tag:misbehavingbots.com,2013:/posts Misbehaving Bots 2025-06-07T12:10:33Z Seva Zhidkov tag:misbehavingbots.com,2013:Post/2202289 2025-06-07T11:56:24Z 2025-06-07T12:10:33Z Finding 7k TikTok scam comments with gpt-4o-mini and Batch API

Whenever I check the comments under a finance‑related TikTok video, the thread is almost always filled with sketchy promotions.

TikTok probably relies on machine‑learning models for moderation, but they clearly aren’t catching enough. Could a one‑shot LLM classification workflow do better?

Dataset

For a first experiment, I focused on a very specific niche inside the broader finance category: Dave Ramsey‑related channels. Ramsey, an American radio personality famous for his get‑out‑of‑debt advice, attracts even more scammers than the average finance creator—likely because people in debt are more vulnerable.

Using a RapidAPI provider, I downloaded 44,187 comments and replies from 140 videos across three channels: ramsey.solutions, daveramsey and ramsey.show.

Workflow

I added a simple one‑shot prompt (written with Claude) to a batch request:

system_message = "You are an expert at detecting scams in social media comments. Respond with a JSON object containing 'classification' (either 'scam' or 'not_scam') and 'explanation'."

prompt = f"""Analyze this TikTok comment for potential scam content. Look for:

* Investment scams (fake crypto, trading schemes, get‑rich‑quick)
* Romance/relationship scams
* Phishing attempts
* Fake business opportunities
* Pyramid schemes or MLMs
* Identity‑theft attempts
* Fake giveaways or contests
* Suspicious links or contact requests

Comment: "{comment['text']}"
URL: {comment['url']}

Classify as either 'scam' or 'not_scam' and provide a brief explanation."""

batch_request = {
"custom_id": f"comment-{i}",
"method": "POST",
"url": "/v1/chat/completions",
"body": {
"model": "gpt-4o-mini",
"messages": [
{"role": "system", "content": system_message},
{"role": "user", "content": prompt}
],
"response_format": {"type": "json_object"},
"temperature": 0.1
}
}

f.write(json.dumps(batch_request) + '\n')

I then submitted the batch through the Batch API (very handy to process a bunch of data in bulk without a long-running script and 50% cheaper):

with open(batch_input_file, 'rb') as f:
    batch_input_file_obj = client.files.create(
        file=f,
        purpose="batch"
    )

batch = client.batches.create(
input_file_id=batch_input_file_obj.id,
endpoint="/v1/chat/completions",
completion_window="24h",
metadata={"description": "TikTok scam detection batch job"}
)

Three hours and $2.53 later, the batch was done.

Results

Out of 44 187 comments, the workflow flagged 7 733 (about 17 %) as potential scams, coming from 1 622 users. That’s a lot—for just a few channels!

Three scammy comments in one screenshot.

A few more examples:

{"text": "\"What if I told you your money could grow in crypto—even while you sleep?\"👍✅", "url": "", "classification": "scam", "explanation": "Promises passive crypto gains—classic investment scam."}

{"text": "Thanks for making me live up to my standard life and I was able to clear outstanding debts. Your good work has made you popular and everyone is talking about you. Honestly, thank you Sir @Carlo Haley", "url": "...", "classification": "scam", "explanation": "Debt‑relief miracle + named guru = red flag."}

{"text": "Thanks for your comments and involvement on my page. L!fe‑chang!ng opt!ons?? ?", "url": "", "classification": "scam", "explanation": "Odd punctuation to bypass filters; vague life‑changing promise."}

I grouped by user and manually reviewed 100 accounts: two had already been deleted, 22 were false positives, and the rest were genuine scams. A 22 % FP rate is too high for production, but likely fixable with better context or prompt engineering.

False positives

Most false positives occurred because the model didn’t have the video’s context.

 “The comment suggests a financial strategy that promises tax benefits, which can indicate a scam…”

$3 000 and “FOR SIX YEARS” look suspicious, but in a video about offsetting capital losses, the comment is harmless.

On a hunting video, “Do the hunt.” is an organic comment, yet the LLM saw “a potential phishing attempt or a fake giveaway.”

As another example: “I’m up my money right now everything is on real discount.” Without context (a legit user profile without links, a video about market performance), the model read it as "a get-rich-quick scheme or investment opportunity".

False negatives

To find false negatives (comments the LLM marked as safe but are actually scams), I looked at users with multiple comments where only some were flagged.

A frequent pattern that I observed was a friendly compliment that links to a profile filled with scammy content. The model saw only the compliment, not the destination — so it was another case of missing context.

Reporting to TikTok

I reported the 100 manually inspected scam comments through TikTok’s in‑app form. Every single one came back “no violation,” and each decision arrived exactly 30 minutes after submission.

Needless to say, this “Dave Ramsey” account isn’t the real Dave Ramsey.

I had planned to ask TikTok for a way to report in bulk after cleaning the first batch, but if we can’t even agree on what violates policy, that may be moot. Interestingly, all reports were marked “no violation” exactly 30 minutes after submission. Coincidence, SLA artefact, or were they never reviewed?

]]> Seva Zhidkov