As Valentine's Day approaches, many people are focused on love, chocolate, and flowers—but romance-themed cybersecurity threats may not come to mind. However, it's important for you and your team to stay diligent all year long by keeping an eye on possible cybersecurity threats.
Romance scams are on the rise—reaching a record $304 million in losses reported to the FTC in 2020, which is 50% more than reported in 2019. And since the isolation of the pandemic, more and more seniors are being targeted.
Below, we’ll discuss the kinds of romance-centric cybersecurity threats to be aware of to protect yourself or the people you care about.
Common Romance Cybersecurity Threats
Phishing, Vishing, and Smishing
Phishing is a tactic that cybercriminals use to try to get you to provide sensitive information or take a specific action. You should also be on the lookout for smishing (SMS-text message phishing) and vishing (voice phishing). Here are some romance-specific examples:
- E-cards that appear to be from family, friends, or colleagues. While sending an e-card sounds like a thoughtful surprise, it is also a common phishing tactic. A threat actor can pose as your friend, a member of your family, or a colleague to get you to click the link and provide them with your sensitive information.
- Shopping deals that seem too good to be true. There are a number of threat actors trying to convince you they have the best deal for that item you’ve been looking at—but when you click the link, you’ve accidentally shared your information with them. Verify senders, links, and more before you use them, and remember: if a deal seems too good to be true, it probably is.
- Downloads. Think twice before you download that “love song” that’s just been sent to your inbox for Valentine’s Day. Always verify the sender through another trusted communication channel. As a general rule, if you are not expecting a download from someone, it’s best to ignore it.
Catfishing is a social engineering romance scam in which threat actors use false names, photos, and other identifying information to target their victims online.
Like other phishing efforts, many threat actors try to use urgency to get you to take action or send them money without thoroughly thinking through the situation. In romance scams, this can also be identified by an attempt to create an immediate, deep connection so they can lure victims in with an emotional tie.
One popular example is a threat actor known as “The Tinder Swindler.” He spent time talking to and creating “meaningful relationships” with women, who he then took advantage of to steal millions of dollars. Recently, this story has gained popularity due to a Netflix documentary about this threat actor’s elaborate, long-term catfishing strategy.
Dating App Security
In addition to ensuring the people you’re talking to on dating apps and websites are real, it’s important to keep an eye on the security of the platform itself.
In 2020, a group of researchers found a way to access information about individual users on the Bumble platform. “Even when Sanjana Sarda, a security analyst was locked out, Sarda was able to continue drawing what should’ve been private data from Bumble servers,” Forbes reported.
This information included:
- User interests, if their profile was connected to a social network.
- A general location, which could be specified with more information.
- All photos the user had uploaded to the app.
In order to fight back against cyber attacks, be sure to maintain unique, difficult passwords for all of your accounts and use two-factor authentication whenever possible. If you believe your information has been compromised, change your password(s) immediately.
Stay Safe From Cybersecurity Threats All Year Long
Cyber threats are becoming increasingly sophisticated and romance scams have seen a dramatic rise over the last few years, so it’s important to keep an eye out for warning signs.
Keep your organization and family safe year-round with up-to-date information through our year-round Campaign in a Box content, which includes:
- End user-ready messages organized around a unified theme.
- A kickoff message for end users to send via email.
- A core blog post to link to or republish on your intranet.
- A week-by-week communication guide with chat messages and email updates.
Access this month's Romance Scams Mini Campaign in a Box to learn more about staying safe online all year long!