Scam Slueth

Turn scam detection into something addictive. Think Duolingo meets cybersecurity—bite-sized challenges, streak counters, evolving difficulty. "Can you spot which of these 5 emails is fake?

Comment

Inspiration

We noticed that traditional cybersecurity training feels like sitting through a mandatory corporate seminar—boring, forgettable, and something you'd rather skip. Meanwhile, our friends and family keep falling for the same scams: phishing emails, fake tech support calls, too-good-to-be-true crypto investments. We realized people don't lack warnings; they lack practice. So we asked: what if learning to spot scams felt less like studying and more like leveling up in a game? What if we could build muscle memory for skepticism the same way Wordle built everyone's vocabulary habits?

What it does

Scam Sleuth is a gamified training platform that turns scam detection into an addictive daily challenge. Users face realistic scenarios—emails, texts, social media DMs, phone call transcripts—and race against the clock to identify whether they're legit or scams.

How we built it

Lovable

Challenges we ran into

Making scams realistic without being too realistic: We had to walk a fine line—scenarios needed to be convincing enough to train people, but not so good that they became a scammer's playbook. We added watermarks and context clues that this is training.Balancing difficulty: Early builds were either way too easy ("Congrats u won $1,000,000!!!") or impossibly hard (perfect replica phishing emails from actual banks). We spent hours tuning the progression curve and playtesting with non-technical users.The "Actually Learning" problem: Initial testers were just guessing and moving on. We realized we needed to force the educational moment, so we added mandatory red flag breakdowns that appear before you can continue—no skipping the lesson.Database of scenarios: Creating enough quality, diverse scenarios was time-consuming. We ended up building a contributor system where we could quickly add new scams as they emerge in the wild.

Accomplishments that we're proud of

We're not designers, but we managed to create something that genuinely feels fun to use, not like educational software. Our adaptive algorithm works surprisingly well—users report feeling challenged but not frustrated. In our limited testing, people actually came back for their daily challenges. The streak system works.

What we learned

Psychology > Technology: The technical implementation wasn't the hard part—understanding why people fall for scams and how to train against those psychological triggers was the real challenge. We dove deep into social engineering tactics and cognitive biases.

What's next for Scam Slueth

Short-term:

Community Scam Submissions: Let users submit real scams they've encountered to crowd-source content Multiplayer Mode: Head-to-head scam detection battles Browser Extension: Real-time email/message analysis while you browse Personalized Training: Adaptive challenges based on your weak spots (e.g., if you keep missing email header spoofing, get more practice on that)

Long-term:

Enterprise Version: Customized training for companies with their specific brand vulnerabilities Kid-Safe Mode: Age-appropriate scam scenarios for teaching digital literacy to teens API for Educators: Let schools and libraries integrate Scam Sleuth into digital citizenship curriculums AI-Powered Scenario Generation: Fully automated system that creates new challenges based on emerging threats Multi-language Support: Scams are global; our training should be too

Built With

  • lovable
Share this project:

Updates