Fraudsters launch phishing attacks against dating sites

Share

Fending off creeps, perverts, stalkers and bunny-boilers are not the only things you need to worry about when looking for love online.

online-dating-phishing-scams.jpg

According to internet monitoring company Netcraft, criminals are stepping up phishing campaigns that target people who use dating websites, suggests research.

Netcraft says that members of the dating sites Match.com, eHarmony, PlentyOfFish, Zoosk, Christian Mingle and more had received emails seeking to steal their login details.

Any data acquired is used to befriend online dating users to trick them into handing over cash.

The fraudsters create fake online profiles and develop long-distance relationships with their victims. Once they have gained enough trust, the criminals claim they need money to pay for some sort of emergency.

“The most recent attack used a single compromised website to host hundreds of fraudulent PHP scripts, most of which were designed to steal usernames and passwords from users of the most popular dating sites,” Netcraft said.

The company said that the attacks were massive and their monitoring services had seen more than 100 compromised sites attack Match.com alone and it doesn’t correlate with the hackers’ classic preference to target banks with the method as only eight of the 862 fraudulent scripts hit banks.

It looks like we’ll have to go back to the old-fashioned method of meeting prospective partners at the pub.

Stuart O’Connor

2 comments

  • Web companies should work to promote two-factor authentication, this way your session can be hacked but your account can’t be stolen.
    There actually a lot of options – Yubico, WWPass, password managers, like LastPass can work with cryptographic devices. WWPass even has a password manager of its own called BlackBook

  • Web companies should work to promote two-factor authentication, this way your session can be hacked but your account can't be stolen. There actually a lot of options – Yubico, WWPass, password managers, like LastPass can work with cryptographic devices. WWPass even has a password manager of its own called BlackBook

Comments are closed.