AI-Powered Scam Detection
Analyze text, URLs, images, voice recordings, phone numbers, SMS, and email content for scam patterns using OrbGuard's multi-modal AI engine.
Generic Content Analysis
Submit any content type for AI-powered scam detection. OrbGuard's multi-modal AI engine analyzes text, URLs, images, voice recordings, phone numbers, SMS messages, and email content to detect social engineering, fraud patterns, phishing, and manipulation tactics.
POST
/api/v1/scam/analyzeAnalyze content of any type for scam patterns using AI
Authentication:Bearer Token
| Parameter | Type | Required | Description |
|---|---|---|---|
content_type | string | Required | Type of content to analyze. One of: text, url, image, voice, phone, sms, email |
content | string | Optional | The text content, URL, phone number, or SMS body to analyze. Required for text, url, phone, sms, and email types. |
image_base64 | string | Optional | Base64-encoded image data. Required when content_type is image. |
audio_base64 | string | Optional | Base64-encoded audio data. Required when content_type is voice. |
mime_type | string | Optional | MIME type for image or audio data (e.g., image/png, audio/wav, audio/mp3) |
language | string | Optional | ISO 639-1 language code for the content (e.g., en, fa, ar, de). Auto-detected if not provided. |
source | string | Optional | Source of the content (e.g., sms, whatsapp, telegram, email, browser) |
metadata | object | Optional | Additional metadata about the content (e.g., sender info, timestamps, device context) |
# Analyze a suspicious text message
curl -X POST https://guard.orbai.world/api/v1/scam/analyze \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"content_type": "text",
"content": "Congratulations! You have won $1,000,000 in the International Lottery. Send your bank details to claim your prize immediately. This offer expires in 24 hours!",
"language": "en",
"source": "email"
}'200Scam analysis complete
{
"id": "scam_a1b2c3d4e5f6",
"content_type": "text",
"is_scam": true,
"scam_type": "advance_fee",
"severity": "high",
"confidence": 0.97,
"risk_score": 94,
"intent": "Financial fraud - trick victim into sending bank details for fake lottery winnings",
"manipulation": "Creates false urgency with time pressure ('expires in 24 hours') and appeals to greed with unrealistic prize amount",
"entities": {
"monetary_amounts": ["$1,000,000"],
"organizations": ["International Lottery"],
"requested_info": ["bank details"]
},
"indicators": [
"Unsolicited lottery/prize notification",
"Request for financial information",
"Artificial urgency and time pressure",
"Unrealistic monetary reward",
"No prior participation in any lottery"
],
"pattern_matches": [
"advance_fee_lottery",
"urgency_pressure",
"financial_data_request"
],
"explanation": "This message exhibits classic advance fee fraud characteristics. It claims the recipient won a lottery they never entered, requests sensitive bank details, and creates artificial urgency to prevent the victim from thinking critically.",
"detailed_reason": "The message matches multiple high-confidence scam patterns: (1) unsolicited prize notification without any prior contest entry, (2) request for bank account details which is never required for legitimate prize claims, (3) artificial time constraint designed to bypass rational decision-making.",
"red_flags": [
"You cannot win a lottery you never entered",
"Legitimate lotteries never ask for bank details via email",
"The 24-hour deadline is designed to create panic and prevent verification",
"The prize amount is unrealistically large",
"No specific lottery organization name or verifiable details provided"
],
"recommendation": "Do not respond. Delete this message immediately. Never share bank details, personal information, or send money to claim a 'prize'.",
"safety_tips": [
"Legitimate lotteries never contact winners unsolicited",
"Never share bank details in response to unsolicited messages",
"If you did not enter a lottery, you cannot have won one",
"Verify any prize claims directly through official channels",
"Report scam messages to your email provider and local authorities"
],
"similar_scams": [
"Nigerian Prince / 419 scam",
"Foreign lottery scam",
"Inheritance notification scam"
],
"timestamp": "2026-02-08T10:30:00Z",
"processing_time": 1250,
"analysis_method": "hybrid"
}400Invalid request
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "content field is required when content_type is text"
}
}Scam Types
The AI engine classifies scams into the following categories:
| Scam Type | Description |
|---|---|
phishing | Credential theft via fake login pages or deceptive messages |
advance_fee | Victim asked to pay upfront for non-existent rewards (419 scams, lottery) |
romance | Emotional manipulation for financial exploitation |
tech_support | Fake technical support to gain access or charge fees |
investment | Fraudulent investment schemes and Ponzi scams |
impersonation | Impersonating a known person, company, or authority |
job_offer | Fake job offers requiring upfront payment or personal data |
crypto | Cryptocurrency fraud, rug pulls, and fake exchanges |
sextortion | Threats to share intimate content unless payment is made |
Analysis Methods
| Method | Description |
|---|---|
llm | AI language model analysis for nuanced understanding |
pattern | Pattern matching against known scam templates |
hybrid | Combined AI and pattern matching for highest accuracy |
Analyze Text
Specialized endpoint for text content analysis with simplified parameters.
POST
/api/v1/scam/analyze/textAnalyze text content for scam patterns
Authentication:Bearer Token
| Parameter | Type | Required | Description |
|---|---|---|---|
text | string | Required | The text content to analyze for scam indicators |
type | string | Optional | Context for the text (e.g., email_body, chat_message, social_media_post) |
language | string | Optional | ISO 639-1 language code. Auto-detected if not provided. |
source | string | Optional | Source platform (e.g., whatsapp, telegram, email, instagram) |
curl -X POST https://guard.orbai.world/api/v1/scam/analyze/text \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"text": "Hi, this is Microsoft Support. We detected a virus on your computer. Please call 1-800-555-0199 immediately to avoid data loss.",
"type": "chat_message",
"source": "whatsapp"
}'Analyze URL
Check a URL for phishing, scam, and malicious content patterns.
POST
/api/v1/scam/analyze/urlAnalyze a URL for scam and phishing indicators
Authentication:Bearer Token
| Parameter | Type | Required | Description |
|---|---|---|---|
url | string | Required | The URL to analyze for scam patterns |
source | string | Optional | Where the URL was found (e.g., sms, email, social_media, chat) |
curl -X POST https://guard.orbai.world/api/v1/scam/analyze/url \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"url": "https://secure-banking-login.example.com/verify-account",
"source": "email"
}'Analyze Image
Submit an image for scam detection. Supports screenshots of messages, fake documents, social media posts, and QR codes.
POST
/api/v1/scam/analyze/imageAnalyze an image for scam patterns (fake documents, screenshots, etc.)
Authentication:Bearer Token
| Parameter | Type | Required | Description |
|---|---|---|---|
image_base64 | string | Required | Base64-encoded image data. Alternatively, send the image as multipart form data. |
mime_type | string | Optional | MIME type of the image (e.g., image/png, image/jpeg). Auto-detected if not provided. |
# Using base64 JSON
IMAGE_DATA=$(base64 -i /path/to/screenshot.png)
curl -X POST https://guard.orbai.world/api/v1/scam/analyze/image \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d "{\"image_base64\": \"$IMAGE_DATA\", \"mime_type\": \"image/png\"}"
# Using multipart upload
curl -X POST https://guard.orbai.world/api/v1/scam/analyze/image \
-H "Authorization: Bearer YOUR_API_KEY" \
-F "file=@/path/to/screenshot.png"Analyze Voice
Submit an audio recording for voice scam detection. Detects deepfake audio, social engineering via phone calls, and vishing patterns. Maximum file size: 50 MB.
POST
/api/v1/scam/analyze/voiceAnalyze voice/audio recording for scam patterns and deepfake detection
Authentication:Bearer Token
| Parameter | Type | Required | Description |
|---|---|---|---|
audio_base64 | string | Required | Base64-encoded audio data. Alternatively, send the audio as multipart form data. Max 50 MB. |
mime_type | string | Optional | MIME type of the audio (e.g., audio/wav, audio/mp3, audio/ogg). Auto-detected if not provided. |
# Using multipart upload (recommended for large files)
curl -X POST https://guard.orbai.world/api/v1/scam/analyze/voice \
-H "Authorization: Bearer YOUR_API_KEY" \
-F "file=@/path/to/call-recording.wav"
# Using base64 JSON
AUDIO_DATA=$(base64 -i /path/to/call-recording.wav)
curl -X POST https://guard.orbai.world/api/v1/scam/analyze/voice \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d "{\"audio_base64\": \"$AUDIO_DATA\", \"mime_type\": \"audio/wav\"}"Analyze Phone Number
Check a phone number against known scam databases and caller reputation services.
POST
/api/v1/scam/analyze/phoneCheck a phone number for scam associations and reputation
Authentication:Bearer Token
| Parameter | Type | Required | Description |
|---|---|---|---|
phone_number | string | Required | Phone number in international format (e.g., +1-555-0199) |
source | string | Optional | Context for the check (e.g., incoming_call, sms_sender, contact) |
curl -X POST https://guard.orbai.world/api/v1/scam/analyze/phone \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"phone_number": "+1-800-555-0199",
"source": "incoming_call"
}'Batch Scam Analysis
Submit up to 100 content items for batch scam analysis. Useful for scanning message histories, email inboxes, or bulk content moderation.
POST
/api/v1/scam/analyze/batchBatch analyze up to 100 content items for scam patterns
Authentication:Bearer Token
| Parameter | Type | Required | Description |
|---|---|---|---|
items | array | Required | Array of content items to analyze. Each item must contain content_type and content fields. Optional: language. Maximum 100 items. |
curl -X POST https://guard.orbai.world/api/v1/scam/analyze/batch \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"items": [
{
"content_type": "text",
"content": "You won a free iPhone! Click here to claim.",
"language": "en"
},
{
"content_type": "url",
"content": "https://free-iphone-giveaway.example.com"
},
{
"content_type": "phone",
"content": "+1-900-555-0123"
}
]
}'200Batch analysis results
[
{
"id": "scam_batch_001",
"content_type": "text",
"is_scam": true,
"scam_type": "phishing",
"severity": "high",
"confidence": 0.93,
"risk_score": 89,
"explanation": "Classic prize/giveaway scam designed to harvest personal information.",
"red_flags": ["Unsolicited prize notification", "Generic claim language"],
"recommendation": "Ignore and delete.",
"analysis_method": "hybrid",
"timestamp": "2026-02-08T10:35:01Z",
"processing_time": 800
},
{
"id": "scam_batch_002",
"content_type": "url",
"is_scam": true,
"scam_type": "phishing",
"severity": "high",
"confidence": 0.96,
"risk_score": 95,
"explanation": "URL leads to a phishing page designed to harvest personal data under the guise of a free giveaway.",
"red_flags": ["Suspicious domain name", "Recently registered domain", "No HTTPS certificate match"],
"recommendation": "Do not visit this URL. Block the domain.",
"analysis_method": "hybrid",
"timestamp": "2026-02-08T10:35:01Z",
"processing_time": 1200
},
{
"id": "scam_batch_003",
"content_type": "phone",
"is_scam": true,
"scam_type": "tech_support",
"severity": "medium",
"confidence": 0.74,
"risk_score": 68,
"explanation": "Premium-rate phone number (900 prefix) associated with scam reports.",
"red_flags": ["Premium-rate number", "Multiple scam reports"],
"recommendation": "Do not call this number. Block it.",
"analysis_method": "pattern",
"timestamp": "2026-02-08T10:35:02Z",
"processing_time": 350
}
]Batch Processing Time
Batch requests with many items may take longer to process. Voice and image items require significantly more processing time than text or URL items. For time-sensitive applications, consider limiting batch size to 20-30 items.