Scam Of The Week: Valentine’s Day Phishing Attacks

question_heart-1.jpg  Valentine's Day Phishing AttacksIt is time to remind your users that heartless con artists use social engineering tactics to trick people looking for love. 

The FBI's Internet Crime Complaint Center warns every year that scammers use poetry, flowers, and other gifts to reel in victims, the entire time declaring their "undying love."  

These callous criminals -- who also troll social media sites and chat rooms in search of romantic victims -- usually claim to be Americans traveling or working abroad. In reality, they often live overseas and it's a whole industry with planned criminal campaigns focused on days like this. 

The Valentine's Day Scams Are Plentiful

There are many Valentine's Day scams, but the most prevalent are phony florists, online dating scams, phony Valentine's day electronic greeting cards and delivery scams. These days, organized cybercrime gangs create whole malicious florist websites, or send you an email claiming to be from a local florist with a great deal (just click here) to save big on flowers.

Fake electronic greeting cards can be filled with malware and if you click on the link to open the card, you will infect your computer or other electronic device with malware that will steal your personal information and use it to make you a victim of identity theft.

Another current Valentine's day delivery email scam is about the delivery of a gift basket of wine and flowers, however the person bringing the gift basket requests five dollars or less as a fee to be paid by credit card because alcohol is being delivered.  When you fill out the online form, the scammer runs up charges on your credit card.

I suggest you send the following to your employees, friends and family this weekend:

It's Valentine's Day and the scammers are out in full force... again. There are many ways these online criminals try to trick you, but the most common are phony florists, online dating scams, phony electronic greeting cards and delivery scams. So, here are the red flags you need to look out for.


Do not trust emails or advertising from online florists or other gift retailers until you are sure that they are valid.  Otherwise, you might be turning over your credit card information to a scammer or infect your computer with malicious software.  


Do not trust an online greeting card, particularly if it does not indicate who sent it to you. Be very wary of a card sent by "a secret admirer." Even if you recognize the name, confirm that it was really sent from that person before you click on the link and open the card.


Do not trust special deliveries, there is no special charge for alcohol so if someone requires a credit card payment for such a delivery, just politely decline knowing you just dodged a bullet.


Do not trust anyone who indicates he or she is in love with you and then wants to communicate with you right away on an email account outside of the dating site, claiming to be working abroad, asking for your address and poor grammar which is often a sign of a foreign romance scammer. Many romance scams originate in Eastern Europe... The rule still applies: THINK before you click.

If you are a KnowBe4 customer, we strongly suggest you send one or more Valentine's Day simulated phishing attacks to test your users. Here's one example:
Flowers_For You.png
Let's stay safe out there.
Warm regards,
Stu Sjouwerman
Founder and CEO, KnowBe4, Inc.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews