Online connections bring wonderful surprises – new friends and colleagues, and some even get married to their online match. But sometimes the surprises are not so wonderful. Here’s a quick look at why you should protect your heart and your assets.

It Began with a Search for Love

The FTC reported that people lost a record $547 million for 2021 to romance scams. Many online romances resulted of people being swindled out of their savings by their new significant other. The new friend suddenly needs money for an emergency and asks for help. The victim complies by wiring funds, which ultimately goes towards nefarious purposes. Usually, their match is physically far away, misses dates to meet up, and wants to progress the relationhip very fast. Stories vary, but they all end with someone heartbroken and losing money. A few of these cases:

      • Suspects have been charged with targeting people on dating sites such as Match.com, Christian Mingle, JSwipe, and PlentyofFish.

      • CryptoRom: Scammers are using dating apps like Tinder and Bumble to steal millions in bitcoins

    Social distancing, increased data breaches, and reliance on social media have gifted scammers more information about their potential victims online and enable them to personalize their attack.

    Not only should you be cautious with a potential new partner, you should also examine the security of applications and sites that will manage your personal data.

        • MeetMindful, an online dating app, was hacked and sensitive information of over 2.28 million users of the app was released.

        • Plenty of Fish leaked private user information.

        • CatholicSingles.com had 50,000 contacts’ real names, billing addresses, email addresses, and other private user data leaked.

        • “At least 70,000 photos of women scraped from profiles in the Tinder dating app are circulating on a cybercrime forum.”

        • Niche data apps exposed personal data of 100,000+ users as well as voice messages and audio recordings. This type of data could be used to extort or blackmail victims. This can impact not only your personal life, but also your professional life.

      Don’t You Love New Technology?

      ChatGPT is a chatbot launched by OpenAI. According to Mashable, “Tinder users are using ChatGPT to message matches.” This brings about the sensitive topic of disclosure on a dating app. Wouldn’t you want to know that your potential match was based off an AI-generated bot? While using bots is not new in this arena, this chatbot allows for more sophisticated messaging and connection. The potential social engineering opportunities could abused.

      Fluttr, a UK-based dating app, requires “all members complete biometric ID verification before they digitally mingle.” This is to verify identity to prevent fake profiles, scams, or catfishing. With recent high profile scams like ‘The Tindler Swindler’, this app aims to allow singles to connect safely.

       

      Best Practices to Protect Yourself.

      Verify. While it is fun meeting new people, take your time to get to know them. Hackers are in it for the long haul to piece together details to social engineer you. Learn about your new connections, check their digital footprint. Premature familiarity is something you want to avoid to prevent a cyber attack.

      Be Careful What You Share. Your private information is invaluable to you, and unfortunately, a hot commodity amongst bad actors. We’ve seen many online apps get hacked, exposing personal data and photos. And don’t forget, your photos and selfies may reveal more facts about you than you wanted – like a photo of you with your work ID.

      Be Aware. Know the latest scams and techniques out there. Here are a couple of security awareness posters to help you keep aware.

      Social Engineering. Keeping connected in a time of social distancing is tricky. Validate your network controls are effective with penetration testing as your online network grows.

       

       

       


       

       

       

       

      HALOCK Breach Bulletins
      Recent data breaches to understand common threats and attacks that may impact you – featuring description, indicators of compromise (IoC), containment, and prevention.