The physical doors to the Cyber Range are expected to open sometime this spring. Image: Pexels / Stock
If it seems too good to be true, think twice
On November 11, 2021, U of O professor Guy-Vincent Jourdan interviewed Fulcrum to talk about his work in tracking cryptocurrency fraud using an automated detection system he and his team created.
According to Jourdan, the scam numbers are often simple and revolve around the promise that you can easily double the money you give to scammers. A scammer will usually publish their bitcoin address publicly on their site and ask users to send bitcoin to that address to receive more in return. Once the scammers are happy with the money raised, they disappear and take all the money they got, and probably do it again with another website and a new bitcoin address.
How does the detection system work?
Professor Jourdan explained that the first scams they looked at were not actually bitcoin-related, but were about online video game scams where users would claim they could hack the game for someone in return for money. Jourdan and the team were interested in developing a system that could automatically search for these scams in the background. After creating it, they became aware of fraud on the cryptocurrency side and decided to try to adapt the system for that purpose.
The registration system starts with a set of examples of website fraud. Features from these sites, such as text and bitcoin payment addresses, are extracted. The system then tries to find several similar sites using specialized search engines. Those that are actually scams are added to the dataset again. Legitimate sites are also added in a separate set so that the model can begin to distinguish between a scam and a real site. Through this process, the system becomes more like artificial intelligence, and trains itself in finding scam sites more accurately.
How does the system track scammers?
Blockchain is a system that stores records of bitcoin transactions that are maintained across multiple computers through a decentralized, public ledger, rather than being centralized in one bank. Jourdan explained that since crypto scam sites publish their bitcoin address publicly, this information backfires on the scammers. The general ledger that contains these transactions is essentially an open book that allows the team to approach the blockchain, search for that address automatically, and see what types of transactions this scam has received. The system can even look at connections between addresses, making the team understand whether several different scams are actually correlated and performed by an individual or group.
What distinguishes the research that Jourdan has done from most is that it is able to point out potential fraudulent bitcoin addresses before a payment is sent, thus stopping the crime before it is committed. The system has become so adept at finding these scam addresses that over 70 percent of these addresses are marked before a single victim even sends any money.
“With our system, we pay attention to the payment address because it is announced to the victim, not because the victim has paid,” Jourdan explained.
He continued, “as our system went up, we found that we were faster and faster to find cases of the scam. We are able to find the occurrence of the scam even before a victim would find it. ”
What happens when you have fraudsters’ crypto addresses?
Once the addresses are found, they are sent directly to Working group against phishing (APWG), an international think tank dedicated to uniting the global response to cybercrime. “Our system has been adopted by the APWG and we were the first feed for their system to come from academia,” Jourdan added. This data is then shared with other companies working to secure and protect their customers, as well as the police.
Jourdan advises users to think twice when they come across a suggestion that seems too good to be true, and suggests that people first understand how cryptocurrencies work. There is no way to cover your loss when your money is gone: it is not like a credit card where you can call the bank and stop a payment.
What’s next for the program?
Jourdan and the team are interested in extracting the blockchain to extract more information from the payments they know are bad. Some scammers are also becoming more advanced and undergoing several cryptocurrency exchanges to make it harder to track the movements of money. It’s one of the directions Jourdan and the team follow.
Professor Jourdan explained that the Cyber Range, which is currently being built on the 5th floor of the STEM building, will work to increase the use of AI to monitor the web and social media platforms used to find victims. The team will help train systems to filter and mark the problematic messages to report them.
The physical doors to the Cyber Range are expected to open sometime this spring. You can learn more about it here.