Cybersecurity and Romance Scams
Valentine’s Day is this weekend. Individuals and their related organizations should be aware of scams that are using romance as a theme to facilitate attacks. Deception under the auspices of romance is a timeless technique for manipulation. The manipulation can be with the aim of a number of goals. Financial gain, blackmail, espionage, and more could be the goal.
Nowadays, romance and lust are a top theme used by threat actors online. Who are these threat actors? They range from individuals looking for a payday to more sophisticated criminal groups. This type of attack can also be termed “catfishing”. The phenomena is so widespread, a popular television show and movie cover the quest to uncover fakes.
The FBI has even issued alerts and guidance to the public to stop this fraud. In 2018, they reported 18,000 complaints and $352 million in losses. For individuals, the harm can damage trust and leave people damaged. The organizations affiliated with the victim can also be negatively impacted. This post will look at the most common digital channels that would-be Romeos are targeted in.
The comments section on popular pages is awash with sketchy messages and suspicious profile pictures. Sometimes irreverent and sometimes solicitous. The comments or posts are often boosted by other accounts. Both the posting account and their supporters are often bots. After engaging with the scammers, requests for money are likely to come.
Singles go onto dating sites like Bumble, Tinder, or Match trying to find their partner. Scammers go to these sites to find people open to con. A study found that 10% of profiles on the Tinder dating app was fake. The percentage of fake profiles on other services is likely similarly high.
Malicious cupids can shoot their arrows on a 1×1 basis. This method is even less likely to hit the target than social media or dating apps. But with messaging apps like WhatsApp, Telegram, Signal, and others, there are a lot of ways to reach people.
The tried-and-true channel for scammers is sending an email. This method has fallen out of favor in recent years. Gmail and other email providers are quick to block spammy messages.
Keep Yourself and Your Organization Safe
The way to avoid scammers using romance as a means of persuasion is similar to other scams. Do not reveal too much until you confirm the person you are interacting with is authentic. The FBI has an extensive list of red flags that you are involved with a scammer. If the person you are talking to asks for money or gifts, be wary. The images might look a bit too perfect. Run a reverse Google image search to see where else the image is shown online. The location that the person logs in from could be in a different time zone. Finally, use common sense and logic to make sure your emotions do not lead to financial loss or worse.
If the impact of these attacks extends to the organizations that a person works for, the company can employ a Managed Detection and Response offering to detect threats and respond.