February 14 is Valentine’s Day. As everyone knows, this date is very special for all lovers, but cyber criminals also know how to take advantage of it. In the past, dating sites, for example, have been victims of ‘credential stuffing’ attacks, in which user accounts have been compromised.
Exactly two years ago, the Scarlet Widow hacker group also made headlines. With their fake romantic messages, they particularly targeted single people, such as senior citizens. The criminals created fake profiles of fictitious users and thus tricked many victims into transferring money to them. There have also been numerous reports in the media about the proliferation of bogus online Valentine’s Day sites offering gift lists – but actually defrauding many victims. The fact that this fraudulent method is particularly profitable is demonstrated by a survey carried out last year by the German digital association bitkom. 50% of men and 40% of women surveyed said they intended to give flowers to their partner or other loved one on Valentine’s Day. Treats are also very popular, it was the favorite gift for 30% of men and 41% of women. Likewise, 30% of men have opted for perfume, imitated by only 15% of women. As a result, Valentine’s Day is also an important date for traders, and due to the pandemic and the closure of shopping malls, online shopping sites have an even greater chance of winning the lion’s share.
In principle, it is not surprising that cyber criminals exploit special events such as vacations, major sporting events, natural disasters or global crises such as the current pandemic to serve their own interests. After all, a large attack surface always opens up for crooks when many people are interested in a particular topic at the same time, and therefore become vulnerable. The good news is that consumers are not helpless against this type of attack. If strong security measures are effectively enforced, users and their digital identities will be better protected against attacks around Valentine’s Day and beyond. For online shopping for example, customers should only trust known and verified suppliers, and should pay special attention to their professionalism – including looking at its customer support services. This includes, for example, verification of the site’s domain name – many malicious actors create platforms spoofing well-known brand names, but sometimes append “.fr.com” to the end instead of just ” .Fr “. Attention should also be paid to complex payment methods – if payment must be made in advance, even if several payment options were mentioned at the beginning, this can call into question the reliability of the site. Very poorly translated General Conditions and the impossibility of printing should also alert consumers, and encourage them not to buy.
Regarding the use of dating sites, users should limit their visits to recognized sites, and always keep in mind that cyber criminals use them too. Accordingly, when communicating with other users, it is essential to ensure that they have a verified account. It is also crucial to avoid sharing personal and sensitive data online, such as address, financial information or other personally identifying data. This topic requires special attention, because it is precisely this type of information that is worth its weight in gold to hackers – if a user explicitly requests this kind of data, this is an important red flag. and all communication must be interrupted.
Especially in these times of pandemic, Valentine’s Day promises to be a particularly lucrative opportunity for cyber criminals who will exploit human nature’s need for communication and closeness as well as the desire to give gifts to loved ones. However, if users are aware of the dangers and remain attentive to certain points and red flags that reveal potential fraudulent actions, these attacks will become ineffective and their own digital identity will be much better protected.