Science & Tech

The physical doors of the Cyber Range are expected to open sometime in the spring. Image: Pexels/Stock
Reading Time: 3 minutes

If it seems too good to be true, think twice

On Nov. 11, 2021, U of O professor Guy-Vincent Jourdan interviewed with the Fulcrum to talk about his work tracking cryptocurrency scams using an automated detection system he and his team created.

According to Jourdan, the scams are often simple and revolve around the promise that you can easily double the money you give scammers. A scammer will usually post their bitcoin address publicly on their site and ask users to send bitcoin to that address in order to receive more back. Once the scammers are satisfied with the money gathered, they disappear and take all the money they were given, and likely do this again with another website and a new bitcoin address.

How does the detection system work?

Professor Jourdan explained that the first scams they were looking at were not actually bitcoin-related, but were about online video game scams in which users would claim they could hack the game for someone in return for money. Jourdan and the team were interested in developing a system that could search for these scams in the background automatically. After successfully creating it, they became aware of the scams on the cryptocurrency side and decided to try and adapt the system for that purpose.

The detection system starts with a set of website scam examples. Features from these sites, such as text and bitcoin payment addresses, are extracted. The system then tries to find more similar websites using specialized search engines. The ones that are indeed scams are added into the data set again. Legitimate websites are also added into a separate set so that the model can begin to differentiate between a scam and a real site. Through this process, the system becomes more like artificial intelligence, training itself to more accurately find scam sites. 

How does the system track scammers?

The blockchain is a system which holds records of bitcoin transactions that are maintained across several computers through a decentralized, public ledger, instead of being centralized in one bank. Jourdan explained that since crypto scam websites publish their bitcoin address publicly, this information backfires on the scammers. The ledger that holds these transactions is essentially an open book, which allows the team to turn to the blockchain, search for that address automatically, and see the kinds of transactions this scam has received. The system can even look to spot correlations between addresses, leading the team to understand if several different scams are actually correlated and being done by one individual or group.

What differentiates the research that Jourdan has done from most is that it is able to point out potential scam bitcoin addresses before a payment is sent, stopping the crime before it is committed. The system has become so adept at finding these scam addresses that over 70 per cent of these addresses are flagged before a single victim even sends any money. 

“With our system, we are aware of the payment address because it’s being advertised to the victim, not because the victim has paid off,” Jourdan explained. 

He continued, “as our system ramped up, we were finding we were faster and faster at finding instances of the scam. We’re able to find the instance of the scam even before a victim would find it.” 

What happens once you have scammers’ crypto addresses?

Once the addresses are found, they are sent directly to the Anti-Phishing Working Group (APWG), an international think tank dedicated to unifying the global response to cybercrime. “Our system has been adopted by the APWG and we were the first feed into their system coming from academia,” Jourdan added. That data is then shared with other companies that are working to secure and protect their customers, as well as the police. 

Jourdan recommends users think twice when they come across a proposition that seems too good to be true and suggests people understand how cryptocurrencies work first. There is no way to recoup your loss once your money is gone: it is not like a credit card where you can call the bank and stop a payment. 

What’s next for the program?

Jourdan and the team are interested in the mining of the blockchain to extract more info from the payments they know are bad. As well, some scammers are getting more advanced and going through multiple cryptocoin exchanges to make it more difficult to track the movements of the money. That is one of the directions Jourdan and the team are following.

Professor Jourdan explained that the Cyber Range, which is currently being built on the 5th floor of the STEM building, will be working on increasing the use of AI to monitor the web and social media platforms which are used to find victims. The team will be helping in training systems to filter and flag the problematic messages to report them.

The physical doors of the Cyber Range are expected to open sometime in the spring. You can learn more about it here.