Mobile operator O2 (Virgin Media) launched a “human-like” AI (Artificial Intelligence) ‘Granny’ called Daisy in November last year (here), which was designed to answer calls in real-time from fraudsters and keep them busy (away from customers) for as long as possible. Since then, the bot has chatted with over 1,000 scam callers, and it’s learnt a few things.
Fraudsters will often robotically call masses of mobile and home phone numbers, but they usually only commit any actual human resources toward the tiny minority of people who might actually fall for one of their scams. Suffice to say that if you can waste the time of those human scammers, then that’s another actual human who they won’t be able to engage while their time is being wasted. This is how Daisy is supposed to work.
So far, the AI scambaiter is said to have “wasted hundreds of hours of scammers time“, including by keeping them tied up in meandering conversations on the sport of cricket and her lemon meringue pie recipe, while giving them just enough fake personal information to keep them on the phone line.
Advertisement
The bot is said to have been so effective that it’s even kept “numerous fraudsters” on calls for 40 minutes at a time. O2 has today also revealed some of the other things they’ve learnt from Daisy’s deployment, although few of these learnings will come as a particular surprise.
What did Daisy learn?
1. Most scammers work in call centres using scripts
Scamming people is a full-time job, and fraudsters are operating from call centres specifically set up to target victims. On multiple occasions, Daisy heard the same well-rehearsed lines from different scammers. Fraudsters even began to recognise her, indicating they’re operating together and sharing knowledge of their triumphs and failures.
One of the most common scams saw Daisy be offered a very cheap deal on iPhone 13 as a ruse to trick Daisy into sharing personal details. Whilst scammers often thought they knew who they were speaking with, in cases where they didn’t, they were quick to change tactics to keep the call going, demonstrating the professional nature of their operation.
In one instance, Daisy was passed to four different fraudsters in one single call. If one scammer wasn’t having any luck, Daisy would often be passed over to a ‘supervisor’ who would attempt to escalate the call, making it appear to be more genuine and urgent.
2. Scammers impersonate trusted companies and use high-pressure tactics
Daisy repeatedly heard scammers claiming to be from banks, well-known organisations like Amazon and Microsoft, delivery companies and the government. This is a way for scammers to cast their net as wide as possible, using some of the most trusted companies that consumers deal with regularly.
Once the fraudsters believed Daisy trusted that they were who they said they were, scammers often employed high-pressure tactics – including threatening the imminent loss of money, claiming there’s been a hacker on Daisy’s computer or even threatening legal action.
3. Unlike real employees, scammers will get frustrated and angry if they’re not getting what they want
Scam callers would typically start off friendly and personable in tone but the longer they spent on the phone they’d quickly begin to switch and show their true colours.
Daisy might not actually be a real person – but the scammers don’t know that. From clearly showing signs of frustration if she struggled to follow the instructions or yelling at her for going off on a tangent about her cat, Daisy frequently experienced rude and aggressive behaviour. This was particularly clear when Daisy was not doing as they wanted.
Generally, if a call seems suspicious (are they pressuring you for personal data, bank details or to install a piece of software), then simply put the phone down and call back later on a trusted number to verify the call. Consumers can report a scam call by texting 7726 with the word ‘CALL’ followed by the scam caller’s number, and report a message by clicking SPAM in the messaging application or forward message to 7726 if this option is not available on the device.
Advertisement
Right… This might sound critical but hear me out. Right… This might sound critical but hear me out.
VMO2 has done a great job designing something like this. Kitboga tried for a while and it was a challenge so to have a big corpo design it means resources and it could be excellent.
But while it works great, this press release seems a bit… Flawed.
If you spend just an hour watching someone like Jim Browning on YT – He says all the above in most of his video explaining how scams work. You dont even have to watch for an hour straight just a video every so often and you’d see excatly what O2 has told you in those videos…
Am I missing something here?
Yes exposure, O2s effort was widely advertised and made national press, which puts it into the forefront of peoples minds and provides a taste of the language, tactics and aggression scammers use within a light-hearted getting-our-own-back setting
In order to see someone like Jim Browning (who I’d personally never heard of) or Kitboga you’re at the mercy of the YouTube algorithm, which even though they do good work they ultimately don’t have the same reach
And at the end of the day AI is also relentless, Jim Browning or Kitboga are only one person, it’s good real people are also working to educate people and also waste scammers time especially for entertainment but AI can then help waste scammers time without needing sleep becoming exhausted and on an industrial scale
7726 ? Is that SPAM ?
Yes!
Notably absent from what they learned is what % of callers are from India.
I’m guessing it’s at least 90% and possibly even 100%.
But hey, maybe I’m just a no-good, horrible, evil racist and that’s just my racist hateful bias speaking, right?
Probably because such calls don’t always come from a number that can be directly associated with the original country of the caller (spoofed etc.).
Probably racist, the reason you get a lot of calls from India and also Bangladesh and Pakistan is that those are former British colonies the legitimate calls centers operate out of there and moles can learn very professional sounding scripts. the money is pretty poor however, so less scrupulous workers will often try their luck in a scam call center to make more money. If you were in the US you would get a a lot of scam calls from the Philippines (excellent US English) or Latin American. If you are Spanish, scam calls from Latin America. Corrupt police and politicians in these countries on the take often makes shutting these places down difficult, though more progress has been made recently. Each country, each crime syndicate has their own specialty.
I worked with a Bulgarian chap in London, fantastic engineer and very honest. Tell me with not a little pride in his voice how good the Bulgarian mafia were at hacking and especially hacking high end cars. They recruit prospects straight out of university using Blackmail and coercion. He was warned by lectures and staff of the risk and how to avoid it.
And note that scammers do put a lot of effort into making their calls technically indistinguishable from legitimate call centres on arrival at the potential victim’s telco. This, in turn, requires there to be a decent volume of legitimate call centres in the scammer’s country of origin targeting the scammer’s potential victim country – otherwise the scam calls would be blatantly obvious to the potential victim’s telcos, and could be addressed relatively simply.
So, since HSBC’s fraud team and others use Indian call centres for outgoing legitimate calls to the UK, scammers targeting the UK use Indian call centres; if all UK companies dropped Indian call centres in favour of South African call centres, then we’d have a rise in scammers calling from South African call centres, and a corresponding drop in calls from Indian call centres (since the scammers left in India start to stand out).
Is it clear how often Daisy updates/refreshes its approach in order to stop the fraudsters learning who it is? Great work though from the team at VMO2. Even if the learnings about fraudsters aren’t that original every wasted minute is a good defence for vulnerable people.
Sounds like a modern version of the ‘Lenny’ script in the Asterisk world.
O2 could publish a few of the conversations, let us laugh at the fraudsters.
This makes me want an AI nana who’ll tell me to finish what’s in the fridge, help her with her gardenias, and put an extra layer on, I’d even listen to her about her cat.
How long till they plug Daisy into answering O2 customer services calls?
Hang on a minute, O2 have invested time and money developing this AI tool targeting scammers, meanwhile one of their “trusted partners” is a company called Plan.com who are cold calling people, pretending to be O2, tying them into expensive, inappropriate 3 year contracts with no 14 day cooling off period.
BBC radio ‘You and Yours’ aired a report on them last year and now BBC TV show ‘Rip Off Britain’ will also be reporting Plan.com very soon.
Bit hypocritical isn’t it?
What’re you talking about? Plan.com can’t make contracts without 14 day cooling off periods, that’s British consumer protection law and can’t be overridden with contract terms. Just don’t pay and make it clear that you’ve exercised that right.
@Cao The 14 day cooling off period doesn’t apply to business contracts and that’s how they’re selling the contracts over the phone. Before they know it, people’s mobile numbers are transferred to Plan.com and they’re tied into an expensive 3 year contract they can’t exit without paying extortionate fees of hundreds of pounds.
Look at their Trustpilot reviews, plenty of fake 5 star feedback and many, many shocking reviews.
Next step will be scammers using their own AI bots and then you’ll have bots talking to bots.
We can but hope. An all-round win, except for the ridiculous use of power it would entail.
Agreed lol