Don’t spread the love: Valentine’s Day scams to look out for
Love is in the air as Valentine’s Day rolls around again. Whether you are celebrating the day with a long-term partner or have a new flame, be aware that while you are out looking for the perfect gift, sinister forces are looking online for the perfect victim.
Here are the top three scams doing the rounds this Valentine’s Day:
1.‘Sweetheart scams’ or online dating scams steal more than your heart
Valentine’s Day can be an especially tough for lonely hearts looking for love. Online criminals take full advantage of this, developing fake relationships to scam their victims into sending more and more money.
How the sweetheart scam works
From a distance, the fraudster cultivates a fake relationship with another user of the chosen dating site. The relationship feels real to the innocent victim on the other end and can progress for months to develop trust between the scammer and the victim.
Imagine, for example, your sister has been a bit unlucky in love and her friends urge her to try an online service. Tinder is too immediate for her liking and online will give her a chance to really get to know someone before she meets them.
Within a week of joining she has a match with a lovely guy around her age who lives abroad and is ready to find the woman he will marry. They hit it off and exchange calls, texts, email and instant messages. Your sister is jubilant. Soon she will meet him.
But the first time he is due to visit, an urgent business expense means he is unable to visit, and needs to borrow a small sum of money to help a sick friend/relative or pay some obscurely explained expense, and your sister, keen to help the man she loves, wires him some money.
Over time, the scammer will ask her for more and more money until either she has nothing left or clues in on what is happening to her. In extreme cases, during the relationship, victims have been enticed into performing sex acts on video and are later blackmailed into paying up to prevent the video being posted online. Sadly, any one scammer can be performing this with many people simultaneously and any victim could be talking with as many as 20 different people at a time.
Additionally, spam and identity mining that attempts to acquire identities is increasingly common. As there are so many active users, dating sites are the playground of data-mining scammers looking for opportunities to conduct other scams. Working in groups, one person is in charge of getting personal information and then that information is handed off to be monetized.
Dating websites are even being used to scam site visitors by sending unsolicited ads and other links via online messaging platforms. Just like the gift scams mentioned above, these links direct users to pages that can install ransomware and other malware.
Online dating can be a great way to meet someone, but it can also be hit and miss. If you’ve found someone online, try to meet them before sending them gifts. Avoid continued relationships with users who start asking for money early on. Be wary of being asked too many personal questions that, typically, a stranger would not ask someone they just met.
2. Fake emails inject ransomware and other malware
Beyond filling your system with adware and other junk, fake emails are the perfect medium for distributing ransomware. Meet Spora, an extremely sophisticated ransomware that is delivered via fake emails from a popular accounting suite. Once ransomware has made it onto your machine, your files will be locked until you agree to pay a ransom. It is also capable of spreading to all of your contacts.
Whether penned by hand or sent privately online, we all like to be on the receiving end of kind words from a loved one. However, unexpected emails from “someone you know” without a name or a sender should ring alarm bells. A fake Valentine’s Day e-card, e-card for example is the perfect way to entice you into loading malware onto your computer. There is nothing new about this type of scam. Tried and tested time and time again, users tend to be aware of the risks with scam emails, but that doesn’t stop fraudsters from trying.
With this type of scam, a “click here to view your e-card” link will redirect you to a replica of popular greeting card website, such as Hallmark Ecards. If your computer has not already been injected with malware, clicking any links in this fake website will guarantee it.
Ensure flowers are the only gift you send to your nearest and dearest this Valentine’s Day. If you receive an email without a sender or with an ambiguous name, simply delete it.
3. Gift scams steal your credit card information
Beware of emails and targeted social media ads offering you great deals on Valentine’s Day gifts. This is a popular scam around all holidays, as we explained with The 12 Scams of Christmas, and still remains very effective. Unless you’ve previously purchased gifts from a company that you would expect to have your email address or facebook, be skeptical!
Important: Typos in the web addresses of stores you visit are dead giveaways that you are being redirected to fake sites — www.ebay.comm is not www.ebay.com. If you are unsure, search for your gift on the legitimate website directly by visiting their home page.
Gift cards, while not very romantic, can be a good alternative for those who would rather not risk buying the wrong present. Scammers utilise popups on social media with fake offers for phony high value gift cards at ridiculously low prices. If the deal seems too good to be true, it generally is.
Everyone loves a bargain but be mindful of where you are making payments. Gift card ads are the perfect phishing grounds for credit card information. Only buy gifts from secure websites of retailers you trust and always check the web address for typos. Additionally, make sure you see https:// rather than http:// on payment pages, indicating that your credit card payment is secure.
Stay safe – Use protection this Valentine’s Day!
Holidays such as Valentine’s Day offer increased opportunities for online scammers. Here are some tips to keep in mind.
- Don’t let your emotions cloud your judgement this Valentine’s Day. Use common sense when it comes to online romance and ask yourself, “why would someone I just met need to know this?”
- Make any credit card purchases on secure portals and watch where you click on social media. If you are being redirected to another site, check the address for typos. If you are unsure, go directly to the homepage of the site you wish to shop at.
- Always run and regularly update an online security suite like Emsisoft Anti-Malware. Common sense online is the key to preventing scams, but a safety net can give you some added peace of mind.
As you can see, there are practical steps you can take to stay safe from online scams. Use common sense, think before you click and have a happy (malware-free) Valentine’s Day.
HTTPS interception: What Emsisoft customers need to know