Translating page…
PLENA
VERITA ASCENDA LEGIBLA FORTIA PROVA NAVIGA DIGITA DETECTA AEQUITA TEMPORA
Demo
🌐 English Français Español Português Deutsch عربي Swahili हिन्दी Русский 中文 Bahasa فارسی
🔍 Verify Before You Act.

The real protection
is verification, not detection.

AI fakes are now indistinguishable from reality. Detection tools are losing the arms race. What still works: verifying through channels AI cannot touch. DETECTA gives you the protocols, tools, and outputs to do exactly that — for yourself, your family, and your organisation.

Verification beats detection. A callback to a number you found independently. A document checked through an official body. A family code word confirmed in person. These cannot be faked. DETECTA's AI analysis helps flag risk — but source verification is the real protection.
Who are you here for?
👤
Myself or my family
Check a suspicious contact, protect a family member, or verify something before you act.
🏛
My organisation
Train staff, protect your community, build incident records, or assess your fraud exposure.
Jump to your sector
What DETECTA verifies
AI voice clones used in CEO wire fraud — losses averaging $25M per incident
Deepfake video calls now indistinguishable to the untrained eye — used in job scams & romance fraud
💬 Get help on messaging apps
WhatsApp Telegram

Message PLENA directly on WhatsApp or Telegram. Free. Requires a free AI key on first use.

© 2026 DETECTA · PLENA · Terms · Privacy
← Back
⚙️
Connect Your AI Key
DETECTA works in Demo mode without a key. Add a free AI key to unlock full verification analysis, personalised protocols, and structured outputs. Your key is stored locally on your device only — PLENA never sees it. When you use AI tools, your queries are sent to your chosen AI provider (e.g. Google, Anthropic). They are not sent to PLENA.
Data notice: When you use AI-powered tools, the text you enter is sent to your chosen AI provider (e.g. Google, Anthropic, Groq). It is not sent to PLENA. Your API key is stored locally on your device only. Do not paste highly sensitive personal data — names, account numbers, passwords — into AI analysis fields.
Where to get a key
FREEGroqFree tier, fast.Get key →
PAIDClaudeBest for nuanced analysis.Get key →
← All Services
⚠ Voice Is No Longer Proof of Identity
Three seconds of audio from a voicemail, a social media video, or a phone call is enough to clone a voice with current AI. "Mum, I'm in trouble, I need money right now" can be generated by anyone. Your bank's customer service voice can be cloned. Your employer's voice can be cloned. The sound of a voice is no longer evidence that the person is who they claim to be.
🎙
Voice Call Verification Protocol
You received a call from someone claiming to be a family member, your bank, your employer, or an authority. Here is the verification protocol that works regardless of how convincing the voice sounds.
🧑‍👩‍👧 Family member or friend in emergency
The "grandparent scam" and its variants are now AI-powered. The caller sounds exactly like your son, daughter, or grandchild. They are in trouble. They need money immediately. They ask you not to tell anyone else.
1
Hang up. Tell them you will call back immediately. If they protest or pressure you not to — that pressure is the confirmation it is a scam.
2
Call the person directly on a number you already have for them — not the number that just called you. If they are genuinely in trouble, they will answer.
3
Establish a family code word — a word only your real family member would know, agreed in advance. Ask for it. A cloned voice cannot know a private code word.
🏦 Bank or financial institution
Your bank calls to say there is suspicious activity. They need you to confirm your account details, move your money to a "safe account," or authorise a transaction urgently.
1
No bank ever calls asking you to move money to a safe account. That phrase, in any form, is fraud. Hang up.
2
Hang up and call back using the number on the back of your physical card or on the bank's official website — which you find by typing the bank name yourself. Do not redial the number that called you.
3
Real banks will have a record of the interaction if it was genuine. If the bank has no record of calling you — the call was fraudulent.
🏛 Government authority or immigration official
A caller claims to be from the tax authority, immigration department, police, or a court. They say you owe money, are about to be arrested, or your visa is at risk. Pay immediately or face serious consequences.
1
No government agency demands immediate payment by phone — ever. Not HMRC. Not the CRA. Not the IRS. Not the Home Office. Not USCIS. If a call demands immediate payment to avoid arrest — it is fraud.
2
Real government communication about tax debts, immigration status, or court matters arrives by physical post to your registered address first. A phone call demanding immediate action is not how these agencies operate.
3
Hang up. Search the agency's name and call their official number directly. Ask if there is any open case or correspondence in your name.
💡 Set up a family verification code word today
Choose a single word that every member of your immediate family knows. It should be memorable but not guessable from public information. If you receive an emergency call from a family member's voice — ask for the code word. A cloned voice cannot know it. This takes 5 minutes to set up and provides permanent protection.
DETECTA provides verification guidance — not call tracing or voice analysis. DETECTA cannot tell you whether a specific call used cloned audio. It teaches the verification protocols that protect you regardless of the technology used.
← All Services
🎥
Video & Image Verification
Deepfake video in real-time video calls. AI-generated profile photos. Fabricated investment screenshots. What to check and which free tools to use.
📸 Profile photo — is this person real?
AI-generated faces look entirely convincing. Investment recruiters, romance contacts, and fake professionals routinely use synthetic photos.
1
Reverse image search: Right-click any profile photo and select "Search image" (Chrome) or use images.google.com. If the same face appears with different names — it is stolen or AI-generated.
2
Check for AI tells in photos: Asymmetric earrings. Teeth that blur at the edges. Hair that merges with the background. Eyes with unusual reflections. Backgrounds with repeated or impossible patterns.
3
Free AI image detectors: Hive Moderation · Illuminarty. Upload the photo. These tools are imperfect but flag many AI-generated images.
🖥 Video call — is this person who they claim to be?
Real-time deepfake video is advancing rapidly. In a Zoom or WhatsApp video call, the face you see may not be the person you are talking to.
1
Ask them to perform a specific physical action: Turn their head fully sideways. Put their hand in front of their face. Look directly up. Current deepfake technology degrades significantly with unusual angles and obstructions.
2
Watch for: Slight lag between speech and lip movement. Edges of the face that blur or shimmer. Hair or glasses that clip into the background. Unnatural blinking patterns.
3
For high-stakes calls: Request to meet in person or via a verified video platform (Microsoft Teams, Google Meet with authenticated accounts) rather than WhatsApp or Telegram.
📊 Investment screenshot or dashboard — is this real?
AI generates convincing trading dashboards, account balance screenshots, and profit records used to recruit victims into investment fraud.
1
A screenshot proves nothing. Anyone can generate a screenshot showing any balance, any return, any profit. Screenshots are not evidence of a real account.
2
Ask them to share their screen in real time and navigate to their account while you watch — not show a static image.
3
Then check the platform on the regulator's register (FINRA, FCA, ASIC, IIROC). If it is not registered, the live dashboard you watched is also part of the fraud.
No detection tool is 100% reliable. AI generation improves faster than detection. The verification protocols above work because they test the person's ability to respond in real time — which current AI cannot fully fake — rather than analysing the image or video itself.
🔬 Real Computer Vision Scan — Hive Moderation
Upload an image for analysis using Hive Moderation's real computer vision models — actual signal-level analysis (GAN fingerprints, facial consistency, JPEG artefacts), not an AI text description. This is the same technology used by major platforms. Requires a free Hive API key.
Hive API key — get a free key at thehive.ai →
Key is stored on your device only — never sent to PLENA.
← All Services
📋
Document Verification
AI generates scholarship letters, employment contracts, government notices, tenancy agreements, and bank statements that are visually identical to authentic documents. Visual inspection is no longer a reliable test.
Loading verification protocol…
📋
Document Verification Protocol
The only reliable document verification is direct source confirmation — contacting the issuing institution using contact details you find independently, not from the document itself. DETECTA guides you through that process.
← All Services
👤
Identity Verification
Online contacts, recruiters, investors, landlords, and potential partners may not be who they claim. These are the fast, free verification steps that work.
Verifying a person online — the 4-step protocol
1
Reverse image search their profile photo. Use Google Images or TinEye. If the photo appears elsewhere with a different name, it is stolen or AI-generated.
2
Check their LinkedIn independently. Search the name directly on LinkedIn — not via a link they sent. Check: when was the account created? Do they have real connections and recommendations? Is their employment history verifiable?
3
Search name + "scam" and name + "fraud." Victims of fraud routinely post warnings. Three minutes of searching can save thousands.
4
For employers or companies: Verify the business registration independently. UK: Companies House. Canada: Corporations Canada. USA: your state's Secretary of State website.
Before you meet someone in person from an online contact
1
Always tell a trusted person where you are going, who you are meeting, and when you expect to be back. Share the contact's name and profile.
2
Meet in a public place with CCTV for a first meeting. Never go to a private address to view a rental, meet an employer, or collect anything of value from an online contact.
3
Never carry significant cash or transfer money before or during a first in-person meeting with someone you met online.
DETECTA provides verification guidance only. For serious concerns about an individual's identity in a legal context, contact your local police or relevant authority.
← All Services
✉️
Message & Email Verification
AI-personalised attacks use your name, employer, children's names, recent events, and financial situation to craft messages indistinguishable from real contacts. The verification layer that still works.
Analysing verification signals…
✉️
Message Verification Analysis
Even a message with no obvious red flags may be fraudulent. AI produces perfect grammar, correct names, and plausible context. The verification step — going to the source independently — applies to every message requesting action, regardless of how legitimate it appears.
The one verification rule that works regardless of AI
Never act on an inbound contact — always initiate outbound
When you receive any message requesting action — click a link, call a number, send money, provide credentials, confirm details — do not use any contact information in that message. Close it. Open a new tab. Find the organisation's official website yourself (type it into Google). Use the contact details on their official site. Ask them if they sent the message. This takes 2 minutes and defeats every form of AI-personalised phishing, regardless of how convincing it is.
← All Services
🗂
Your Digital Footprint
Scammers aggregate your public data — LinkedIn, Facebook, Instagram, data broker profiles, news mentions — to build a personalised attack profile. Understanding what is public is the first step to reducing your exposure.
What attackers know about you before they contact you
Before a hyper-personalised attack reaches you, the attacker has likely gathered: your full name and employer from LinkedIn, your family members' names from Facebook, your neighbourhood from Instagram location data, your financial stress signals from recent posts, your immigration status from community group mentions, and your email address from data broker databases. The attack is personalised because your data was public.
Find out what data brokers hold about you
1
Search your own name on Google — in quotation marks. See what appears. This is approximately what an attacker sees.
2
Check major data brokers for your profile: Spokeo, Whitepages, Intelius. Each has an opt-out mechanism — use it.
3
Under GDPR (EU/UK) and PIPEDA (Canada), you have the right to request deletion of your personal data from data brokers. Submit erasure requests directly on their websites.
4
Review your privacy settings on LinkedIn, Facebook, and Instagram. Limit who can see your connections, employment history, and location data. Turn off location tagging on photos.
Practical steps to reduce your attack surface
1
Use a separate email address for financial accounts, immigration applications, and government services — distinct from the email you use for social media and shopping.
2
Never post your phone number publicly. It is the primary vector for SIM swapping attacks and targeted phone fraud.
3
Enable two-factor authentication on every important account — email first, then banking, then social media. Use an authenticator app (Google Authenticator, Authy) rather than SMS where possible.
4
Be conscious of what you post publicly about financial stress, job searching, housing needs, or immigration status. These signals are actively monitored by fraud networks.
DETECTA provides privacy and security guidance — not legal representation. For data deletion requests that are refused, your data protection authority can help: ICO (UK) · CNIL (France) · OPC (Canada) · OAIC (Australia).
Simple, honest pricing

All core verification guidance is always free.

Free Forever
$0/month
No signup required.
  • All 6 verification services
  • Voice call protocols
  • Document verification guides
  • Digital footprint guidance
  • Identity verification steps
  • 12 languages
  • AI-powered message analysis
With AI Key
Pay-as-you-use
Use your own Groq (free) or Claude key.
  • Everything in Free
  • Message-specific AI analysis
  • Document-specific verification
  • Personalised protocol for your situation
  • Groq tier is free
Institutional
Custom
For employers, universities, NGOs.
  • Everything in AI tier
  • Staff training on AI verification
  • Custom verification protocols
  • Onboarding integration
  • Multilingual delivery

What DETECTA is

DETECTA is the eleventh platform in the PLENA suite — a verification literacy platform for the AI age. It teaches the procedural habits that protect people from AI-assisted fraud: how to verify voices, video, documents, identities, and messages when AI has made every traditional fraud tell obsolete.

Why verification — not detection

"AI generation improves faster than AI detection. The arms race cannot be won. The only protection that compounds rather than decays is the habit of verifying at the source."

Every tool that promises to detect AI-generated content is in a permanent arms race it is losing. The moment a detector improves, the generators adapt. DETECTA does not play that game. Instead it teaches one principle that defeats every form of AI fraud regardless of how advanced it becomes: never act on an inbound contact without first verifying through an independent outbound channel.

⚡ Enhanced Tools

🔍 Live Verification Tools

Use these authoritative checkers:

→ PolitiFact   → Snopes   → FactCheck.org   → Full Fact (UK)   → Search all fact-checkers

A personal exposure audit identifies what information about you is publicly accessible and could be used by scammers to impersonate you or gain your trust.

         

A verification code word is a pre-agreed word or phrase between you and trusted people. If someone claims to be them in an emergency — ask for the code word. AI voice clones cannot know it.

⚡ Advanced Tools

Paste a suspicious message. DETECTA scores each manipulation tactic present.

');w.document.close();}; window.dt2Recovery=function(){const type=document.getElementById('dt2-at-type').value,desc=document.getElementById('dt2-at-desc').value.trim();r2ai('Provide step-by-step account recovery instructions for: '+type+'.\n\nSituation: '+desc+'\n\nProvide in order of urgency:\n1. IMMEDIATE (do in the next 5 minutes): First action to stop further damage\n2. REGAIN ACCESS: The specific recovery process for '+type+' (include the exact recovery URL if known)\n3. SECURE THE ACCOUNT: Steps to take once back in\n4. DAMAGE LIMITATION: Check what the attacker may have done (sent messages, changed settings, accessed linked accounts)\n5. REPORT: Where and how to report this incident\n\nBe specific to '+type+'. Include current recovery URLs where known.',document.getElementById('dt2-at-out'),document.getElementById('dt2-at-btn'));}; const DT2TC=()=>JSON.parse(localStorage.getItem('dt2_trusted')||'[]'); function dt2RenderTC(){const items=DT2TC(),el=document.getElementById('dt2-tc-list');el.innerHTML=items.length?'
Trusted contacts ('+items.length+')
'+items.map((it,i)=>`
${it.name} — ${it.rel}
Code: ****** · Use: ${it.use} · Set: ${it.date}
`).join(''):''} window.dt2SaveTC=function(){const name=document.getElementById('dt2-tc-name').value.trim(),rel=document.getElementById('dt2-tc-rel').value,code=document.getElementById('dt2-tc-code').value.trim(),use=document.getElementById('dt2-tc-use').value,date=document.getElementById('dt2-tc-date').value;if(!name||!code)return alert('Add name and code word.');const items=DT2TC();items.push({name,rel,code,use,date:date||new Date().toISOString().slice(0,10)});const trimmed=items.slice(0,20);localStorage.setItem('dt2_trusted',JSON.stringify(trimmed));dt2SyncToSupabase(trimmed);dt2RenderTC();document.getElementById('dt2-tc-name').value='';document.getElementById('dt2-tc-code').value='';}; window.dt2DelTC=function(i){const items=DT2TC();items.splice(i,1);localStorage.setItem('dt2_trusted',JSON.stringify(items));dt2SyncToSupabase(items);dt2RenderTC();}; dt2RenderTC(); /* ── Supabase sync for trusted contacts ── */ function dt2SyncToSupabase(items){ if(!window._user||!window.sb)return; /* Store code words as JSON in profiles.code_words column — no raw codes stored, only metadata */ var safe=items.map(function(it){ return {name:it.name,rel:it.rel,use:it.use,date:it.date}; /* never sync the actual code word */ }); window.sb.from('profiles').update({code_words:safe}).eq('id',window._user.id) .then(function(r){if(r.error)console.warn('DETECTA: code word sync failed',r.error);}); } function dt2LoadFromSupabase(){ if(!window._user||!window.sb)return; window.sb.from('profiles').select('code_words').eq('id',window._user.id).single() .then(function(r){ if(r.data&&r.data.code_words&&r.data.code_words.length){ /* Merge with localStorage — prefer Supabase if more entries */ var local=DT2TC(); if(r.data.code_words.length>=local.length){ localStorage.setItem('dt2_trusted',JSON.stringify(r.data.code_words)); dt2RenderTC(); } } }); } /* Load from Supabase once user is authenticated (auth state fires after DOM load) */ document.addEventListener('plena:auth:ready',function(){dt2LoadFromSupabase();}); })();

Part of PLENA

DIGITA protects you from known fraud patterns. DETECTA protects you from fraud that looks like reality. Together they form PLENA's complete protection layer for the AI age.

Created by

DETECTA is part of PLENA, created by Jean Claude Havyarimana. hvyjea0012@protonmail.com

← All Services
🚨
Quick Check
Something feels wrong right now? Use these tools in the moment — while the call is happening, while the message is open, before you click anything.
🚨 Round 1 — Real-Time Scam Verdict

Something doesn't feel right. Paste or type exactly what they said — a message, a call script, an email. Get a verdict in seconds.

← All Services
🏛 DETECTA for Institutions
INSTITUTIONAL
Why institutions choose DETECTA

ChatGPT gives your staff general information. DETECTA gives them structured, actionable outputs — formatted for police, legal teams, and compliance departments, tailored to your sector and country, printable and shareable in one tap.

Sectors we serve
🎓
Universities
Student fraud, credential scams, academic integrity
🏦
Banks & Finance
BEC, payment fraud, customer protection
🏥
NHS / Healthcare
Invoice fraud, identity theft, procurement scams
⚖️
Legal Aid
Client document fraud, impersonation, deepfakes
👥
HR & Employers
Fake CVs, AI applications, payroll fraud
🤝
NGOs & Charities
Beneficiary protection, donation fraud
🏛
Government
Benefits fraud, immigration scams, impersonation
📰
Journalism
Deepfake sources, synthetic media, disinformation
What sets DETECTA apart
Structured outputs, not essays
Every tool produces formatted reports, printable checklists, and documents ready to attach to a file — not paragraphs for staff to decode.
Country & sector specific
Reporting obligations, legal duties, and threat landscapes vary by country and sector. DETECTA tailors every output to where you actually operate.
Outward-facing tools
Protect your community, not just your organisation. Generate awareness materials, briefings, and guides for your students, customers, or beneficiaries.
Your data stays in your control
Case records and settings are stored on your device only — PLENA never receives them. When AI tools are active, your queries go to your chosen AI provider only (e.g. Google, Groq). PLENA never sees your content.
All six tools are free to try right now.
Institutional licensing — admin dashboards, bulk access, white-labelling, SSO/SAML, and audit trails — are on our development roadmap. Contact us to discuss early access and timeline.
🛡 Protect Your Staff

Three tools for internal fraud resilience — training your team, building incident records, and honestly assessing your exposure.

🎓 Staff Training Content Generator

Generate a ready-to-use fraud awareness training module — tailored to your sector and staff audience. Includes a 3-question quiz. Suitable for printing, email, or intranet.

👥 Protect Your Community

Tools to deploy outward — to your students, customers, patients, or beneficiaries. Generate awareness materials, bulletins, and targeted guides in minutes.

📦 Awareness Pack Generator

Generate a complete three-part awareness pack for your community: a briefing document, a printable poster, and a wallet-sized "What To Do If Scammed" card — all tailored to who you serve.

📢 Community Scam Bulletin

Generate a current scam alert bulletin formatted as a newsletter or email — ready to send to your community this week. Tailored to sector and country.

🎯 Targeted Guide for Vulnerable Groups

Generate a plain-language, targeted fraud guide for a specific vulnerable group in your community — written at the right literacy level, covering the risks they actually face.

📋 Policy & Compliance

Generate policy documents, understand your legal reporting duties, and check GDPR compliance — specific to your sector and country.

📝 Fraud Policy Template Generator

Generate a complete, editable organisational fraud policy document — covering prevention, detection, reporting, and disciplinary procedures, tailored to your sector.

Important: This tool generates a starting template using AI. It is not legal advice and has not been reviewed by a solicitor. Have any policy document reviewed by qualified legal counsel before adoption, especially for regulated sectors.
⚖️ Reporting Obligations Checker

When fraud occurs, what are you legally required to do — and to whom? Get the specific reporting obligations for your sector and country, with contacts and deadlines.

Important: AI-generated output only. Reporting obligations are complex and jurisdiction-specific. Always verify with a qualified legal advisor or your regulator before acting on this output.
🔒 GDPR / Data Protection Compliance Checklist

Using fraud detection tools with personal data carries GDPR obligations. Get a compliance checklist specific to your jurisdiction and use case — with what you must do, what you should do, and what to document.

Important: AI-generated starting checklist only. Data protection law is complex. Have this reviewed by your Data Protection Officer or a qualified advisor before treating it as compliance evidence.
📡 Sector Intelligence

Threat intelligence tailored to your sector — not just your country. Know what fraudsters are targeting in your industry this week, and brief your team before it reaches them.

📡 Weekly Sector Threat Intelligence Brief

Get a structured threat intelligence briefing for your sector and country. Suitable for circulation to leadership, security teams, or as a standing agenda item at your weekly staff meeting.

🎭 Fraud Scenario Library for Training

Generate a set of realistic fraud scenarios specific to your sector — use them in training, phishing simulations, or tabletop exercises. Each scenario includes the script, the red flags, and the correct response.

🚀 Get Started

All tools are free to use right now with your own AI key — no signup required. Institutional licensing (admin dashboards, bulk onboarding, SSO/SAML, audit trails, and SLA support) is in active development. We are working with early institutional partners now.

1
Try any tool right now — no signup
Every tool on this page works immediately. Use the Staff Training Generator, build an Incident Report, or run a Risk Assessment — free, with no account required.
2
Connect a free AI key for full outputs
Tools work in demo mode or with a free Gemini key from Google AI Studio. No credit card needed. Takes two minutes.
3
Request institutional licensing
Tell us what you need. We are building institutional infrastructure — admin dashboards, SSO/SAML, audit trails, DPA — with early partners now. Get in touch to discuss your requirements and timeline.
What you get — now and on the roadmap
✓ Available now — free
✓ All 6 tool suites
✓ Staff training generator
✓ Incident report builder
✓ Fraud risk assessment
✓ Community awareness packs
✓ Policy & compliance tools
✓ Sector threat intelligence
✓ Drill mode (5 scenarios)
✓ Case workspace & export
✓ 12 languages
🔧 In development — institutional roadmap
◦ Admin dashboard & reporting
◦ Bulk onboarding (CSV / API)
◦ SSO / SAML integration
◦ GDPR Data Processing Agreement
◦ White-label deployment
◦ Audit trail & compliance export
◦ Dedicated SLA support
◦ Annual invoicing
Early institutional partners are helping shape these features. Contact us to be involved.
Request Institutional Access

Tell us your institution type, approximate user count, and intended use. We respond within 2 business days.

Contact for Institutional Access →
' ); w.document.close(); }; window.instShareWA = function(outId) { var el = document.getElementById(outId); if(!el) return; var text = el.textContent.substring(0,1500)+'\n\n\u2014 DETECTA at joinplena.com/detecta.html'; window.open('https://wa.me/?text='+encodeURIComponent(text),'_blank'); }; /* ── AI helper ── */ function ai(p,outId,btnId,actsId){ var out=document.getElementById(outId), btn=document.getElementById(btnId); window.ai(p,out,btn).then(function(){ if(actsId){ var a=document.getElementById(actsId); if(a) a.style.display='flex'; } }); } /* ── STAFF tools ── */ window.instGenTraining = function(){ var type=document.getElementById('inst-tr-type').value, staff=document.getElementById('inst-tr-staff').value, notes=document.getElementById('inst-tr-notes').value.trim(); var p='You are a corporate fraud awareness training specialist.\n\nOrganisation: '+type+'\nAudience: '+staff+(notes?'\nRecent concerns: '+notes:'')+'\n\nGenerate this training module:\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nFRAUD AWARENESS TRAINING MODULE\nOrganisation: '+type+'\nAudience: '+staff+'\nDate: '+new Date().toLocaleDateString()+'\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nSECTION 1 \u2014 TOP THREATS\nThe 3 fraud types most targeting '+type+' right now:\n[3 numbered threats, plain language]\n\nSECTION 2 \u2014 WARNING SIGNS\n5 specific warning signs for '+staff+':\n[5 bullet points]\n\nSECTION 3 \u2014 GOLDEN RULES\n1. [Short memorable rule]\n2. [Short memorable rule]\n3. [Short memorable rule]\n\nSECTION 4 \u2014 WHAT TO DO IF YOU SUSPECT FRAUD\n[4-5 numbered steps]\n\nSECTION 5 \u2014 QUICK QUIZ\n[3 scenario-based multiple choice questions with answers]\n\nKeep language plain. Suitable for printing.'; ai(p,'inst-tr-out','inst-tr-btn','inst-tr-actions'); }; window.instGenReport = function(){ var country=document.getElementById('inst-rp-country').value, type=document.getElementById('inst-rp-type').value, desc=document.getElementById('inst-rp-desc').value.trim(); if(!desc) return alert('Please describe what happened.'); var p='You are a fraud compliance specialist. Build a formal incident report.\n\nCountry: '+country+'\nIncident: '+type+'\nDescription: '+desc+'\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nFRAUD INCIDENT REPORT\nGenerated: '+new Date().toLocaleDateString()+'\nReference: [auto-generate ref number]\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nINCIDENT: '+type+'\nJURISDICTION: '+country+'\n\nSECTION A \u2014 INCIDENT SUMMARY\n[2-3 sentence factual summary]\n\nSECTION B \u2014 TIMELINE\n[Numbered timeline]\n\nSECTION C \u2014 IMPACT\nFinancial loss: [amount or "to be quantified"]\nData compromised: [if any]\nPersons affected: [number]\n\nSECTION D \u2014 ACTIONS TAKEN\n[What has been done]\n\nSECTION E \u2014 RECOMMENDED NEXT STEPS\n[4-5 steps ordered by urgency, specific to '+country+']\n\nSECTION F \u2014 REPORTING OBLIGATIONS ('+country+')\n[Specific bodies, contact details or URLs]\n\nSECTION G \u2014 EVIDENCE TO PRESERVE\n[Checklist]\n\nReport prepared by: ___________________\nDate: '+new Date().toLocaleDateString()+'\nSignature: ___________________'; ai(p,'inst-rp-out','inst-rp-btn','inst-rp-actions'); }; window.instGenRisk = function(){ var sector=document.getElementById('inst-ra-sector').value, size=document.getElementById('inst-ra-size').value, controls=document.getElementById('inst-ra-controls').value.trim(); if(!controls) return alert('Please describe your current controls.'); var p='You are a fraud risk consultant. Give an honest assessment.\n\nSector: '+sector+'\nSize: '+size+'\nCurrent controls: '+controls+'\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nFRAUD RISK ASSESSMENT\n'+sector+' | '+size+' | '+new Date().toLocaleDateString()+'\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nOVERALL RISK SCORE: [X/10] \u2014 [LOW/MEDIUM/HIGH/CRITICAL]\n\nRISK BREAKDOWN:\n\u2022 People risk: [X/10] \u2014 [one sentence]\n\u2022 Process risk: [X/10] \u2014 [one sentence]\n\u2022 Technology risk: [X/10] \u2014 [one sentence]\n\u2022 AI/Deepfake risk: [X/10] \u2014 [one sentence]\n\nTOP 5 VULNERABILITIES:\n[5 specific honest vulnerabilities]\n\nIMMEDIATE ACTIONS (this week, free/low cost):\n1. 2. 3.\n\nSHORT-TERM (30 days):\n1. 2. 3.\n\nSTRATEGIC (6 months):\n1. 2.\n\nWHAT A FRAUDSTER TARGETS FIRST:\n[Specific honest attack vector]\n\nBe direct. Do not soften findings.'; ai(p,'inst-ra-out','inst-ra-btn','inst-ra-actions'); }; /* ── COMMUNITY tools ── */ window.instGenPack = function(){ var inst=document.getElementById('cp-inst').value, comm=document.getElementById('cp-comm').value, country=document.getElementById('cp-country').value, threat=document.getElementById('cp-threat').value.trim(); var p='You are a fraud awareness specialist creating community materials.\n\nInstitution: '+inst+'\nCommunity: '+comm+'\nCountry: '+country+(threat?'\nPrimary threat: '+threat:'')+'\n\nGenerate THREE documents in one output:\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nDOCUMENT 1: BRIEFING\n(For distribution or reading aloud at induction)\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nFRAUD AWARENESS BRIEFING\nFor: '+comm+' | Country: '+country+'\n\nWHAT YOU NEED TO KNOW: [3 key points in plain language]\nTHE SCAMS MOST LIKELY TO TARGET YOU: [top 3, specific to this group]\nSIGNS IT IS A SCAM: [5 bullet points]\nWHAT TO DO IF IT HAPPENS: [4 numbered steps]\nWHERE TO REPORT IN '+country+': [official reporting body + contact]\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nDOCUMENT 2: POSTER TEXT\n(For printing and displaying on notice boards)\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n[Headline: one strong memorable line]\n[Subheading: who this is for]\n5 WARNING SIGNS:\n[5 very short bullet points, max 8 words each]\nIF IN DOUBT: [one clear action in bold]\nREPORT TO: [body + number/website]\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nDOCUMENT 3: WALLET CARD\n(Credit-card sized, for printing and handing out)\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nFRONT:\n[Title: 5 words max]\n3 RULES:\n1. [Max 6 words]\n2. [Max 6 words]\n3. [Max 6 words]\nBACK:\nIF SCAMMED CALL: [number in '+country+']\nIF IN DOUBT: [one action]\njoinplena.com/detecta.html'; ai(p,'cp-out','cp-btn','cp-acts'); }; window.instGenBulletin = function(){ var sector=document.getElementById('cb-sector').value, country=document.getElementById('cb-country').value, channel=document.getElementById('cb-channel').value; var p='You are a fraud communications specialist. Generate a current scam bulletin.\n\nSector: '+sector+'\nCountry: '+country+'\nFormat for: '+channel+'\n\nGenerate a bulletin in this format:\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\u26a0\ufe0f FRAUD ALERT | '+sector.toUpperCase()+'\n'+country+' | '+new Date().toLocaleDateString()+'\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nACTIVE THREATS THIS WEEK:\n\n1. [SCAM NAME] \u2014 [How it works, who it targets, what to do]\n2. [SCAM NAME] \u2014 [same]\n3. [SCAM NAME] \u2014 [same]\n\n\ud83d\udd34 HIGHEST PRIORITY THIS WEEK:\n[Name the single most dangerous threat and why it is escalating in '+sector+']\n\n\u2705 ONE ACTION THIS WEEK:\n[The single most important protective action for '+sector+' right now]\n\n\ud83d\udcde REPORT FRAUD TO:\n[Official body in '+country+' with contact detail]\n\n\u2014 DETECTA | joinplena.com/detecta.html\n\nKeep language clear, direct, and appropriately urgent. No padding.'; ai(p,'cb-out','cb-btn','cb-acts'); }; window.instGenVulnGuide = function(){ var group=document.getElementById('vg-group').value, country=document.getElementById('vg-country').value, notes=document.getElementById('vg-notes').value.trim(); var p='You are a specialist in fraud protection for vulnerable groups. Write a plain-language guide.\n\nGroup: '+group+'\nCountry: '+country+(notes?'\nSpecific risks: '+notes:'')+'\n\nWrite at the appropriate literacy level for this group. Avoid jargon entirely.\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nFRAUD PROTECTION GUIDE\nFor: '+group+'\nCountry: '+country+'\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nWHY YOU MIGHT BE TARGETED:\n[Plain language, 2-3 sentences, non-condescending]\n\nTHE SCAMS YOU ARE MOST LIKELY TO SEE:\n[Top 3, described in very simple terms with an example each]\n\nTHE 3 RULES TO REMEMBER:\n1. [Very short, memorable, plain language]\n2. [Same]\n3. [Same]\n\nIF SOMETHING FEELS WRONG:\n[Simple 3-step action plan]\n\nWHO TO CALL FOR HELP IN '+country+':\n[Official support body, helpline number, and what to say when you call]\n\nA NOTE FOR FAMILY MEMBERS AND CARERS:\n[Brief guidance for people supporting this group]'; ai(p,'vg-out','vg-btn','vg-acts'); }; /* ── POLICY tools ── */ window.instGenPolicy = function(){ var org=document.getElementById('fp-org').value, country=document.getElementById('fp-country').value, name=document.getElementById('fp-name').value.trim()||'[Organisation Name]'; var p='You are a compliance specialist. Generate a complete organisational fraud policy.\n\nOrganisation: '+name+'\nType: '+org+'\nJurisdiction: '+country+'\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nFRAUD POLICY\n'+name+'\nJurisdiction: '+country+' | Date: '+new Date().toLocaleDateString()+'\nVersion: 1.0\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\n1. POLICY STATEMENT\n[Why this policy exists, commitment to zero tolerance]\n\n2. SCOPE\n[Who this policy applies to]\n\n3. DEFINITION OF FRAUD\n[Clear definition relevant to '+org+' context]\n\n4. PREVENTION MEASURES\n[Specific controls for '+org+']\n\n5. DETECTION AND REPORTING\n[How fraud should be reported internally, by whom, to whom]\n\n6. INVESTIGATION PROCEDURE\n[Steps taken when fraud is suspected]\n\n7. EXTERNAL REPORTING OBLIGATIONS ('+country+')\n[Legal requirements specific to '+org+' in '+country+']\n\n8. DISCIPLINARY ACTION\n[Consequences for perpetrators]\n\n9. PROTECTION FOR REPORTERS\n[Whistleblower protection]\n\n10. TRAINING AND AWARENESS\n[Requirements for staff]\n\n11. POLICY REVIEW\n[Review schedule]\n\nApproved by: ___________________\nDate: ___________________\nNext review: ___________________'; ai(p,'fp-out','fp-btn','fp-acts'); }; window.instGenObligations = function(){ var sector=document.getElementById('ro-sector').value, country=document.getElementById('ro-country').value, incident=document.getElementById('ro-incident').value; var p='You are a regulatory compliance specialist. Provide specific reporting obligations.\n\nSector: '+sector+'\nCountry: '+country+'\nIncident: '+incident+'\n\nGenerate in this format:\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nREPORTING OBLIGATIONS SUMMARY\n'+sector+' | '+country+' | '+incident+'\nDate: '+new Date().toLocaleDateString()+'\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nARE YOU LEGALLY REQUIRED TO REPORT? [Yes/No/Conditional — with explanation]\n\nMUST REPORT TO:\n[Each body with: name, why you report to them, how, deadline]\n\nSHOULD REPORT TO (recommended but not always mandatory):\n[Bodies with explanation]\n\nDEADLINES:\n[Any statutory timeframes]\n\nWHAT TO INCLUDE IN YOUR REPORT:\n[Checklist of required information]\n\nCONSEQUENCES OF NOT REPORTING:\n[Legal or regulatory consequences]\n\nDISCLAIMER: This is AI-generated guidance for reference only. Verify with a qualified legal advisor before acting.'; ai(p,'ro-out','ro-btn','ro-acts'); }; window.instGenGDPR = function(){ var jur=document.getElementById('gd-jur').value, use=document.getElementById('gd-use').value; var p='You are a data protection specialist. Generate a practical compliance checklist.\n\nJurisdiction: '+jur+'\nUse case: '+use+'\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nDATA PROTECTION COMPLIANCE CHECKLIST\nJurisdiction: '+jur+'\nUse case: '+use+'\nDate: '+new Date().toLocaleDateString()+'\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nLEGAL BASIS FOR PROCESSING:\n[ ] [Identify the correct legal basis for this use case under '+jur+']\n\nMUST DO (mandatory):\n[ ] [Item 1]\n[ ] [Item 2]\n[ ] [Item 3]\n[ ] [Item 4]\n\nSHOULD DO (strongly recommended):\n[ ] [Item 1]\n[ ] [Item 2]\n[ ] [Item 3]\n\nDOCUMENT AND KEEP:\n[ ] [Item 1]\n[ ] [Item 2]\n[ ] [Item 3]\n\nDATA SUBJECT RIGHTS TO HONOUR:\n[Relevant rights for this use case under '+jur+']\n\nRISK FLAGS FOR THIS USE CASE:\n[Specific risks to watch for]\n\nDISCLAIMER: AI-generated for reference. Verify with your DPO or legal counsel.'; ai(p,'gd-out','gd-btn','gd-acts'); }; /* ── INTELLIGENCE tools ── */ window.instGenIntel = function(){ var sector=document.getElementById('ti-sector').value, country=document.getElementById('ti-country').value, audience=document.getElementById('ti-audience').value; var p='You are a fraud threat intelligence analyst. Generate a structured sector brief.\n\nSector: '+sector+'\nCountry: '+country+'\nAudience: '+audience+'\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nTHREAT INTELLIGENCE BRIEF\n'+sector+' | '+country+'\nFor: '+audience+' | '+new Date().toLocaleDateString()+'\nConfidentiality: Internal Use Only\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\n\nEXECUTIVE SUMMARY:\n[2-3 sentences: current threat level and most significant risk for '+sector+' in '+country+']\n\nCURRENT THREAT LANDSCAPE:\n\n1. [THREAT NAME] | Risk Level: [HIGH/MED/LOW]\n How it works: [Specific to '+sector+']\n Recent pattern: [What has changed or escalated]\n Recommended response: [Specific action]\n\n2. [Repeat for 2nd threat]\n\n3. [Repeat for 3rd threat]\n\nEMERGING THREATS TO MONITOR:\n[1-2 threats gaining momentum that have not yet peaked]\n\nAI-ENABLED FRAUD SPECIFIC TO THIS SECTOR:\n[How AI is being weaponised against '+sector+' specifically]\n\nACTION ITEMS FOR '+audience.toUpperCase()+':\n1. [Specific action this week]\n2. [Specific action this month]\n3. [Policy / structural action]\n\nKEY INDICATORS OF COMPROMISE (IOCs):\n[What to look for in your systems/communications]\n\nINTELLIGENCE SOURCES FOR '+country+':\n[Official fraud intelligence bodies and how to access their feeds]'; ai(p,'ti-out','ti-btn','ti-acts'); }; window.instGenScenarios = function(){ var sector=document.getElementById('sl-sector').value, type=document.getElementById('sl-type').value; var p='You are a fraud training specialist. Generate realistic training scenarios.\n\nSector: '+sector+'\nScenario type: '+type+'\n\nGenerate exactly 3 scenarios in this format:\n\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nSCENARIO 1: [NAME]\n\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\u2501\nDIFFICULTY: [Easy / Intermediate / Advanced]\n\nTHE SCRIPT:\n[The exact message, email, or call script the fraudster uses — realistic, specific to '+sector+']\n\nRED FLAGS IN THIS SCENARIO:\n[3-5 specific tells the target should notice]\n\nCORRECT RESPONSE:\n[Exactly what the target should do]\n\nCOMMON MISTAKE:\n[What most people do wrong in this scenario]\n\n[Repeat for Scenario 2 and 3, escalating in sophistication]'; ai(p,'sl-out','sl-btn','sl-acts'); }; })();
← Home
📁 Case Workspace
Every suspicious event — real or drill — becomes a structured record.
⚠️ Cases are stored in your browser only. Sign in to sync across all your devices and protect against data loss.
📁 New Case
← Home
🎯 Drill Mode — Beyond KnowBe4
Train against 2026 threats, not 2015 phishing
Five interactive scenarios — AI voice clones, deepfake video calls, WhatsApp impersonation, fake documents, and identity fraud. Scenarios are reviewed and updated regularly to reflect current threat patterns. Each gives you personalised AI coaching on your exact choice. Results save to your Case Workspace.
📞
The CEO Voice Clone
A call from your "CEO" asking for an urgent transfer
Hard Business Email Compromise · Voice Fraud
🎙 Scenario — you receive this call
You're at your desk on a Tuesday afternoon. Your phone rings. Caller ID shows your CEO's name and number.

"Hi, it's [CEO name]. I'm in a confidential board meeting and I can't talk long. I need you to process an urgent supplier payment — £18,500 to a new account. I'll send you the details by text. Don't put it through the usual approval chain — this is time-sensitive and confidential until the deal closes. Can you do that for me right now?"

The voice sounds exactly like your CEO. The number matches. The request feels urgent.
What do you do?
📱
WhatsApp Family Emergency
An urgent message from a "family member" in trouble
Medium Impersonation · Social Engineering
📱 Scenario — WhatsApp message, unknown number
An unknown WhatsApp number messages you at 7pm:

"Mum/Dad it's me. I dropped my phone and broke it, using a friend's. I've been in a small accident — nothing serious but I need to pay for repairs before I can leave. I need £650 sent urgently. Please don't call Dad/Mum yet — don't want to worry them until I'm home. I'll explain everything tonight. Can you send to this account?"

They send a sort code and account number. The message sounds like your child's voice. They use a nickname only your child uses.
What do you do?
🎥
The Deepfake Job Offer
A video interview that asks for your ID and bank details
Hard Deepfake · Identity Theft
🎥 Scenario — Zoom interview, applied 3 weeks ago
You applied for a remote marketing role three weeks ago. A recruiter emails inviting you to a Zoom interview. The interviewer appears on video — professional, articulate, good lighting. The company name matches a real business you can find on LinkedIn.

Midway through, the video freezes briefly. The interviewer continues: "We'd love to offer you the position today. To process your contract and set up payroll, I'll need your National Insurance number, bank account details, and a scan of your passport — just standard onboarding. Can you send those across by end of day?"

The job pays well above market rate. You've been job-hunting for two months.
What do you do?
🏦
The Bank Fraud Team Call
Your "bank" calls about suspicious activity on your account
Easier Vishing · Financial Fraud
📞 Scenario — unexpected call, caller ID shows your bank's name
Your phone rings. The caller ID shows your bank's name. A professional voice says:

"Good morning, this is [Bank name] fraud prevention. We've detected unusual activity on your account — two transactions from overseas merchants in the last hour. To secure your account, I need to verify your identity. Can you confirm your sort code, account number, and the one-time passcode we're sending to your mobile right now?"

A text arrives with a 6-digit code. The caller is polite, professional, and says they need the code "to freeze the fraudulent transactions."
What do you do?
📄
The Scholarship Processing Fee
You've won a scholarship — but must pay a fee first
Easier Advance Fee Fraud · Document Fraud
📧 Scenario — email with official-looking PDF attachment
You receive an email with a university logo and a PDF attachment. The letter states:

"Congratulations. Following a competitive review process, you have been selected to receive a £4,500 International Excellence Scholarship. To release the funds, a processing and administration fee of £175 must be paid within 48 hours via bank transfer to the account below. Failure to pay within the deadline will result in the award lapsing and being offered to the next candidate."

The PDF looks professional. The university name is real. You did apply to this university last month.
What do you do?
← Home
👤 My Account
Your data: Cases are stored securely in your Supabase database. Queries sent to AI tools go to your chosen AI provider only — not to PLENA. You can export or delete all your data at any time.
← Account
🏛 Institutional Admin
All cases across your organisation