I'm a Scam researcher - I spend my days hunting for the threats that try to reach everyday users on the internet.
Before this, I worked as a Lead Developer in an IoT and Industry 4.0 startup. I have enjoyed working with security for the past 6 years.
My team protects people from malicious websites — phishing pages, scams, fake stores, the lot. I research the patterns attackers use, then turn that research into signals and detections that block them at scale.
I turn haystacks
into answers —
as fast as questions arrive.
Pull threads on suspicious sites and clusters of attacker activity.
Prototype tools, scrapers, and pipelines fast.
Interrogate big datasets and surface the anomalies.
Reproduce, isolate, and patch — without losing momentum.
Every investigation spans different languages, several dashboards, and a stack of half-remembered docs.
Most of the day is glued coding and rewriting the same query for a new data source.
Manual review works for ten URLs. It collapses at ten thousand. The signal is always one zero away.
Not as a chatbot. As a research partner that codes, queries, and reasons — from a single command line.
Open a research thread. Claude pulls context from our data sources, cross-references signals, and points at the interesting edges — before I even open a notebook.
From "I need a tool that does X" to a working prototype in minutes. For bigger jobs, multiple agents work in parallel while I review at the seams.
Plain-English to SQL across our warehouses and search clusters. When the result set is huge, Claude writes a script to process it instead of trying to do it all in chat.
Share a stack trace and the repo. Claude reproduces, hypothesizes, and patches — a half-day rabbit hole becomes a 20-minute conversation.
Skills are reusable instruction packs that Claude loads on demand — a folder with a recipe that encodes a workflow's best practices, gotchas, and house style.
Instead of re-explaining a process every time, I write it down once. Claude reads the skill when the work matches — and follows the recipe.
Encodes how I evaluate a new lead - what to check first, which dashboards to pull, and the questions that separate noise from a real campaign.
Plain-English to SQL across our warehouses - but with our column quirks, naming conventions, and partition gotchas baked in, so Claude doesn't get them wrong.
Given a geographic region, this skill pulls a representative URL sample from our data warehouse, scores each one through our reputation system, waits for enrichment to complete, re-checks for changes, and writes a structured gap-analysis report — all from a single prompt.
A cluster of look-alike domains starts surfacing in our telemetry. Pattern unclear. Volume: ~12,000 URLs.
I describe the cluster to Claude. It queries our search layer, returns the top features, and proposes a hypothesis.
Claude writes a script to fetch and feature-extract all 12k URLs in parallel — work I'd usually push to next week.
Findings written up, charts generated, dashboard updated. Detection logic drafted, reviewed, deployed.
Live tools for exploration. Scripts for scale. Don't ask a chat to chew through a million rows.
Anything you've explained twice is a skill. Capture it once and reclaim the next ten hours.
For bigger jobs, multiple sub-agents handle independent chunks while you stay on the critical path.
Claude drafts; you review. The speedup is real, but responsibility for correctness still belongs to the researcher.
One interface, one history, one place to debug. Your future self will thank you.
Claude didn't replace the research. It removed the friction between curiosity and answer — and that's the whole game.