Love is in the air
Seasonally themed online scams are not uncommon. Black Friday, Cyber Monday and Christmas are notorious for ramping up cyber criminals’ efforts to lure people with money to spend or romantics with a soft heart into their online traps. Valentine’s Day especially makes people more gullible than usual. Cyber-related Valentine scams range from email phishing attacks, romance scams, malicious malware, to spoofing websites. Last year, an email campaign reportedly spread ransomware around Valentine’s Day. The subject line read: “This is my love letter to you.”
Romance Scams Gaining Momentum
“Valentine’s Day and the days leading up to it can be exciting, but it can also lead to heartbreak, embarrassment, and financial loss”, public affairs specialist Dennette Rybiski from FBI Richmond warns. “Well-rehearsed criminals search dating sites, apps, chat rooms, and other social media networking sites attempting to build relationships for the sole purpose of getting your money or your personally identifiable information.” Once the scammer has established trust with their target, they quickly unveil a “money problem”. Common scam angles – and giveaways – are: a sick relative, a medical emergency, a stolen wallet, passport or visa, or a last-minute plane ticket price hike, asking the victim to cough up the money to cover replacement or the unexpected expense. Unfortunately, most victims of romance scams or catphishing are hesitant to report being taken advantage of due to embarrassment, shame or humiliation. Nonetheless, it is important to report online scams to the platform you are using and file a complaint with the relevant authorities in your country of residence.
Valentine’s Day Malware
In the lead-up to Valentine’s Day, cybersecurity company Kaspersky analyzed malware using the names of over 20 popular dating apps. The keyword “dating” alone revealed 1,963 unique malicious files disguised as legitimate applications. Two-thirds of them were masked as Tinder and one third of the files as linked to Badoo. “The danger these malicious files present varies from file to file, ranging from Trojans that can download other malware, to ones that send expensive SMS messages to adware, making it likely that every ping a user gets is some sort of annoying ad notification rather than a message from a potential date”, Kaspersky explains. For example, one of the applications that looks like Tinder is in fact a banking Trojan that attempts to gain all rights necessary to steal money from the user. Another application declares itself as “Settings” right after installation. Next, it shows a fake error message and disappears, but there is a high likelihood that it will return with unwanted ads a few days later.
What to do?
Criminals follow the money and soft hearts. Fortunately, there are various steps users can take to avoid falling victim to Valentine’s Day online threats and scams.
When online, be as anonymous as possible. Avoid sharing personal information, shop as a guest and use a VPN for extra privacy Do not install apps from untrusted sources, even if they seem to be actively advertised or “recommended” Get yourself familiar with the details of the privacy controls on dating websites or a dating app such as Tinder or Grinder Be aware of what you click on. Take note of of giveaways such as spelling errors in emails or an unfamiliar sender. Type in a website’s URL into your browser window yourself, instead of clicking through from a link you’ve received or a message that popped up on social media or in a text message Choose unique and strong passwords for all of your accounts Install the latest software, patches and app updates. They are important to your digital safety and cybersecurity and help protect your data