Fed up with constantly being targeted by “Hi Mum” scammers, Melanie Wegener decided to have a bit of fun and play along with their charade, even inviting them for Christmas lunch.
Despite diligently blocking and reporting endless scammers, the Adelaide-based mum said the texts, emails and calls kept coming.
So, when the text came up on her phone again last Christmas, Ms Wegener poured her months-long frustration into a spontaneous yet devious plan.
Saying she was "feeling a bit cheeky" that day, she decided to play along in what turned into a days-long exchange.
The usual script played out, starting with a text from an unknown sender claiming to be her child, requesting to save the new number due to phone damage.
She replied to the text with, "My favourite daughter" then continued the pretence by checking in.
Knowing that "Hi Mum" scams are often financially driven, Ms Wegener decided to cut to the chase and offered to transfer money into an existing account.
However, the story took an unexpected turn, and the scammer declined her generous offer.
Unsure of where the conversation was headed, Ms Wegener took the lead and leaned into the festive season, bringing in a question about Christmas lunch.
She even went to the extent of introducing a fictional character, a Federal Police officer investigating scams, thinking that might scare the scammer off.
Short replies followed on from there until a sinister request popped up.
The scammer wanted her "daughter's photos" to save in their Dropbox, which is a cloud storage account for files.
Undeterred, Ms Wegener countered the request with more personal questions from present ideas to music taste to even throwing in a request of her own.
While the entire conversation was driven by Ms Wegener's pretence, she noticed a lack of engagement from the scammer.
"Actually, they don't really read the messages – they've got their own agenda," Ms Wegener said.
However, the scammer remained determined to get Ms Wegener to send photos of "her daughter" to replace ones lost in the damage.
Ms Wegener shut down the request by claiming to have an old phone without a camera. The next day the scammer reached out again.
Not knowing what to expect, Ms Wegener approached the conversation with more humour.
This time the scammer asked for money, painting an elaborate picture of their struggle with the new unverified number which was affecting their ability to pay off bills.
Keeping consistent with the festive mood, Ms Wegener offered to gift a book from a financial adviser.
The scammer went silent.
Ms Wegener then popped the question she'd made the scammer work so hard for: "How much baby?"
To which the scammer replied, asking for the very specific amount of $5,976.22.
Deciding that she had wasted enough of the scammer's time, Ms Wegener delivered the punchline to her elaborate hoax.
She revealed she did not in fact have a daughter and abruptly ended the chat.
Ms Wegener's experience highlights that scammers aren't always asking for money.
An Australian Competition and Consumer Commission's (ACCC) spokesperson said scammers sometimes asked for photos and other personal details.
So, if you're not sure who the person is, don't send photos or details.
If you have given any personal information to a scammer, including photos, contact IDCARE," the spokesperson said.
After blocking the sender, Ms Wegener went on to post this conversation thread on her Instagram account which has garnered a lot of support.
One user commented: "This is EVERYTHING!! I have been waiting for this scam message to pop up on my phone so I can scam [them] back! Thank you for living my dream and doing it so damn well!!!"
That's just one of many approving messages Ms Wegener sees in responses to her post from both friends and strangers.
She said: "They kind of feel a solidarity or something like, 'Oh cool, we're getting back at scammers.'"
But her family had a different reaction.
They were more concerned for her safety, afraid that scammers might seek revenge in other ways.
Scamwatch does not recommend engaging with scammers as it can expose you to being scammed.
We spoke to an expert to find out more about scambaiting and its potential pitfalls.
What is scambaiting and how does it work?
Richard Buckland is a professor in cybercrime, cyberwar and cyberterror at the University of New South Wales.
He defines scambaiting as "the act of scamming scammers", where it is traditionally carried out by an individual out of moral outrage.
"It's a vigilante action," he added, using the term to describe scambaiters as people who bypassed laws and took charge of the issue of their own accord.
It's not a new phenomenon, having picked up traction around the year 2000.
"As you know, scams make people very, very angry — even just getting spam makes people angry and [outraged] — so people suddenly have vented that outrage by attacking the scammers back," Professor Buckland said.
In the early days, he said, scambaiting was effective in raising awareness, where the more humorous it was, the more publicity followed.
"It was really good at getting people, even young children, interested in noticing the sorts of things that scammers did, so that was great," he said.
Ms Wegener — who works as a teacher — jumped on the bandwagon for the same reason and said she was also trying to distract scammers' attention away from vulnerable people.
"I want to waste their time a little bit in [the hope] that they will try to scam fewer people," Ms Wegener said.
The ABC has received many other stories from people who have gone out of their way to string along scammers for the same reason Ms Wegener has.
So how effective is scambaiting and what are the risks?
Relating it back to today's world, where scams are rampant, Professor Buckland says there is less of a need for it.
"It doesn't really address the underlying problem of scamming as it happens at vast scale," he said.
"The scams that work are just more sophisticated than the ones that don't work and we've seen no sign that scamming has dropped off."
Professor Buckland said vigilantism could be problematic, especially because there could be all sorts of risks when people took matters into their own hands.
In extreme circumstances, scambaiters' actions can be classified as a crime.
"Some scambaiters may attack other people's systems and carry out cyber attacks themselves, which normally would be breaking the law in most countries," Professor Buckland said.
Here are some other dangers he listed:
- It's possible to target the wrong person or have an unanticipated impact on bystanders
- It's possible to have disproportionate effects on the people you are targeting
- Scambaiters are not protected by the law in instances where they break the law
- Scambaiters could be drawing more attention to themselves, which could be harmful
- Scambaiters could be leaking information about themselves without even realising
"Whenever you respond to a scam, you're risking the chance your name will be added to a list of people [who] respond," Professor Buckland explained.
"And those lists are sold because it's worth [it] to have someone [who] responds.
"Scammers do grab a lot of information from you, even if the scam doesn't complete."
This information is not limited to addresses, emails and phone numbers.
"Anything where emotions are raised is dangerous," he warned.
Then there’s the human aspect of scammers that Professor Buckland urges scambaiters to consider.
"Often the people carrying out the attacks are fairly young, or low-level people in the organisation, so attacking them is not the same as attacking the scammer necessarily," he said.
Based on his knowledge, he said, scams were often run from third-world countries.
"You don't want to become the things you despise. There's something very sad when that happens and things can escalate."
So what can we do to protect ourselves from scams?
"If you suspect you have been contacted by a scammer, do not respond, and report [the approach] to Scamwatch," the ACCC spokesperson said.
Professor Buckland suggested getting a second opinion on matters involving money, especially because scammers tend to strike once they get people into an emotional state.
"Never, ever give information or transfer money to anyone unless you've gone to someone else," he said.
He said it could be as simple as saying to a friend, "Look, this has just happened. I'm about to transfer the money. What do you think?"
The ACCC spokesperson gives the same advice: Never share photos, personal information nor pay money to someone unless you are able to independently verify who they are.
Ultimately, Professor Buckland wants the government and financial companies to step up.
"Rather than getting 10 million people to all do the right thing and stop scams from happening, why not just get 10 large organisations to do something about it," he said.
For a start, he suggested putting up barriers or intercepting payments to scammers.
"The government and the banks could cut this off at the source by making the payments difficult," Professor Buckland said.
Another thing they could do, he said, was "simply check where people are doing funds transfers and to check [whether] the name matches".
He said taking such action would stop at least 50 per cent of all scams.
Tech companies also have a role to play, he added. However, the gap, he noted, was in the lack of pressure from the government.
"There's fake ads on Google or Facebook, on Instagram, but they're just not taken down very quickly," Professor Buckland said.
He said he was hoping for better legislation to enforce greater involvement from tech companies.
The outcome of that case has yet to be announced.
Meta's competitor, Google, on the other hand, must delete "manifestly inaccurate" information if asked to by EU residents, following court rules there.
While Professor Buckland said it was important to monitor scams and educate people to spot them, he wanted to see more action taken to prevent and stop scams from happening so easily.
He said the lack of action on prevention "drives people to vigilante action, which is funny and gets clicks, but it's not actually addressing the real problem and it could get people into trouble".
"At the moment, the pain is being borne by individuals and the onus on fixing the problem is being left in [their] hands and this is one [example] where they're not capable of doing that," Professor Buckland said.
Ms Wegener, on the other hand, was still standing by her belief in scambaiting.
Taking the risks into account, she had been more mindful of her responses to scammers, keeping exchanges short and only replying with song lyrics before proceeding to block them.