Love is blind: cyber-criminals socially engineering Valentine's Day

News by Tom Reeve

Critical thinking goes out the window when it comes to romantic love, a fact that cyber-criminals are exploiting on this most passionate of days.

For cyber-criminals, love is just another target for social engineering (Pic: Tetra Images/Getty Images)

Love is blind, as the saying goes, a fact that cyber-criminals are exploiting to spread malware and defraud the vulnerable, especially in the run-up to today, Valentine’s Day.

Although Shakespeare usually gets the credit for it, it was in fact Chaucer who said nearly two centuries earlier in the Merchant’s Tale, "For loue is blynd alday and may nat see." Whether Shakespeare reinvented it or merely stole it, he went on to use the phrase in several of his plays.

Researchers at University College London found that there is more than a grain of truth in saying when they found that feelings of romantic love suppress activity in the areas of the brain responsible for critical thought.

Mimecast Threat Labs has found that the cyber-criminals behind GandCrab – arguably the most successful ransomware of 2018 – have been using Valentine-themed lures for weeks leading up to today to target victims.

GandCrab is a highly professional ransomware package that has gone through at least five major code revisions in the past 12 months and, interestingly, will shut itself down if it detects a Russian-configured keyboard.

Targeting Valentine’s Day fits with the threat actor’s modus operandi of exploiting public holidays to spread the phishing emails that trigger the infection. However, unlike Christmas, Black Friday and Cyber Monday, there seemed to be a longer window of opportunity leading up to Valentine’s Day, the report said.

"These holiday events also offer the opportunity for Threat Actors to harvest a vast amount of information and data that is input into online shopping websites by coming up with fake websites and fake customer surveys that promise to deliver anything from fake vouchers to ‘great deals’ to the victim," Mimecast said in a report.

Lures deployed include:

  • Fraudulent emails offering gifts, flowers and special offers on Valentine’s Day dinners

  • Fake e-greetings containing malicious links

  • Malicious and hacked dating apps and websites

Meanwhile Kaspersky Lab has detected a large spike in Valentine themed fraud this year, reporting that the number of attempts to visit fraudulent websites with a seasonal theme, which were blocked by Kaspersky software, in the first half of February were double the number in the same period in 2018.

The number of attempts to visit fraudulent websites in the first half of February was 4.3 million, almost double the figure in February 2018. The countries where the most sites were detected and blocked by Kaspersky were Brazil, Portugal, Venezuela, Greece and Spain.

Top lures were invitations to order gifts and offers on performance-enhancing drugs.

"Our research has shown that there is no difference between phishing activities exploiting major sporting events, fake payment bills, or a more romantic pretext. They all just need to drive users’ emotions, be it excitement, stress, or love," said Andrey Kostin, senior web-content analyst at Kaspersky Lab.

Meanwhile, the City of London Police, which coordinates Action Fraud, said that 4,555 victims reported being the victim of romance fraud in 2018. In total they lost £50,766,602, an average of £11,145 per victim and a 27 percent increase on 2017, Action Fraud said.

The average age of victims is 50 and 63 percent are women. On average, women lose twice as much as men.

However, Action Fraud said that the true scale of the problem may be much higher, as many victims are too embarrassed to report it. "If you think you have been a victim of romance fraud, please report this to Action Fraud," said commander Karen Baxter of the City of London Police’s economic crime department.

According to Sussex and Surrey Police, romance fraud accounts for 10 percent of all vulnerable victim fraud reports. 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews