I Tested Nordvpn's Free Scam Checker Against A Real Threat In My Inbox - Here's How It Did

Elyse Betters Picaro / ZDNET

Follow ZDNET: Add america arsenic a preferred source on Google.

ZDNET's cardinal takeaways

• NordVPN's caller scam checker instrumentality uses AI to observe suspicious content.
• You'll request much than standalone services to enactment safe from scams.
• This is really to spot scams that are becoming much convincing.

Many of america person grown up pinch online scams, but nan ones we brushwood now are acold removed from clone deposits, lottery wins, aliases messages from a long-lost comparative who wants to bequeath you millions of dollars arsenic an inheritance.

Also: A Meta-powered finance scam is spreading crossed 25 countries - really to spot (and avoid) it

Sure, these boilerplate phishing and spam emails beryllium -- if you're thing for illustration me, hundreds of them capable my spam files each week. But erstwhile a scammer takes nan clip to target their contented and uses caller exertion to amended their lure emails, they tin beryllium difficult to spot.

The problem is that AI tin beryllium abused to make convincing scams that deficiency nan hallmarks of past phishing campaigns. An estimated 82.6% of phishing emails usage immoderate shape of AI, but tin we move nan tables and usage AI to conflict nan trend?

NordVPN's free scam checker

This week, NordVPN launched an AI-powered scam checker tool. It's free and web-based, allowing you to quickly cheque a link, file, aliases matter for grounds of a scam. You tin besides upload an image aliases screenshot.

You don't request an relationship to motion up for it -- simply sojourn nan page, taxable nan accusation you want to verify, and click analyze.

NordVPN's work past checks URLs, email addresses, and telephone numbers against known malicious databases and sources. If you want to analyse a assemblage of text, an AI algorithm checks nan contented for patterns "commonly utilized successful scams, specified arsenic scare strategies and artificial urgency," according to nan company.

I wanted to spot really effective an AI-backed scam detector could be. While testing retired the web service, I first compared a typical, run-of-the-mill lottery scam pulled from my inbox. 

Charlie Osborne/ZDNET

Success. It's rather useful to find retired why, too, arsenic nan scam checker explains which indicators propose this connection is fraudulent.

"The connection contains respective reddish flags suggestive of a scam, including unexpected lottery winnings, a ample sum of money, and a petition for individual accusation aliases fees to declare nan prize. It besides mentions an unverified slope and a sponsor that does not typically big lotteries, specified arsenic Coca-Cola. These elements are communal strategies utilized successful phishing scams to deceive victims into providing delicate accusation aliases sending money."

Many of america would people admit this arsenic a scam -- but what astir thing much advanced?

The emergence of recruitment scams

Hardly a time goes by that we do not perceive astir yet different information of layoffs. Many are worried astir nan impact of AI connected their jobs and early prospects, and arsenic a result, fraudsters are taking advantage of our fears.

Employment scams tin return nan shape of clone occupation postings, messages, pay-for-access and training schemes, and, possibly much recently, targeted recruitment scams for high-level roles. 

Also: I'm a tech professional, and an AI occupation scam almost fooled maine - here's really I caught on

Over nan past fewer weeks, I've been sent astatine slightest 1 aliases 2 unsolicited emails regular from "recruiters" that bypass Google's spam and phishing email filters -- a cleanable opportunity to trial whether aliases not AI defense devices could observe them, erstwhile Google cannot.

As a Reddit personification also experienced, location are reddish flags that bespeak they are a scam. Too bully to beryllium existent roles, generic requests for information, a deficiency of a master email reside aliases website (every connection was sent via Gmail), and nary telephone number. 

The test

Charlie Osborne/ZDNET

I've been playing pinch this recruitment scammer for a while, and they look to person done their homework. Information was pulled from my LinkedIn and past bolted together, and according to ChatGPT, nan "overly dense, stitched phrasing" and "hyper-personalization" -- referencing aggregate parts of my inheritance successful 1 agelong condemnation -- is emblematic of AI pulling from a profile.

Add a condemnation astir a selective process to changeable nan ego, and possibly you'll respond to specified an exciting opportunity. 

I wanted to cognize really this scam worked, arsenic it isn't often that I travel crossed targeted attempts that slither into my inbox.

Red flags and what to look retired for

This scam focuses connected building trust. There was nary unit to manus complete immoderate information, and I should only springiness him my CV if I was willing successful nan domiciled -- a Gartner investigation head successful cybersecurity strategy pinch a $270,000 - $350,000 salary, positive incentives.  

However, nan pursuing reddish flags cemented my belief that this was a recruitment scam:

• Email address: While immoderate independent recruiters and headhunters mightiness not usage a master activity email, nan usage of Gmail put maine instantly connected guard. While this email utilized a afloat name, I've besides travel crossed galore utilizing phrases for illustration "recruitment" and "hiring solutions." 
• Unsolicited: I haven't reached retired to recruiters, nor person I shown immoderate denotation that I'm looking for a caller role.
• No online presence: The recruiter has nary LinkedIn, nary website, and nary online history, arsenic acold arsenic I could see.
• The name: "Roberts Jordan" (or was it meant to beryllium Jordan Roberts?) sounded odd. AI could person been utilized for nan email assemblage itself, but a correction was made present pinch nan name. 
• No connection methods: Beyond nan email address, nary website address, beingness address, aliases telephone number was provided. 

What I recovered peculiarly absorbing arsenic a scam parameter was a consequent email containing nan afloat Gartner occupation specification. While nan Gartner domiciled does really beryllium and has been posted online, nan specification I received was tailored to my acquisition -- astir apt done AI, indicated done nan pursuing wish-list sentence:

"7-15+ years of acquisition successful cybersecurity journalism, investigative reporting, research, aliases advisory roles."

The trap

I sent a clone CV, which was well-received. But, to person nan champion chance of entering nan process, I needed to complete an executive bio, an executive screen letter, and a SWOT assessment, nan second being a business appraisal of Strengths and Weaknesses, and Opportunities and Threats -- thing you wouldn't usually require from a occupation candidate, different reddish flag.

And now, nan catch, radiated pinch urgency:

"Given nan accelerated timeline for this search, nan position is expected to adjacent wrong nan adjacent 2 days, truthful timely submission will thief guarantee your candidacy continues to advancement smoothly. 

To support you successful preparing these materials, I activity pinch a master who assists elder professionals successful processing high-level executive documentation. They tin thief guarantee everything is intelligibly articulated, professionally structured, and aligned pinch what nan hiring squad is specifically looking for. If you'd like, I'd beryllium happy to present you truthful you tin activity together straight and finalize nan materials efficiently."

This is wherever you are caught. The assistant, "Rachel," would thief maine hole my materials -- but for a fee. 

Can AI observe AI scams?

I put NordVPN's instrumentality to nan test. I ran 4 of nan main email messages sent by nan recruiter done nan system, and I received an alert for 1 of them, which included nan assistant's email address, flagged arsenic suspicious.

I besides compared these findings pinch online scam checkers from F-Secure and AskSilver. F-Secure flagged nan first email arsenic phishing but did not explicate why, and AskSilver refused to analyse it.

I performed these tests again pinch respective different akin recruitment scam emails I person received recently, and nan results were nan same. 

How to enactment protected

NordVPN's scam checker useful good for modular scams and phishing content, but struggles pinch much advanced, targeted campaigns -- though nan squad is continually refining and improving nan tool. It's not surprising, arsenic threat actors are devising caller ways to fleece america each day, and defenders are nether unit to enactment up of scams and phishing trends. 

"Recruitment scams are tricky because they often debar nan emblematic reddish flags," Domininkas Virbickas, merchandise head astatine NordVPN, told ZDNET. "Usually, there's nary suspicious nexus aliases threatening connection astatine nan start. The champion measurement to spot them is to salary attraction to nan process itself. 

Legitimate recruiters don't connection jobs without a due interview. They don't instantly push you to different platforms for illustration WhatsApp aliases individual email. And they surely don't inquire for delicate individual accusation aliases money earlier you've been formally hired. Whether it's a "training fee," instrumentality purchase, aliases depositing a check, immoderate occupation opportunity that asks you to walk aliases move money is almost surely a scam."

Today's recruitment scams mightiness span days aliases weeks successful bid to create a level of spot earlier nan trap is sprung. You should ever dainty unsolicited emails pinch be aware and statement nan email reside utilized -- particularly if there's nary corresponding website, telephone number, aliases online profiles. 

Even handing complete your CV tin beryllium a risk, arsenic it whitethorn incorporate individual accusation specified arsenic your reside and telephone number. Never salary for an advisory work unless you cognize it is legitimate, and if a domiciled is projected to you, it's worthy checking online for grounds aliases moreover contacting HR for verification. 

At this infinitesimal successful time, sloppy of nan power of AI, it is still up to america to protect ourselves, our information, and our wallets by pursuing a basal rule: if it looks excessively bully to beryllium true, it astir apt is.