As a major component of online crime, email-based fraud is a threat that causes substantial economic losses every year. To counteract these scammers, volunteers called scam-baiters play the roles of victims, reply to scammers, and try to waste their time and attention with long and unproductive conversations. To curb email fraud and magnify the effectiveness of scam-baiting, we developed and deployed an expandable scam-baiting mailserver that can conduct scam-baiting activities automatically. We implemented three reply strategies using three different models and conducted a one-month-long experiment during which we elicited 150 messages from 130 different scammers. We compare the performance of each strategy at attracting and holding the attention of scammers, finding tradeoffs between human-written and automatically-generated response strategies. We also demonstrate that scammers can be engaged concurrently by multiple servers deploying these strategies in a second experiment, which used two server instances to contact 92 different scammers over 12 days. We release both our platform and a dataset containing conversations between our automatic scam-baiters and real human scammers, to support future work in preventing online fraud.

翻译：作为网络犯罪的主要组成部分，基于电子邮件的欺诈是一种每年造成巨大经济损失的威胁。为对抗这些骗子，被称为“钓鱼反制者”的志愿者扮演受害者的角色回复骗子，并试图通过冗长且无效的对话浪费他们的时间和注意力。为遏制电子邮件欺诈并增强钓鱼反制的效果，我们开发并部署了一个可扩展的自动钓鱼反制邮件服务器，能够自主执行反诈活动。我们使用三种不同模型实现了三种回复策略，并开展了一项为期一个月的实验，期间从130名不同骗子处诱发了150条消息。我们比较了每种策略在吸引和保持骗子注意力方面的表现，发现人工编写与自动生成回复策略之间存在权衡。在第二次实验中，我们部署两个服务器实例在12天内联系了92名不同骗子，证明了多个服务器可以同时部署这些策略与骗子互动。我们同时发布了我们的平台以及包含自动反诈系统与真实人类骗子对话的数据集，以支持未来在预防在线欺诈方面的研究。