Social media scam detection: Assaf Kipnis on inauthentic behavior and financially motivated scams
Guest: Assaf Kipnis
This is part two of my conversation with Assaf Kipnis, former Engineering Manager for Integrity Investigations at Meta.
And this one gets into some really important territory.
Because when we talk about social media scam detection, we are not just talking about obvious spam or fake accounts. We are talking about complex behavior patterns, coordinated abuse, and financially motivated scams that can look similar on the surface but come from very different motivations.
And that distinction matters.
Assaf shares how his team looked at inauthentic behavior, financially motivated scams, and broader platform integrity threats by focusing on behavior, motivation, and repeatable patterns instead of just reacting to content in isolation.
That is where a lot of the real signal lives.
We also talk about pig butchering scams, impersonation scams, investment scam detection, and why strong trust and safety investigations often depend on understanding how attackers manipulate multiple systems at once.
Here are a few themes we explore in this episode:
- why social media scam detection requires looking at behavior and motivation together
- how coordinated inauthentic behavior differs from other forms of harmful content
- why financially motivated scams often share tactics but still need different responses
- how trust and safety investigations use behavioral fraud signals to identify platform abuse
What you’ll hear in this episode:
- how Assaf’s team approached inauthentic behavior and coordinated inauthentic behavior investigations
- why identifying fraud TTPs is critical for stronger social media fraud prevention
- how pig butchering scams, impersonation scams, and investment scam detection fit into broader scam lifecycle analysis
- what teams should know about platform integrity threats and user protection strategies
- why third-party scam detection and machine learning still need close human oversight
You should listen to this episode if you:
- work in fraud, trust and safety, platform integrity, or investigations and want stronger social media scam detection
- need a better understanding of inauthentic behavior and financially motivated scams
- want practical insight into behavioral fraud signals and scam lifecycle analysis
- are evaluating social media trust and safety approaches, user protection strategies, or third-party scam detection partners
If you liked this episode, be sure to subscribe and review the podcast on iTunes, Spotify, YouTube, or wherever you listen to podcasts. It really helps with getting the word out.
Episode notes & key takeaways
This conversation is a really useful reminder that two abuse patterns can look similar on the surface and still require very different responses.
Because if you misclassify the behavior, you usually miss the root cause.
And that usually makes the long-term fix a lot harder.
Why social media scam detection depends on behavior, not just content
One of the strongest takeaways from this episode is that content alone does not always tell you what you need to know.
At first glance, two campaigns might look similar.
But when you look at behavior, coordination, motivation, and intent, the differences can become a lot more important.
That is especially true for social media scam detection.
Because attackers adapt. They reuse tactics. They test different formats. And they often try to hide inside patterns that look ordinary until you zoom out far enough to see the bigger picture.
Operational themes may include:
- social media scam detection gets stronger when teams prioritize behavior over isolated content review
- behavioral fraud signals often reveal coordination that individual posts or accounts do not
- platform integrity threats are easier to understand when teams focus on repeatable abuse patterns
- user protection strategies depend on identifying the underlying mechanism, not just the visible symptom
Why inauthentic behavior and coordinated inauthentic behavior need precision
This is one of those areas where terminology really matters.
Because people often group a lot of different abuse under broad labels, and that can be a problem.
Assaf explains why distinguishing inauthentic behavior from other categories is critical if your goal is actually stopping it from happening again. It is not just about naming the issue correctly. It is about understanding what the actors are trying to do, how they coordinate, and which systems they are exploiting.
That level of precision matters a lot in trust and safety investigations.
Operational themes may include:
- inauthentic behavior should be evaluated through coordination, intent, and manipulation patterns
- coordinated inauthentic behavior often creates both reputational and financial risk
- social media trust and safety teams need definitions that support enforcement, not just description
- fraud TTPs are easier to disrupt when teams classify abuse accurately from the start
How financially motivated scams move across platforms and systems
This is where the fraud side becomes especially clear.
Financially motivated scams are not isolated to one message, one app, or one account.
They often move across channels.
A social media interaction becomes a private conversation. That conversation becomes trust. Then trust becomes a pitch. And eventually that can become payment fraud, a crypto transfer, an impersonation scam, or a larger scam lifecycle that stretches across multiple platforms.
That is why scam lifecycle analysis matters so much.
And it is also why social media fraud prevention cannot be done in a vacuum.
Operational themes may include:
- financially motivated scams often rely on multi-step, cross-platform attack paths
- pig butchering scams and investment scam detection both benefit from understanding progression over time
- impersonation scams often borrow trust from legitimate identities or familiar brands
- scam lifecycle analysis helps teams see how separate touchpoints connect into one larger fraud path
Why strong investigations still require human judgment and close oversight
There is also a really important side conversation here about tooling, machine learning, and third-party partners.
And honestly, it is worth paying attention to.
Because even when teams have strong internal engineering support or outside detection capabilities, the work still needs oversight. Models need monitoring. Outputs need validation. Partners need scrutiny. Otherwise teams can end up with a lot of noise, weak assumptions, or misplaced confidence.
That does not end especially well.
This episode does a great job of showing why trust and safety investigations benefit from both technical depth and ongoing human judgment.
Operational themes may include:
- third-party scam detection should be evaluated carefully before teams rely on it
- machine learning in social media fraud prevention still needs strong operational oversight
- trust and safety investigations work best when human expertise guides automation
- user protection strategies improve when teams continuously review whether controls are actually working
One of the main reasons this conversation stands out is that it shows how sophisticated platform abuse can be without making it sound abstract. When teams understand inauthentic behavior, financially motivated scams, and the behavioral signals behind both, they are in a much better position to investigate root causes and protect users more effectively.
