Dating Site Scams Hit Africa – Fraudulent Copies of Tinder is Most Common Spoofed Dating App
Kaspersky Labs reported that thousands of people were fooled by fake dating apps ahead of this year’s Valentine’s Day.Kaspersky cited reported by a post on vanguardngr.com over twenty fake and malicious versions of well-known dating apps as attack vectors. There were 7,734 cyber attacks on 2,548 users in Africa.
The malicious dating apps targeted people in Nigeria, South Africa, and Kenya. The majority of the victims (58 percent) were in South Africa. Another ten percent of the victims reside in Kenya and four percent in Nigeria. In these dating site scams, hackers set up fraudulent copies of legitimate dating apps or websites to fool those seeking romance. Although the spoof dating scam websites and dating apps often look just like the real ones, they are not at all connected to the legitimate dating apps. Spoofed versions of Tinder, Bumble, and Zoosk dating apps were all involved in cybercrimes in Africa. Fake versions of Tinder were cited in two-thirds of the incidents.
Common Dating Site Scams
Common dating site scams include asking for personal information so it can be used to commit identity theft. A dating app user expects to input personal information like birthdate, place of residence, phone number, and name to fill their profile. When they input this information into a dating app that is part of a scam, the hacker steals this information and uses it to open up lines of credit in the victim’s name. The hacker may also use the email address and password entered on the fake dating app to break into other online accounts the app user has. People commonly use the same password across multiple accounts. If the hacker can gain access to the email account, they may use it to reset the passwords for more sensitive accounts like banking apps.
Stealing personal information is also a concern when the hacker’s goal is to target people who work in critical infrastructure industries like oil and gas, water and wastewater. Employees of critical infrastructure industries are constant targets of skilled hackers who are looking for a way to hack into IT systems for the sake of corporate espionage. Social engineering is a common tactic used by high-level hackers to collect personal data about potential victims. Public information is gleaned from social media and corporate websites to build a data base of information. The intelligence is used to send personalized phishing emails to victims to launch malware attacks or to conduct corporate espionage.
One Tinder themed spoofed app elevated its user permissions to give it accessibility rights which is a common vector to gain admin rights to a phone. Another scam dating app changed its name to “Settings” after installation.
What is a Romance Scam?
Romance scams are another common dating scam where a fraudster pretends to be someone interested in a relationship but has the intention of slowly stealing money from their victims. Romance scammers are patient and take their time building trust with a victim before they begin to ask for increasingly valuable gifts, prepaid debit cards, and cash. Romance scammers always have an excuse why they cannot meet in person.
Anyone using online dating apps should be cautious with who they share their private information with. Although it is exciting to begin a new relationship and find love, always avoid sharing too much personal information with strangers. Be wary of someone who finds endless excuses not to meet in person or claims they are far away in military service. Never send monetary gifts to people who you meet through dating apps.
