Second Thought

• 

  Landing page

• 

  Paste a suspicious message and get a calm, shame-free answer in seconds: is it a scam, the tricks it's using, and what to do next..

• 

  A kind, simple way to check if a message is a scam, before anyone panics.

• 

  The metric analysis.

• 

  Novus: Dashboard

• 

  Novus: Signals

• 

  Novus: Pull requests

• 

  Novus: Organizations

• 

  Novus: Subscriptions

• 

  Novus: Page & Click Events

• 

  Novus: Memory

Inspiration

Someone in every family gets these messages. A text that says a parcel needs a small fee. A call that sounds exactly like a grandchild in trouble, because scammers can clone voices now. The scary part is not the message, it is the moment of panic right after it, when someone feels rushed and a little embarrassed.

That embarrassment is the real trap. People do not fall for scams because they are careless. They fall because scammers manufacture urgency, secrecy, and shame faster than anyone can think, and shame is exactly why people do not stop to ask "is this real?" We wanted to build the opposite of that: something calm and kind that gives you a second opinion and never makes you feel foolish for checking.

What it does

You paste a suspicious text, email, or screenshot (or you can speak it), and in a few seconds Second Thought gives you:

• A clear traffic light verdict: looks okay, be careful, or stop and verify.
• The exact manipulation tricks highlighted right on the message, with a plain explanation of why each one is a warning sign.
• Simple "do this now" and "do not do this" steps, plus a polite reply you can copy.
• A warning you can share in one tap with the person you are protecting, without forwarding the scam itself.

It explains the result in nine languages, can read it aloud, and takes spoken input, because the people scammers target most are often older or not first language English speakers. You can also make a "Pause Pact" (a family code phrase and a few money rules) so the safe response becomes automatic, and play a quick "Spot the scam" game to train your eye. It is free, there is no sign up, and your message is never stored.

How we built it

It is a Next.js app deployed on Vercel. Each message is read by Claude, and the most important design choice is that it always returns an answer: if the AI is slow or unavailable, a built in rule checker takes over, and if even that fails, you still get safe general advice. It can never just break on you.

Every word in the app comes from one file on the backend, so nothing is hardcoded in the screens. And instead of asking people to "trust the AI," we built a "How accurate?" page that shows real numbers from testing the detector against thousands of genuine messages. Novus by Pendo measures how the tool is used, but it only ever sees verdicts and tactic labels, never your message.

Challenges we ran into

• Keeping the analytics genuinely private. We instrument real usage, but we deliberately never send the pasted message, only the verdict and the tactic labels.
• Getting reliable, structured answers from the AI, and handling the rare malformed response without dropping the user to the basic fallback.
• Testing accuracy honestly at scale while staying inside API rate limits.
• The most interesting one: our analytics first showed zero usage. Novus itself diagnosed the cause (our analytics setup was missing an account id and was not tracking page changes in our single page app), opened pull requests with the fix, and we reviewed and merged them. After that, real events started flowing. Our own analytics tool caught and fixed a bug in our analytics.

Accomplishments that we're proud of

• It is measured, not asserted. We tested it on 5,574 real messages and published the numbers (91% precision, 95% recall, 93% accuracy) instead of asking anyone to take our word for it.
• It never breaks, thanks to the AI to rules to safe advice fallback.
• It is built around shame, not just detection. The first line of every result is "Smart of you to check."
• It is genuinely accessible: nine languages, read aloud, spoken input, large text, dark mode, and a clean experience on phones.
• The analytics respect the same privacy promise we make to users.

What we learned

The hardest part of a safety tool is not detection, it is behavior and trust. The shame free tone and the Pause Pact probably do more for real world safety than a few accuracy points ever could. Measuring ourselves honestly was clarifying too: testing on a broad public dataset showed exactly where our rules are strong and where the AI is needed. And watching Novus close the loop, from spotting an issue to opening the fix, was a genuinely useful look at where product analytics is heading.

What's next for Second Thought

More languages, checking suspicious phone calls and voice notes (the fastest growing scam channel), and a browser extension or share sheet so you can check a message without leaving your inbox or WhatsApp. We also want to grow the public benchmark behind the accuracy numbers and partner with libraries and senior community groups, since the people who need this most are not the ones who will find it on their own.

Built With

• anthropic-claude
• next.js
• novus-by-pendo
• react
• tailwind-css
• tesseract.js
• typescript
• vercel
• web-speech-api
• zod