Search papers, labs, and topics across Lattice.
This study introduces a forensic schema designed to analyze psychological manipulation in cyber fraud, enhancing traditional classification methods that focus solely on contact and financial data. By applying this schema to over 10,000 victim reports using large language model (LLM) annotation, the researchers identified distinct manipulation profiles for different fraud types, achieving a high inter-annotator agreement. However, the analysis revealed a gap in actionable detail within victim narratives, suggesting that AI-assisted intake processes could improve data quality and forensic outcomes.
Distinct manipulation profiles for major fraud types were uncovered, revealing significant gaps in actionable victim narrative details that AI can help bridge.
Existing cybercrime classification schemas capture contact metadata and financial transactions but omit the psychological manipulation techniques perpetrators employ. We present a forensic schema (four categories, 35 questions) adding 11 manipulation indicators and cryptocurrency evidence fields to established forensic foundations. Applied to 10,994 victim reports via large language model (LLM)-driven annotation and validated against two human annotators (mean LLM-human $\kappa = 0.69$, matching inter-annotator $\kappa = 0.68$), the schema revealed a statistically distinct manipulation profile for each major fraud type (Cramer's $V$ up to $0.790$). A rationale-based evidence audit nonetheless exposed a forensic detail gap: detection of manipulation techniques was reliable, but victim narratives varied widely in the actionable detail supporting each Yes answer, and blockchain-specific identifiers were nearly absent. These findings point to AI-assisted victim intake with schema-informed follow-up questions as the most direct way to close the gap. The tiered annotation strategy also provides a reusable template for LLM-based extraction from other forensic text domains.