Social media platforms have become the hubs for various user interactions covering a wide range of needs, including technical support and services related to brands, products, or user accounts. Unfortunately, there has been a recent surge in scammers impersonating official services and providing fake technical support to users through these platforms. In this study, we focus on scammers engaging in such fake technical support to target users who are having problems recovering their accounts. More specifically, we focus on users encountering access problems with social media profiles (e.g., on platforms such as Facebook, Instagram, Gmail, and X) and cryptocurrency wallets. The main contribution of our work is the development of an automated system that interacts with scammers via a chatbot that mimics different personas. By initiating decoy interactions (e.g., through deceptive tweets), we have enticed scammers to interact with our system so that we can analyze their modus operandi. Our results show that scammers employ many social media profiles asking users to contact them via a few communication channels. Using a large language model (LLM), our chatbot had conversations with 450 scammers and provided valuable insights into their tactics and, most importantly, their payment profiles. This automated approach highlights how scammers use a variety of strategies, including role-playing, to trick victims into disclosing personal or financial information. With this study, we lay the foundation for using automated chat-based interactions with scammers to detect and study fraudulent activities at scale in an automated way.

翻译：社交媒体平台已成为满足各类用户交互需求的中心，涵盖品牌、产品或用户账户相关的技术支持与服务。然而，近期涌现出大量诈骗者通过此类平台冒充官方服务并向用户提供虚假技术支持。本研究聚焦于针对账户恢复遇到问题的用户实施虚假技术支持的诈骗行为。具体而言，我们关注在社交媒体个人资料（例如Facebook、Instagram、Gmail及X等平台）与加密货币钱包遭遇访问问题的用户群体。本研究的主要贡献在于开发了一套自动化系统，该系统通过模拟不同虚拟身份的聊天机器人与诈骗者进行交互。通过发起诱饵式互动（例如发布诱导性推文），我们成功吸引诈骗者与系统交互，从而深入分析其作案手法。研究结果表明，诈骗者利用大量社交媒体账户引导用户通过少数通信渠道与其联系。基于大语言模型构建的聊天机器人系统与450名诈骗者进行了对话，揭示了其诈骗策略，并关键性地获取了其支付画像。这种自动化方法凸显了诈骗者如何运用包括角色扮演在内的多种策略诱骗受害者泄露个人或财务信息。本研究为利用自动化聊天交互技术大规模检测和研究欺诈活动奠定了方法论基础。