the "ideal" or "typical" victim from prior fraud research may not elicit the expected response from online fraudsters, particularly for email-based fraud. For instance, Dave's personality, based on a typical romance fraud victim, performed poorly, suggesting that this victim profile might not generalize to other forms of online fraud. The current framework allows for refining research questions based on scammers' behavioral responses.

Future experiments could involve more directed comparisons, such as contrasting different personality facets while keeping some factors constant. For example, Doris's personality could be compared with other elderly personas to identify specific signals that attract or deter fraudsters, which could inform targeted prevention campaigns. Observations from these conversations can also help identify new factors for study; the recognition of religion as a characteristic of interest suggests the possibility of experiments comparing personalities designed to signal different religious backgrounds or degrees of religiosity.

Conclusion

The automated scam-baiting reply system, particularly the "kind old woman" personality profile (Doris), demonstrated a statistically significant increase in conversation length compared to the control system. This suggests that automated systems designed with specific personality profiles and established conversation structures could serve as effective countermeasures against email-based online fraud.

More importantly, this result provides behavioral evidence that scammers are more likely to engage and persist with targets they perceive as elderly. The direct nature of this evidence, which does not rely on a scam's success or reporting, helps bypass confounding factors that have affected previous studies. This finding implies that more specific and effective fraud countermeasures could be developed, such as targeted educational resources for older adults to improve technological competency and scam awareness. However, the design of personality profiles is complex and multifaceted, meaning other factors within Doris's profile might be more significant than her age alone. This study exemplifies how technology can facilitate new experimental approaches to understanding and combating online fraud.

Introduction

For hundreds of years, scammers have impacted society, but their reach has grown significantly with the rise of email. Online scammers can target many potential victims with little effort. They often use tactics such as offering incentives that seem too good to be true, like large sums of money, or by appealing to a victim's sympathy through emotional stories. These fraudulent schemes are unfortunately very effective. In December 2022, for example, email scams caused over 6 million Australian dollars in losses, with similar large losses reported in the UK and the US.

Various methods are used to reduce the effects of email fraud, including government guides, email filtering, and blocking known scam senders. One approach that can be effective, though debated, is scam-baiting. Scam-baiters pretend to be potential victims and engage scammers in conversations. The goal is to waste the scammer's time, diverting them from targeting real victims. However, this method also consumes the scam-baiter's time, and there are far more scammers than scam-baiters. This suggests that an automated, computer-based solution could be helpful.

A framework for automatic scam-baiting allows scammers to be assigned randomly to different automated conversation strategies. While originally designed to test anti-fraud measures, this system can also be used to study the behavior of email fraudsters directly. By carefully designing conversation strategies and comparing them, researchers can test what characteristics fraudsters find appealing in potential victims.

This paper uses this approach to address a key question in online fraud research: What factors make fraudsters interested in potential victims? Researchers created four distinct "personalities" for their automated reply systems. These personalities were based on existing research about who is likely to be scammed, as well as surveys of public opinion on scam susceptibility. The study compared how fraudsters engaged with these personalities to assess the importance of factors like age, temperament, and social support. One personality was specifically designed based on prior research suggesting that older adults might be especially vulnerable to fraud. By observing how these personalities performed in real conversations with online fraudsters, the study gathered evidence on whom scammers consider the most promising targets.

Background

It is widely believed that older adults are more often victims of financial fraud. Studies have explored the reasons behind this, though findings sometimes differ. Some early research suggested that women, unmarried individuals, those living alone, or friendly people were often sought out by fraudsters. However, some of these early findings might not apply to modern online scams, where physical access is not a factor.

Other studies have described a typical victim of financial exploitation as a trusting elderly woman with some cognitive difficulties. Such individuals might be more caring, making them susceptible to scams that appeal to emotions. A lack of understanding of digital banking and safe internet use, due to not growing up with the technology, also leaves older adults more vulnerable. Some research points to loneliness as a factor that increases a person's likelihood of being scammed, suggesting that people who socialize more are less likely to be financially exploited. However, other studies have found no significant link between loneliness and scam engagement.

Research findings also conflict on other characteristics. Some studies suggest that lower levels of education might make individuals more likely to engage with scams, while others claim that younger, more educated people are actually targeted more due to their wider online engagement. Similarly, there is no clear consensus on whether higher levels of education increase or decrease the likelihood of responding to scams. The impact of gender is also debated, with some studies finding no significant effect, while others show varying vulnerability based on age.

Many studies identify gullibility, high levels of trust, and even greed as factors that increase a person's vulnerability to scams. Being a victim of a previous scam is also a strong predictor of being targeted again, partly because lists of successful victims are traded among scammers. Additionally, traits like compassion, generosity, respect for authority, and being easily intimidated can be exploited by scammers. Some research even suggests that less kind or impulsive individuals might be more likely to fall for certain types of scams, like romance scams.

Many past studies rely on victims self-reporting their experiences, which can be inaccurate because people might be embarrassed or might not view their losses as significant enough to report. This underreporting makes it hard to get a full picture of victim vulnerability and how scammers choose their targets. To overcome these limitations, the current study uses a method where fake victims interact directly with scammers. This allows researchers to gather new information about which victim traits lead to more engagement from scammers, avoiding issues related to reporting rates.

Personality design

Drawing from various research findings, four personalities were designed for the automated reply systems. Each personality had a set of pre-written responses intended to guide the conversation through the expected stages of different scam types. Since persuasion tactics vary, each personality system included scripts for two main types of fraud: "transactional" schemes, which involve financial gain, and "non-transactional" schemes, which use emotional appeals. Specific scripts were also developed for "lottery" and "love" fraud. A total of 16 scripts were created, using over 750 email templates designed to show each personality's reaction to different scam formats.

Generally, the replies given by the automated systems were based on the design of each personality. However, there were some common features across all systems. First, conversations were categorized to select the right script. Second, with each new message, the system tried to determine the current stage of the scam process by looking for specific keywords. Each script also included templates for dealing with scammers who became annoyed or tried to move the conversation to other communication methods. The way conversations were classified also influenced how replies were chosen for each personality, including strategies to appear unpredictable or to simulate a "near win" to keep the scammer engaged.

Ethical considerations Scam-baiting can be a controversial practice. Many ethical concerns arise when scam-baiters trick scammers into embarrassing situations or collect evidence illegally. Therefore, the automated repliers were not designed to be "trophy hunters." They do not ask scammers for embarrassing photos or try to trick scammers into sending money.

Personalities

To inform the design of the personalities for the response systems, researchers conducted a small public survey. The survey identified factors that the public believed increased the risk of both being targeted by scammers and falling for scams. Participants generally felt that being older carried a higher risk for both. Most believed education level had no effect on victimisation, though some thought lower education increased risk. Many felt that a person who had never been scammed before was more likely to be targeted and become a victim. Being a kinder person was generally thought to have no effect or to increase risk, never to decrease it.

Other factors commonly identified by participants as increasing susceptibility included a lack of technical knowledge, higher wealth (for targeting), and lower wealth (for falling for a scam). Lower wealth was explained by individuals in financial difficulty being more willing to take risks. Based on these survey results and existing research, template responses were designed for four distinct personalities, given shorthand names: Doris, a kind old woman; Alex, a naive youth; Dave, a rude middle-aged man; and Sam, a professional business person. These personalities were chosen to test a range of factors linked to fraud victimisation. Before the main experiments, a validation survey was run to confirm that the templates effectively conveyed the intended personalities.

Kind old woman: Doris

Doris was designed as a kind, trusting, and widowed elderly woman with low technology skills, based on common victim profiles. Her templates subtly suggested her widowhood, especially in "love" scam scenarios, or mentioned her late husband in financial discussions to imply he managed her finances. She often referred to asking her son for advice, suggesting she lives alone and needs help with certain tasks. Doris also explicitly mentioned her struggles with technology in some emails.

To convey her compassionate nature, a trait often targeted by scammers, Doris's messages included "x" (kisses) and mild terms of endearment. She was also designed to be gullible and enthusiastic, showing excitement for prompts that suggested a large prize or opportunity. This combination of gullibility and implied lower income aimed to make her appear as a viable target who might be motivated to take a financial risk. When faced with a scammer's irritation, Doris responded with apologies and non-confrontational language, calmly requesting patience. The validation survey confirmed that her use of "x" and references to her son effectively conveyed her personality, with respondents recommending using proper grammar, formality, and "old lady" phrases without overdoing it.

Naive youth: Alex

Alex was created to represent a younger personality, exploring whether younger individuals are also targeted by scammers, as some research suggests. Alex was characterized by naive optimism, shown through consistent use of smiley face emoticons. In some templates, Alex mentioned needing a father's help but wanting to avoid asking, indicating a self-imposed lack of social support which might make them seem more vulnerable.

Alex's templates also included a lack of capitalization and some grammatical errors to imply youth and a lower level of education, factors sometimes linked to higher scam engagement. When a scammer showed irritation, Alex was designed to appear easily intimidated, apologizing and asking the scammer not to be angry. The validation survey found that casual text, "chatty vocabulary," and emoticons effectively portrayed Alex's youthful and naive voice, with respondents suggesting mentioning parents' help to further show naivety.

Rude middle-aged man: Dave

Dave's personality was modeled after a typical romance scam victim described as less kind, impulsive, and middle-aged. He was designed to be the opposite of Doris, being rude, skeptical, and male. The intention was to see if annoying the scammer might make them more determined to persist, although this also risked them giving up quickly. Dave's greed was conveyed through his curt and demanding language, sometimes directly asking rude questions like "Can't you put your own money in?" when asked for a fee.

His responses often used short, aggressive sentences and expletives to show arrogance and disrespect for the scammer. Unlike Alex and Doris, Dave would express skepticism frequently. When responding to scammer irritation, Dave's replies were rude, often fully capitalized, and included many expletives. Some templates even threatened to end the conversation, aiming to provoke a strong reaction from the scammer. Validation results indicated that short, demanding sentences effectively conveyed Dave's arrogant and direct personality, with respondents advising against the use of exclamation marks.

Professional business person: Sam

The professional business person, Sam, was included because scammers might find individuals with higher income and professional roles attractive. Sam's templates aimed to convey a high level of education through formal sentence structures and correct grammar. Questions asked by Sam often requested more details and reassurance from the scammer, which could lead to longer conversations. Each email from Sam included a professional signature with both first and last names to further suggest a formal identity.

In dream job scams, Sam's personality would mention high educational qualifications. When responding to lottery scams, Sam would be skeptical but polite, asking for more information about how they could have won without entering. When faced with irritation, Sam would politely demand respect, showing that they were not intimidated. The validation survey confirmed that the use of a professional signature and formal language were effective in portraying Sam's personality, with respondents also suggesting that Sam should ask for more details and reassurance.

Scam-baiting experiment

With each personality-based reply system set up, a one-month experiment was conducted where the system contacted real online fraudsters. Each scammer was assigned to an automated conversation with one of the personalities or with a control system. The system operated at slightly varied intervals to avoid appearing suspicious. Conversations were reviewed to remove any where the scammer's side also seemed automated. After excluding such conversations, the system interacted with 296 different scammers, receiving a total of 1416 replies. Most of these conversations were transactional, with fewer non-transactional, lottery, or love scams encountered. The performance of the reply systems was compared based on how often they started a conversation and how long those conversations lasted.

Reply initiation rate

The system managed to get an initial reply from scammers 21.2% of the time. Interestingly, most of the personalities performed slightly worse at attracting responses compared to the control system, with the exception of Doris, who performed a little better. However, a statistical test showed no significant difference in how often each personality started a conversation.

Conversation length

The longest conversation achieved by any personality lasted 31 replies, which was with Alex. Doris followed closely with a conversation lasting 30 replies. These were much longer than the longest conversations achieved by the other personalities or the control. On average, Doris had the highest conversation length with scammers. Dave was the only personality to perform worse than the control system in terms of conversation length. Statistical analysis revealed that Doris was the only personality that showed a significantly longer conversation length compared to the control. The lack of significant difference for other personalities might be due to a need for more conversations in the experiment.

Discussion

Among all the personalities, Doris was the only one that performed significantly better than the control in terms of conversation length. This was expected, as Doris was designed to reflect characteristics commonly found in both research and public opinion about scam victims. Given that older adults are often reported to be disproportionately affected by scams, it is not surprising that scammers engaged significantly more with an automated system designed to resemble an elderly woman.

Regarding the effect of age, Doris and Alex, representing opposite ends of the age spectrum, generated the longest conversations. This could suggest that both very young and very old individuals are appealing targets. The poor performance of middle-aged Dave might support this idea. However, the differences could also be due to friendliness and gullibility, traits common to Alex and Doris, which Dave generally lacked. Sam, the professional business person, was arguably the second-best performer. This might be because the polite but professional tone and the email signature convinced scammers that their target had a stable job and disposable income. Dave's poor performance might be linked to his design being based on romance scam victims, a profile that may not generalize to other fraud types, which were more common in this study.

For most personalities, a large number of conversations were short, often lasting five replies or less. This might mean that many scammers did not see these personalities as viable targets, suggesting that the automated responders could be improved to appear more convincingly human. It could also be that many conversations were still ongoing when the experiment ended, or that some scammers take longer to reply.

Interesting scammer behavior The study provided unique insights into scammer communication. Researchers observed instances where human scammers became annoyed and sent short, repetitive emails, especially when the automated systems ran out of unique responses. Scammers sometimes tried to introduce new time pressure when their time was being wasted. Another observed behavior was flattery, where scammers would heavily compliment their potential victims, possibly as a way to identify trusting individuals. Scammers also explicitly stated that they were "not a scammer" or emphasized the need for secrecy, aiming to isolate the victim from friends or family who might recognize the fraud. Additionally, scammers often tried to present themselves as trustworthy, sometimes even claiming to be religious, which is perceived by some as a marker of high morality. Future studies could explore how a "devoutly religious" personality might perform.

Implications and future directions

The findings suggest that the common idea of the "ideal" scam victim, especially the romance fraud victim profile, does not always apply to online fraudsters in general. The automated system's ability to engage scammers suggests it could be an effective way to counter email fraud. However, personality design is complex, mixing multiple factors, which makes it hard to pinpoint exactly why certain personalities performed better.

The study's framework allows for more focused research questions. For example, future experiments could compare different aspects of a personality while keeping some factors constant. Researchers could, for instance, compare various elderly personalities to understand which specific signals make online fraudsters more interested in older individuals. The observation of scammers emphasizing their religiosity also suggests a potential area for future experiments, exploring how different religious backgrounds or levels of devotion affect engagement.

Conclusion

The automated scam-baiting system, designed with a "kind old woman" personality, resulted in significantly longer conversations with scammers compared to the control system. This suggests that automated systems using personality profiles and structured conversations could be an effective tool against email-based online fraud.

More specifically, this finding provides direct behavioral evidence that scammers are more likely to engage with targets they believe are elderly. This evidence is valuable because it does not rely on whether a scam was successful or reported, helping to avoid issues that have affected past studies. This information could lead to more targeted and effective anti-fraud measures, such as educational resources for older adults to improve their technology skills and scam awareness.

However, the design of personality profiles involves many elements, so other factors within the "kind old woman" profile might be more important than age alone. This study highlights how technology can enable new experimental approaches to better understand and combat online fraud.

Introduction

Scammers have been around for a long time, but email has made it much easier for them to reach many people. With email, scammers can try to trick a lot of possible victims without much effort. They might offer fake chances to get a lot of money or a great business deal. Or, they might try to get people to feel sorry for them by telling sad stories. These tricks often work, and people lose a lot of money to email scams. In one recent year, people lost billions of dollars to scams in different countries.

Many ways are used to try and stop email scams. This includes helpful guides from governments and public advice on how to spot scams. Also, emails can be filtered based on their content, or bad senders can be blocked.

One way to fight back is called "scam-baiting." This is when someone pretends to be a possible victim. They talk to scammers to waste as much of the scammer's time as they can. The idea is that if scammers are busy talking to a fake victim, they can't trick real people. But this takes a lot of time for one person, and there are many more scammers than people who do scam-baiting.

Because of this, a computer program was made to do scam-baiting automatically. This program talks to scammers on its own. It was first made to test ways to stop fraud. But it also helps researchers learn about how scammers act. By changing how the computer talks to scammers, researchers can learn what scammers look for in their victims.

In this study, this computer program was used to answer a key question: what kinds of things do scammers find attractive in people they try to scam? The study made four different "personalities" for the computer program. These personalities were based on what is known about people who might fall for scams, and also from surveys asking what people think makes someone likely to be scammed. By watching how scammers talked to these different personalities, the study gathered information about what scammers think makes a good victim.

Background

Many people believe that older adults are more often victims of scams and money tricks. It is thought they are often hurt more by money scams. Some reasons given are that older adults might be very trusting, or they might live alone, or be very friendly to strangers. Sometimes, an older person might not know as much about how to use digital banking or the internet safely, since they didn't grow up with these tools.

However, other studies tell a different story. Some research has shown that men, highly educated people, or even younger people might also be victims. Loneliness is sometimes linked to being scammed, but other studies say it doesn't always matter. People's understanding of internet safety can also depend on their social group.

Some studies suggest that being easily tricked, being very trusting, or even being greedy can make someone more likely to talk to a scammer. People who have been scammed before might also be targeted again because scammers share lists of victims.

There are different ideas about how much age, education, or kindness matters. For example, some studies found that younger people (ages 18-25) were most likely to fall for scams that try to steal passwords. Other studies say that older, less educated single adults are more easily tricked.

It is hard to get a full picture of who is scammed because many people do not report these crimes. They might not think their loss was big, or they might feel too embarrassed. They might also think they don't have enough proof, or they might be afraid. This study tries to get around these problems by having fake victims talk directly to scammers. This helps understand what makes scammers spend more effort on certain types of people.

Personality design

To create the four "personalities" for the computer system, the team looked at different research papers and also asked people in a survey what they thought made someone likely to be scammed. The survey showed that most people thought being older meant a higher risk of being targeted and falling for a scam. They also thought that not having been scammed before, and being very kind, might make someone more likely to be a victim. People also said that scammers might target richer people, but poorer people might fall for scams more easily because they are looking for a way to improve their money situation.

Based on this research and the survey results, the team made four different computer personalities. The computer system had many different email messages ready for each personality and for different types of scams. For example, some scams were about money deals, and others were about emotional pleas. The computer system would choose the right email message to send based on what the scammer said and what stage the scam was at. The study made sure that the computer system did not ask scammers to do embarrassing things or try to get money from them, which are some things other scam-baiters might do that are not considered fair.

The four personalities were: Doris, a kind old woman; Alex, a naive young person; Dave, a rude middle-aged man; and Sam, a professional business person. These names were just for the study; the emails used random names.

Kind old woman: Doris

Doris was created to be like an older woman who is trusting and caring, and whose husband has passed away. She was also designed to seem not very good with technology. Her emails sometimes mentioned her "late husband" or that she needed her son's help with online banking. This made her seem like she lived alone and might need help with money matters. Doris also used friendly words and "x" (kisses) in her emails. She seemed very excited and trusting, especially when offered big prizes. When a scammer got angry, Doris would apologize and ask them to be patient. People who checked the emails thought that mentioning her son and using "x" made her seem like a real older woman.

Naive youth: Alex

Alex was a young person who seemed hopeful and easily tricked. Alex used smiley faces in emails and sometimes did not use capital letters or spelled things wrong to seem young and not very educated. Alex might mention needing their father's help but not wanting to ask for it, which made them seem more alone. When scammers got angry, Alex would seem scared and say things like, "please don’t be angry at me." People who checked the emails liked that Alex used casual language and emoticons to seem young.

Rude middle-aged man: Dave

Dave was designed to be a rude, middle-aged man. He was greedy and didn't trust easily. He used short, demanding sentences and sometimes bad words. He wanted to annoy the scammers, hoping this would make them more determined to trick him. For example, if asked to send money, Dave might say, "Can’t you put your own money in?" When scammers got angry, Dave would get angry back, using all capital letters and bad words. People thought Dave's short, direct sentences made him seem arrogant.

Professional business person: Sam

Sam was a professional business person. They were meant to seem educated and have money to spend, which scammers might like. Sam used proper grammar and asked for many details. Their emails often had a business signature. For example, Sam might ask for details about a payment or job qualifications. When scammers got angry, Sam would politely demand respect and show that they were not scared. People who checked Sam's emails liked the formal language and the use of a business signature.

Scam-baiting experiment

The computer system, with its different personalities, talked to real scammers for one month. Each scammer was given one of the four fake personalities to talk to, or a basic computer reply for comparison. The system sent emails at different times to seem more real. The study followed strict rules to make sure it was fair and ethical.

The study looked at how many times the fake personalities started a talk with a scammer and how long these talks lasted. Overall, about 1 in 5 scammers replied to the first email. Doris, the kind old woman, started slightly more talks than the others, but the difference was not big. All the fake personalities started about the same number of conversations.

However, when it came to how long the talks lasted, Doris had the longest talks on average. One talk with Alex lasted 31 emails, and one with Doris lasted 30 emails. These were much longer than talks with the other personalities or the basic computer reply. Dave, the rude man, had the shortest talks. This means scammers talked to Doris for a much longer time.

During the study, some interesting things were seen in the scammers' emails. Scammers sometimes got annoyed and sent very short, repeated emails when the computer repeated questions. They also used a lot of compliments to try to win over the fake victims. Sometimes, scammers would say things like, "This is not a scam," or tell the fake victim to keep their talks a secret. They also tried to make themselves seem honest or religious to build trust.

The study suggests that scammers might be more likely to talk to targets they think are older adults. This fits with what many people believe. However, Doris also had other traits like being kind and trusting, so it's hard to say only age matters. This kind of study helps us understand what scammers are looking for. It could help create better ways to protect people, like special lessons for older adults about technology and scams. Future studies could look at just one trait at a time, like if a person's religion affects how scammers act.

Conclusion

The study found that the computer system acting as a "kind old woman" had much longer talks with scammers compared to a basic computer reply. This shows that computer systems can be a good way to fight email scams.

More importantly, this result gives real proof that scammers are more likely to talk and keep talking with targets they think are older adults. This proof does not depend on whether a scam was successful or reported, which helps avoid problems with past studies. This means that better ways to fight fraud could be made. For example, special learning tools for older adults could help them understand technology and scams better.

However, the "kind old woman" personality had many different traits, so her age might not be the only reason scammers talked to her longer. This study shows how new technology can help us learn more about scams and how to stop them. Future studies can look at specific traits or create smarter computer "people" to talk to scammers.