Inspiration The inspiration for ScamGuard AI stems from the pervasive and evolving nature of scams in our digital age. From traditional phishing emails and romance scams to sophisticated new threats leveraging artificial intelligence (like AI voice cloning and deepfakes), the methods used by fraudsters are constantly adapting. Individuals, especially vulnerable populations, and even tech-savvy users, can fall victim due to a lack of awareness or the sheer complexity of modern scams. Manual content moderation and staying updated on all scam types is virtually impossible for any single entity. We were inspired to create a proactive, community-driven, and AI-enhanced platform that centralizes knowledge about scams, educates users in their native language, and adapts to new threats in real-time.
What it does ScamGuard AI is a comprehensive, multilingual platform designed to educate users about various scam tactics and provide a mechanism for reporting new ones.
Key functionalities include:
Multilingual Scam Database: Provides a searchable and browsable collection of scam descriptions, categories, keywords, and historical contexts (from "Old Day" to "AI Era"), available in multiple languages (demonstrated with English and Vietnamese).
Real-time Scam Alerts (Backend): When fully implemented, the backend would proactively alert users to new or trending scams relevant to their interests or location.
User-Contributed Intelligence: Allows users to report new scams they encounter, contributing to a collective, ever-updating knowledge base. This crowdsourced data helps in identifying emerging threats quickly.
AI-Powered Analysis (Backend): Leverages AI services (like AWS Rekognition, Comprehend, Bedrock) to automatically categorize, summarize, and translate scam reports, as well as to generate new insights into scam patterns.
Decoupled & Scalable Architecture: Built on a serverless foundation, ensuring the application can handle a massive influx of data and users without manual scaling efforts.
How we built it ScamGuard AI is conceptualized as a modern, serverless application.
Frontend (Demonstrated in the Immersive):
React: The user interface is built using React, providing a dynamic and responsive experience.
Tailwind CSS: Used for styling, ensuring a clean, modern, and mobile-responsive design with utility-first CSS classes.
Context API: Manages the application's language state, allowing for seamless toggling between English and Vietnamese.
Mock API Calls: For demonstration purposes, the React app simulates API interactions with a mocked fetchScams and handleReportScam function, showcasing how it would integrate with a real backend.
Font Awesome: Used for easily adding relevant icons to enhance the UI.
Backend (Conceptual AWS Serverless Architecture):
AWS Lambda: The core compute service for all backend logic.
Lambda Function (e.g., ImageUploadHandler): Triggered by API Gateway to provide pre-signed S3 URLs for direct image uploads (for scenarios like visual evidence of scams).
Lambda Function (ImageProcessorAndModerator): Triggered by Amazon S3 "ObjectCreated" events for processing uploaded images. It uses AWS Rekognition for content moderation and object detection, then stores results in DynamoDB and processed images in another S3 bucket.
Lambda Function (ScamReportProcessor): Triggered by Amazon API Gateway to receive user-submitted scam reports. It would validate the data and push it to an SQS queue.
Lambda Function (ScamProcessorWorker): Listens to an Amazon SQS queue, processes raw scam reports using Amazon Comprehend for NLP, Amazon Translate for multilingual content generation, and stores the structured data in Amazon DynamoDB. It also emits events to EventBridge.
Lambda Function (AlertGenerator): Triggered by Amazon EventBridge rules to send real-time alerts via Amazon SNS to users based on new scam data.
Lambda Function (ContentUpdater): Triggered by Amazon EventBridge Scheduler to periodically update scam scripts, tricks, and patterns using Amazon Bedrock (an LLM like Gemini) and re-translate content.
Amazon S3: Stores raw uploaded scam evidence (e.g., screenshots) and processed scam descriptions/metadata.
Amazon DynamoDB: A NoSQL database for storing structured scam details, user preferences, and moderation status.
Amazon API Gateway: Provides RESTful endpoints for the frontend to interact with Lambda functions (e.g., for reporting scams).
Amazon EventBridge: Acts as an event bus to decouple services and orchestrate workflows, triggering various Lambda functions based on custom events (e.g., "new scam reported," "scam processed").
Amazon SQS: Provides a managed message queue for decoupling the scam reporting process from the processing, handling spikes in submissions.
Amazon SNS: Used for sending push notifications, emails, or SMS alerts to users subscribed to scam updates.
Amazon Bedrock: Crucial for the "AI" aspect, used to generate comprehensive scam scripts, update tricks, analyze patterns, and synthesize information for alerts from large datasets.
Amazon Translate: Enables real-time and batch translation of scam details into various languages.
Amazon Comprehend: Used for natural language processing of user-reported scam descriptions to extract entities, sentiment, and key phrases, aiding in categorization.
Challenges we ran into Data Volume and Diversity: Scams are incredibly diverse and constantly evolving. Building a comprehensive database that captures all variations, historical context, and new AI-driven methods is a significant data management challenge.
Multilingual Content Management: Ensuring consistent and accurate translations across all scam details (titles, descriptions, categories) is complex, especially with nuanced language used in scamming.
AI Model Training and Integration: Integrating and fine-tuning AI models (like those in Bedrock or Comprehend) to effectively identify, categorize, and synthesize scam information requires careful prompt engineering and potentially custom model training.
Real-time Alerting: Delivering timely and relevant alerts without overwhelming users requires robust event-driven architecture and careful management of user preferences.
Scalability for Peaks: While serverless naturally scales, designing the entire pipeline (S3, Lambda, DynamoDB, SQS) to handle sudden spikes in scam reports or user traffic requires careful consideration of throughput limits and error handling.
False Positives/Negatives in Moderation: For any content moderation aspect (if images or text are submitted directly), balancing aggressive filtering with avoiding legitimate content is a common challenge.
Frontend-Backend Integration Complexity: Although the React app mocks API calls, building the actual serverless backend involves setting up IAM roles, permissions, API Gateway integrations, S3 bucket policies, and EventBridge rules, which can be intricate.
Accomplishments that we're proud of Comprehensive Multilingual Design: We successfully conceptualized and demonstrated a frontend that can display complex, multilingual data, crucial for a global scam alert system.
User-Friendly Reporting: The clear and validated "Report a Scam" form enables community contribution, a vital aspect for a dynamic threat intelligence platform.
Modular Serverless Architecture: Designing the backend with highly decoupled, event-driven components (Lambda, SQS, EventBridge) allows for extreme scalability, resilience, and independent development.
Integration of Cutting-Edge AI: The envisioned use of Amazon Bedrock, Translate, and Comprehend demonstrates how AI can be leveraged to automate content generation, analysis, and multilingual support for a truly intelligent system.
Proactive Threat Intelligence: The core idea of updating scam scripts across eras and utilizing AI to analyze new reports addresses a critical gap in current fraud prevention.
What we learned The Power of Serverless for Dynamic Content: AWS Lambda and its ecosystem are incredibly well-suited for applications where workloads are event-driven and variable, like a scam reporting platform that experiences unpredictable spikes.
Importance of Decoupling: Services like SQS and EventBridge are fundamental for building robust, scalable, and maintainable microservices architectures, preventing bottlenecks and allowing for independent failure domains.
AI as an Accelerator: AI services are not just for generating content; they are powerful tools for data analysis, categorization, and content translation at scale, significantly reducing manual effort.
The Necessity of Multilingual Design from Day One: For a global problem like scams, baking in multilingual support from the initial design phase (both in data structure and UI) is crucial.
Balancing Mocking and Real Implementation: For demonstrations, effective mocking allows focusing on the user experience and core logic, while acknowledging the complexity of the underlying cloud infrastructure.
What's next for ScamGuard AI Full Backend Implementation: Build out all the AWS Lambda functions, API Gateway endpoints, DynamoDB tables, S3 buckets, SQS queues, EventBridge rules, and SNS topics.
Integration with AWS AI Services: Implement the actual calls to Amazon Comprehend, Translate, and Bedrock within the Lambda functions for automated scam analysis, content generation, and translation.
User Authentication and Profiles: Implement secure user authentication (e.g., with Amazon Cognito) to allow personalized scam alerts and tracking of reported scams.
Advanced Search and Filtering: Add robust search capabilities with filters for category, era, keywords, and geographic location.
Community Features: Implement features like upvoting/downvoting scam reports, commenting, and trusted reporter badges.
Proactive Alerting Customization: Allow users to customize the types of alerts they receive (e.g., by category, severity, or frequency) via SMS, email, or push notifications.
Mobile Application: Develop native mobile applications for iOS and Android to provide on-the-go access and real-time push notifications.
Partnerships: Explore partnerships with cybersecurity organizations, law enforcement, and financial institutions to integrate their scam intelligence into the platform.
Visualizations and Analytics: Develop dashboards to visualize scam trends, hotspots, and common tactics over time.
Built With
- all
Log in or sign up for Devpost to join the conversation.