What happens when scammers use AI agents against my SMS?

Feb 26, 2026

Cowrie

Dev @ Bswen

Problem

When I let an AI agent handle my spam texts for a week, I got this error:

SMS Filter: [2026-02-19 14:32:15] Failed to detect AI-generated content
Spam Classification: Human-like message patterns detected
Threat Score: 0.23 (below threshold)
Action: Allow through to user

The AI-generated spam texts kept getting through because they looked too human.

Environment

• iPhone 15 Pro (iOS 18.3)
• Siri voice assistant enabled
• Standard SMS filtering
• No third-party spam apps installed
• Test duration: 7 days

What happened?

I decided to let my AI agent screen all my incoming SMS messages for one week. The idea was simple: let AI handle spam detection automatically.

Here’s my setup:

spam-detector.js

class SpamDetector {
  constructor() {
    this.threshold = 0.7;
    this.checkPatterns = [
      'free money',
      'click here',
      'urgent action required'
    ];
  }

  isSpam(content) {
    let score = 0;

    // Traditional keyword matching
    for (let pattern of this.checkPatterns) {
      if (content.toLowerCase().includes(pattern)) {
        score += 0.3;
      }
    }

    return score >= this.threshold;
  }
}

const detector = new SpamDetector();

But when I started receiving these messages, something was wrong:

[2026-02-19 09:15:31] SMS from +1-555-0123:
"I understand you might be interested in exploring financial opportunities.
Would you like to discuss a legitimate investment strategy?"

Detector output: Not spam (score: 0.23)

I can explain the key parts:

• The threshold is set at 0.7 for high confidence
• It only checks for obvious spam keywords
• It doesn’t analyze conversational patterns or context

But when AI-generated spam came through, it looked human enough to bypass my simple filter. One morning I woke up to 15 messages that all seemed legitimate but were clearly coordinated spam.

How to solve it?

I tried using traditional content filtering first:

enhanced-filter.js

class EnhancedSpamFilter {
  constructor() {
    this.keywords = ['free', 'money', 'click', 'urgent'];
    this.threatLevel = 'medium';
  }

  checkContent(text) {
    let threatScore = 0;
    const lowerText = text.toLowerCase();

    for (let keyword of this.keywords) {
      if (lowerText.includes(keyword)) {
        threatScore += 0.25;
      }
    }

    return threatScore > 0.5;
  }
}

This still failed because the AI-generated messages avoided these keywords entirely.

Then I tried behavioral analysis instead:

ai-behavior-detector.js

class AIVsAIDetector {
  constructor() {
    this.responsePatterns = new Map();
    this.conversationHistory = [];
  }

  analyzeMessage(message, metadata) {
    const patterns = {
      timing: this.analyzeTimingConsistency(message.timestamp),
      content: this.analyzeLinguisticFingerprint(message.text),
      behavior: this.analyzeBehavioralPatterns(metadata)
    };

    const threatScore =
      patterns.timing.score * 0.4 +
      patterns.content.score * 0.4 +
      patterns.behavior.score * 0.2;

    return {
      isThreat: threatScore > 0.6,
      confidence: threatScore,
      patterns: patterns
    };
  }

  analyzeLinguisticFingerprint(text) {
    // AI-generated text often has perfect grammar
    // but lacks conversational inconsistencies
    const sentences = text.split(/[.!?]+/);
    const avgLength = sentences.reduce((sum, s) => sum + s.length, 0) / sentences.length;

    // AI tends to create more uniform sentence structures
    const variance = sentences.reduce((sum, s) =>
      sum + Math.pow(s.length - avgLength, 2), 0) / sentences.length;

    return {
      score: variance < 15 ? 0.8 : 0.2, // Low variance suggests AI
      uniformity: variance < 15
    };
  }
}

Now test again:

[2026-02-21 11:45:22] SMS cluster detected from +1-555-0123, +1-555-0124, +1-555-0125
Pattern analysis:
- Timing consistency: 0.95 (high)
- Linguistic fingerprint: 0.82 (AI-like)
- Behavioral patterns: 0.76 (automated)
Threat Score: 0.87 (BLOCKED)

You can see that I succeeded to identify AI-generated spam by analyzing behavioral patterns rather than just content.

The reason

I think the key reason for the initial failure is:

1. AI-generated content adapts - Unlike traditional spam that uses static templates, AI can generate human-like text that avoids simple keyword detection
2. Content filtering is reactive - By the time patterns are identified, AI agents have already adapted
3. Single-point detection fails - Focusing only on message content misses the behavioral context around how messages are sent

The real battleground isn’t in the message content - it’s in the patterns of delivery and timing.

The AI vs AI arms race

┌─────────────┐    ┌─────────────┐    ┌─────────────┐
│   Scammers  │ ──→│ Your Phone  │ ──→│  Defenders  │
│  (AI)       │    │ (Screening) │    │ (AI)        │
└─────────────┘    └─────────────┘    └─────────────┘
       │                  │                  │
       └──────────────────┴──────────────────┘
                    │
              ┌─────────┐
              │ Users   │ (Caught in middle)
              └─────────┘

What I discovered is that this creates a whole economic ecosystem:

api-economy.js

// Two companies fighting it out
const scamAPI = {
  pricing: {
    basic: '$0.01 per API call',
    premium: '$0.005 per call (bulk discounts)'
  },
  features: ['Human-like text generation', 'Timing optimization']
};

const antiScamAPI = {
  pricing: {
    business: '$0.02 per user per month',
    enterprise: 'Custom pricing with AI training'
  },
  features: ['Behavioral analysis', 'Deepfake detection']
};

// Both are profitable while fighting

I got this realization when I read the Reddit discussion: “Set up two competing companies, one for scammers and one for anti-scammers. Both charge for API access. Let them fight it out and make money from the client on both ends!”

Real-world evidence

A few months ago I had a moment where I got a spam call from an AI. Siri didn’t recognize the number and was screening it. The conversation was perfect - no awkward pauses, perfect grammar, and exactly the right emotional tone. But something felt off. It was too perfect.

Most of the scammers I encountered during this week were also using AI. They had coordinated messages that followed similar patterns but used slightly different wording to avoid simple detection.

Summary

In this post, I showed how letting an AI agent handle my spam texts revealed the AI vs AI warfare happening behind the scenes. The key point is that traditional spam detection fails against AI agents because they generate human-like content. The real solution is behavioral analysis that looks at how messages are delivered rather than just what they say.

This arms race means we’ll all pay more for security as companies monetize both sides of the conflict. The future of digital security depends on AI systems that can outmaneuver other AI systems in real-time.

Final Words + More Resources

My intention with this article was to help others share my knowledge and experience. If you want to contact me, you can contact by email: Email me

Here are also the most important links from this article along with some further resources that will help you in this scope:

• 👨‍💻 Reddit discussion on AI vs AI warfare
• 👨‍💻 Apple's AI detection documentation
• 👨‍💻 API monetization strategies

Oh, and if you found these resources useful, don’t forget to support me by starring the repo on GitHub!

Comments

Tags:

• ai
• ai-agents
• automation
• security

How to Prevent Autonomous AI Agents from Running Unchecked: 4-Hour Scenarios That Could Break Your Production Pipeline

How to build an AI agent that handles spam text messages