The Science Behind Scam Detection: How Tools Like ScamAlerts Work

An in-depth overview of the signal processing, machine learning pipelines, and adversarial dynamics behind the state-of-the-art in fraud detection. A user in the Netherlands reported a URL to ScamAlerts on a Tuesday morning in March 2023. It initially resembled a standard ING Bank login page. The area was insecure: login.com. The certification of the SSL was valid. The page loaded fast. The branding was pixel-flawless. It was classified as high-risk by the automated detection pipeline in 340 milliseconds. No human reviewed it. No blacklist lookup picked it up. The domain was 17 minutes old. The combination of eight parallel independent signal classifiers that scored a distinct dimension of suspicion each and fed into a weighted ensemble model was what caught it, having been trained on 4.2 million confirmed scam URLs. It is the tale of the operation of that pipeline and why it is one of the most technically challenging issues in applied machine learning today. The Fundamental Dilemma: F