ScamShield AI¶
AI-powered honeypot system that engages scammers with culturally-authentic Indian personas to extract intelligence.
ScamShield AI is an autonomous scam detection and engagement system built for the Indian context. It receives scam messages, classifies them, responds using culturally-authentic AI personas, extracts evidence (UPI IDs, bank accounts, phone numbers), and reports intelligence — all automatically.
What Makes It Different¶
- 3 culturally-authentic personas — Sharma Uncle (retired banker, Delhi), Lakshmi Aunty (homemaker, Chennai), Vikram (IT professional, Bangalore) — each designed to engage specific scam types
- 11 evidence extraction types — from UPI handles to Aadhaar numbers, using regex patterns tailored to Indian financial identifiers
- Strategy state machine — dynamically adjusts conversation approach (building trust → extracting info → direct probing → pivoting)
- Cross-session intelligence — links evidence across conversations to build scammer profiles
- Production-grade security — prompt injection sanitization, OIDC-verified callbacks, rate limiting
Quick Start¶
Then follow the Quick Start Guide to get running in 15 minutes.
Learn How It Was Built¶
The Building ScamShield series walks through the entire development process — from the India scam epidemic that inspired it, through persona engineering, evidence extraction, and production hardening.
Architecture at a Glance¶
graph LR
A[Scam Message] --> B[Classify]
B --> C[Select Persona]
C --> D[Generate Response]
D --> E[Extract Evidence]
E --> F[Report Intelligence]
D --> G[Reply to Scammer]See the full Architecture Overview for details.
Tech Stack¶
| Component | Technology |
|---|---|
| Backend | Firebase Cloud Functions (Python 3.11) |
| LLM | Google Gemini Flash |
| Database | Cloud Firestore |
| Dashboard | Streamlit on Cloud Run |
| CI/CD | GitHub Actions + Workload Identity Federation |
| Proxy | Cloudflare Workers |