Research Interests

I'm interested in various aspects of applied security, particularly on web and network security. My research aim to contribute to making the internet a safer environment, one step at a time. Below, I delineate several collaborative research topics in which I am currently engaged, collaborating with both external and internal researchers.

Proactive Detection of Scam and Phishing Campaigns.

My research often delves into various facets of phishing and scam campaigns that are prevalent on social media platforms, web domains, emails, and apps. I explore how malicious actors manipulate victims into transacting via social engineering tricks, which often results in the loss of private secrets and sensitive information. I investigate the intricate network of message sharing among scammers across popular social media platforms such as WhatsApp, Facebook, Telegram, and others, which serve as ideal grounds for malicious campaign attacks. Furthermore, I analyze the current landscape of social media-based organized campaigns and examine the weaknesses in safeguarding users and organizations. Finally, based on my findings, I propose and develop robust defense mechanisms to address any identified weaknesses, aiming to fortify resilience against various phishing and scam threats.

Reveal Scammer's Modus Operandi.

Understanding the strategies employed by online scammers is crucial in combatting scams and phishing attempts on the internet. To uncover these fraudulent schemes, I frequently deploy honeypots designed to attract scammers and engage them through automated chat (LLMs), revealing their strategies and scamming payment methods. Through this approach, I provide valuable analytics that not only enhance understanding of various web-based attacks but also reveal hidden payment profiles used in scamming, which are often difficult to detect using public metadata.

Tracking Fraud Payment Profiles.

With the rise in phishing attacks, scammers are increasingly drawn to cryptocurrencies due to their enhanced anonymity, making them difficult to trace. Cryptocurrencies like Bitcoin, Monero, and others offer built-in anonymity, facilitating a safer avenue for money laundering by attackers targeting phishing victims. I monitor and offer financial loss data derived from tracking cryptocurrency addresses used in scams. As part of scam validations, and mitigation, I collaborate with industry leaders like PayPal and Chainabuse Labs. The aim is to implement mechanisms for proactive blocking such fraudulent activities, thereby safeguarding web users from future abuse.

For a comprehensive list of publications, please navigate to publications. To explore ongoing collaborations within the research lab under my supervision, please visit research lab.