Security experts have reminded lovesick netizens to keep their wits about them on the web around Valentine’s Day, pointing out the growing volume of phishing and social media scams designed to con single men.
Messaging security firm Proofpoint explained in a blog post that many unsolicited emails encourage the recipient to click through to dating sites, where they may be asked to enter credit card details to join.
“Like other unsolicited email campaigns, millions of messages with this approach are sent every day from botnets around the world, and this high volume is an important attribute of these campaigns: with millions of recipients even a very low response rate will result in a successful campaign,” it explained.
Another common scam is to use fake profiles on social media to entice the – usually male – victim, by posting comments on the pages of popular dating sites.
“Instead of trying to send a high volume of messages, social media dating scams capitalize on the fact that a single post on a popular site will be seen by thousands of potential victims, with the added advantage that they are already there looking for ‘that special someone’ and so are more likely to take the bait than a random email recipient,” said Proofpoint.
Once the victim has taken the bait and begun a conversation with the poster, the latter will urge them to take the conversation offline in order to try to extort money.
Proofpoint revealed examples of both on the Facebook pages of Match and Plenty of Fish – two of the leading dating sites.
The security firm followed one particular profile, ‘Jessica’, to see what would happen when it began talking to her online.
She responded very quickly, encouraging Proofpoint to move the conversation to Yahoo Messenger where she related a sob story designed to elicit sympathy, and asked that money be sent via Western Union to her aunt, ‘Kerry’.
“Not only are all of the names likely false, but it is almost certain that all of these pictures are stolen,” Proofpoint explained. “In addition, the links to image search results lead to adult content, and most likely malware and/or credit card scams like we saw in the original email example.”
The security firm warned users to be wary of anyone eager to switch the conversation off social media channels; that refuses to meet in person; and that asks for money, especially transferred via Western Union.
Mark James, security specialist at Eset, argued that social media companies fully understand the impact of such scams but “can only go so far” in protecting their customers.
“The rest sadly is down to the user and their ability to use common sense,” he told Infosecurity.
“Most of these companies have the option to report or flag these scam attempts and the more people that use this facility, the more effective it will become. It is very much a learning experience both from the customer and the social media platforms.”
It’s not only men who are duped in this way, of course.
In August last year four men stood trial in Winchester accused of defrauding women out of £220,000 ($366,000) in online dating scams on Match.
Through fake profiles they sparked up conversations with their victims on the site – middle-aged women – then ran a 419-type scam, asking for legal fees in order to release a ‘£100m inheritance’.