Roses are red, violets are blue, if you’re not careful, cybercriminals will take your money.
OK. It admittedly lost a little something at the end there. I felt that making my point was more important than ensuring it rhymes. Today is Valentine’s Day, so there is obviously overwhelming attention today to the subject of romance. Love isn’t reserved only for February 14, though—scammers are out there trying to prey on your desire for romance and a human connection to dupe you out of your cash.
Romance Scams are Everywhere
If Dr. Phil is any indication, this is definitely more common than you might think. I only catch a few minutes of Dr. Phil every now and then when I walk in the room while my wife is watching the show, and it seems to me that at least half—possibly more—of the shows revolve around adult children trying to stage some sort of intervention for an elderly mom or aunt who is head-over-heels in love with someone they met online, and—even though they have never met this person face-to-face—they are parting with their life savings to “help” their true love. It’s crazy.
The Federal Trade Commission agrees this is a big deal. The FTC issued a warning about romance scams. The government agency received more than 21,000 reports of romance scams in 2018—totaling more than $140 million in losses.
“These types of scams will not be disappearing anytime soon. Certain times of the year, Valentine’s Day included, bring out both the best and the worst in us,” declares Anupam Sahai, VP of Product Management at Cavirin. “Here, hackers prey on those most vulnerable, especially those who are possibly recovering from a family tragedy without a support network. Given the emotions, it is no surprise that romance scam losses, averaging $2600 each, are 7x greater than most other frauds.”
Anatomy of a Romance Scam
Chris Morales, Head of Security Analytics at Vectra, explains, “Cybercrime is associated with technological tricks and an attacker’s ability to bypass and evade security controls, but what is just as commonly used are social engineering tricks that manipulate the human psyche through emotions. Defending against technology-based attacks like malware necessitates the use of technology controls but defending against social engineering becomes a mental game.”
“Which is why cybercriminals have caught on,” continues Morales. “Holidays like Valentine’s Day are a particular focal point for social engineering tricks as people tend to have elevated emotions. As many people feel particularly lonely on this day, any kind of attention would be comforting. It is unfortunate that many online predators would manipulate strong emotions to influence people into performing acts such as sending a financial transaction to someone who they have never met.”
According to Nathan Wenzler, Senior Director of Cybersecurity at Moss Adams, attacks like these are becoming more precise and sophisticated over time. “One of the side effects of the huge number of data breaches we’ve seen over the last several years is that more and more personal data is out and available for attackers to use. Armed with these personal details, it becomes much easier to have conversations that may interest the victim, build trust and ultimately pose a request for money that appeals to some aspect of their personal life that the attacker has discerned from their cache of the victim’s information.”
Avoiding Romance Scams
Phishing is a powerful tactic for this type of scam, and it remains the weapon of choice for attackers. You can bet there will be no shortage of well-crafted emails and messages designed to emotionally engage you and prevent you from making rational decisions—especially when you consider all of the information available about you online and any sensitive data that may have been exposed in various data breaches in recent years.
That said, there are still some things you can do to avoid romance scams. Terence Jackson, Chief Information Security Officer at Thycotic, offers these tips:
- Follow your gut! If it sounds too good to be true, it usually is.
- Stay clear of stories that pull at your heart strings from unsolicited sources or strangers that are requesting money.
- Never share usernames, passwords, bank account numbers or credit card numbers with strangers.
- Use common sense. That Romeo or Juliet is more likely a scammer than your soul mate.
- If the request is from someone familiar, call them to verify the request, don’t just take a social media message at face value.
- If your new “love” is on a dating app and one of the first request is for money…..Run like the wind!
If you follow this advice, you can have a wonderful Valentine’s Day, and hopefully avoid romance scams throughout the year.
- Unlocking Proactive Compliance with Adobe’s Common Controls Framework - October 14, 2024
- Unlocking the Power of Continuous Threat Exposure Management - October 8, 2024
- The ReliaQuest Mindset: A Competitive Edge in Cybersecurity - October 4, 2024