Security firm notes ‘romantic phishing’ on the rise

Experts from Kaspersky Lab experts have detected a sharp increase in phishing activities from criminals offering users various romantic goods on the eve of Valentine’s Day.  

The total number of user attempts to visit fraudulent websites with a romantic theme that were detected and blocked during the first half of February more than doubled compared to the same time in 2018, a reminder that fraudsters are always looking for an excuse to steal users’ data and money.

Phishing is one of the most popular and easiest social engineering techniques to exploit online users. It is a type of fraud where criminals use deception to acquire users’ credentials – from passwords to credit card numbers, bank account details and other financially important information.

Phishing emails and websites usually come disguised as legitimate ones that encourage a recipient, for one reason or another, to urgently enter their personal data. They are often fueled by the news agenda, be it major sport event or thematic holidays. Valentine’s Day is no exception.

The overall number of user attempts to visit fraudulent websites that were detected and blocked by Kaspersky Lab solutions in the first half of February 2019 – the days leading up to February 14th – dramatically peaked from over two million in 2018 to more than 4.3 million this year.

According to statistics, the most affected countries were Brazil (a more than 6.4% share of detections), Portugal (more than 5.8%), and Venezuela (5.5%). They were followed by Greece (5.3%) and Spain (5.1%).

Deeper analysis into the sent emails has shown that fraudsters are particularly exploiting pre-order gift items and performance enhancing drugs as a trap to lure users into sharing their credentials in order to please their loved ones. This again proves the findings of Kaspersky Lab’s own survey, indicating that when it comes to love, users tend to lose their vigilance.

“Our research has shown that there is no difference between phishing activities exploiting major sporting events, fake payment bills, or a more romantic pretext. They all just need to drive users’ emotions, be it excitement, stress, or love. Thus, almost anything can become an attack tool in the cyber fraudsters’ hands. The detected spike reminds us that we should always be cautious when surfing the web even we are just buying flowers for our loved one,” warned Andrey Kostin, senior web-content analyst at Kaspersky Lab.

Comment on this post