BLOG: The Dark Side of Cupid – The Motives of Cyber Threat Actors on Valentine’s Day

Valentine’s Day is a time to celebrate love and show affection for those closest to us. However, in the world of cyber security, this holiday can be a time for threat actors to take advantage of individuals who are more likely to be vulnerable due to the festive season and use the occasion to launch various types of attacks.

Most Common Types of Cyberattacks:

• Phishing scams: Threat actors may send emails or messages posing as florists, gift shops, or online retailers offering Valentine’s Day deals. These messages may contain links that lead to phishing websites designed to steal personal and financial information.
• Malware infections: Threat actors may use Valentine’s Day-themed content, such as e-cards, wallpapers, or screensavers, to spread malware. When a user downloads and opens these malicious files, their computer may become infected with viruses or other types of malware.
• Social engineering attacks: Threat actors may use Valentine’s Day to trick users into giving away sensitive information, such as passwords or credit card numbers. For example, they may send messages claiming that a user’s partner has ordered a romantic gift and asking for their shipping address or credit card information.

It is important to be cautious when opening emails or messages from unknown sources, especially around holidays. It is also a good idea to keep your anti-virus software up to date and to avoid downloading content from sources you are not familiar with.

Federal Trade Commission (FTC) reported on the 9th of February that romance scams are a growing problem. In 2022, nearly 70,000 people reported losses of over $1.3 billion. Scammers often use fake identities, including false professions such as military personnel or offshore oil rig workers, to trick their victims into sending money. Dating apps and social media platforms are popular methods for scammers to target people looking for love, and often conversations are quickly moved to private messaging apps.

Scammers may also use sextortion tactics, threatening to share explicit photos, and may ask for money through cryptocurrency, bank wires, or gift cards. To avoid being scammed, it’s important to never send money or personal information to someone you have not met in person and to be cautious of anyone who insists on using unusual payment methods. It’s also a good idea to discuss your new relationships with friends or family and to check profile details and photos through a reverse image search.

This was also a concern in South Africa as researchers warned of cybercriminals exploiting vulnerable individuals looking for love online, with South Africa’s online dating user base expected to increase to 6.3 million by 2027. Past research revealed that 35% of people surveyed in South Africa avoid dating apps due to concerns about scammers.

ChatGPT

The emergence of OpenAI’s ChatGPT software has led to the increasing use of artificial intelligence (AI) in the realm of online dating, with many individuals using AI to write love letters and enhance their dating profiles. However, a study by cybersecurity researchers warns of the risks of AI in the online dating sphere, including the potential for cybercriminals to prey on vulnerable individuals. Cybersecurity researchers advise ways to spot AI-generated text, such as looking for repetitive words and asking questions to identify inconsistent answers. While AI has altered the landscape of romance, it is important to remain vigilant to avoid falling victim to cybercrimes.

E-commerce

The convenience and accessibility of e-commerce websites make them popular among tech-savvy millennials, who are expected to drive Valentine’s Day sales. However, as expected threat actors can use this for their nefarious intentions, low entry barriers have also created vulnerabilities within online retailers that can be exploited by cybercriminals, resulting in stolen customer data and payment fraud. Attackers prepare in advance to maximize their exploits during peak activity periods and employ automated bots and human sweatshops to attack at scale. E-commerce platforms must fortify their cyber defences to protect customer data and avoid financial losses, erosion of brand value, and customer churn. A long-term approach to fraud prevention is necessary to secure proprietary and customer data while minimizing friction for genuine consumers.

Staying safe:

• Be cautious with online dating: Online dating has become a popular way to find love, especially on Valentine’s Day. However, it is important to be cautious when using online dating apps, as they can be a prime target for cybercriminals. Make sure to use a reputable dating app and be wary of any messages or requests for personal information or money.

• Avoid clicking on suspicious links: Threat actors often use Valentine’s Day as an opportunity to send phishing emails or messages with links to malicious websites. Always be sceptical of unsolicited emails and messages, especially if they contain links.

• Use strong passwords: Strong passwords are your first line of defence against cyber-attacks. Make sure to use strong, unique passwords for all of your accounts, including your email and online dating profiles.

• Keep your software and security systems up-to-date: Keeping your software and security systems up-to-date is essential for protecting against potential threats. Cybercriminals often target vulnerabilities in outdated software, so make sure to keep your systems updated to reduce the risk of a breach.

• Be mindful of public Wi-Fi: Public Wi-Fi can be a convenient way to connect to the internet, but it can also be a source of potential risk. Avoid accessing sensitive information, such as your bank account or personal information, on public Wi-Fi networks. If you need to access sensitive information, make sure to use a secure, encrypted connection.

Valentine’s Day is a time to celebrate love and joy, but it’s also a time to be extra vigilant about protecting yourself and your loved ones against potential cyber-attacks. 

To learn more about Orpheus Cyber, click here