Chat-based cybercrime has emerged as a pervasive threat, with attackers leveraging real-time messaging platforms to conduct scams that rely on trust-building, deception, and psychological manipulation. Traditional defense mechanisms, which operate on static rules or shallow content filters, struggle to identify these conversational threats, especially when attackers use multimedia obfuscation and context-aware dialogue. In this work, we ask a provocative question inspired by the classic Imitation Game: Can machines convincingly pose as human victims to turn deception against cybercriminals? We present LURE (LLM-based User Response Engagement), the first system to deploy Large Language Models (LLMs) as active agents, not as passive classifiers, embedded within adversarial chat environments. LURE combines automated discovery, adversarial interaction, and OCR-based analysis of image-embedded payment data. Applied to the setting of illicit video chat scams on Telegram, our system engaged 53 actors across 98 groups. In over 56 percent of interactions, the LLM maintained multi-round conversations without being noticed as a bot, effectively "winning" the imitation game. Our findings reveal key behavioral patterns in scam operations, such as payment flows, upselling strategies, and platform migration tactics.

翻译：基于聊天的网络犯罪已成为一种普遍威胁，攻击者利用实时消息平台实施依赖信任建立、欺骗和心理操纵的诈骗。传统的防御机制基于静态规则或浅层内容过滤，难以识别这些对话式威胁，尤其在攻击者使用多媒体混淆和上下文感知对话时。受经典模仿游戏启发，本研究提出一个具有挑战性的问题：机器能否令人信服地假扮人类受害者，从而将欺骗手段反制网络犯罪分子？我们提出了LURE（基于LLM的用户响应交互系统），这是首个将大型语言模型作为主动代理（而非被动分类器）部署在对抗性聊天环境中的系统。LURE结合了自动化发现、对抗性交互以及基于OCR的图像嵌入支付数据分析。在Telegram非法视频聊天诈骗场景的应用中，我们的系统与98个群组的53名行为者进行了交互。在超过56%的交互中，LLM维持了多轮对话而未被识别为机器人，有效"赢得"了模仿游戏。我们的研究揭示了诈骗操作中的关键行为模式，例如支付流程、追加销售策略和平台迁移策略。