Shakespeare said it first, and things haven’t changed: suffering and desire continue to drive victims to the social engineers. Researchers at Bitdefender have observed a phishing campaign that’s using a phony dating site for men to meet Ukrainian women.
“[In] the past couple of weeks, spammers have been targeting internet users with a mixed bag of online dating opportunities such as mail order bride services and dating platforms where single western men can meet Ukrainian women,” the researchers write.
“Despite the ongoing conflict on Ukrainian soil, many dating platforms are still up and running. Since June 10, tens of thousands of spam emails promoting perfect matches between men and beautiful Ukrainian women targeted the inboxes of users from across the globe. The spam emails originate from IP addresses in Turkey. Sixty-six percent of messages arrived in inboxes in the US, 10% in Ireland, 3% in Sweden, Germany and Denmark, and only 2% in the UK.”
When a user visits the site, they’ll be asked to enter personal details, just as they would on a legitimate dating site.
“Upon filling out the requested information, users are directed to another online dating platform, where they can immediately start chatting with beautiful women,” Bitdefender says. “But there’s a catch. Interacting with single ladies on the platforms isn’t cheap. Packages can run into the hundreds of dollars and include sending emails, a limited amount of chat time, and unlocking all profile photos of single Ukrainian women.”
While users should exercise caution on any dating sites, this one in particular had many red flags.
“Behind all the smoke and mirrors, users risk a lot of money in searching for their soul mate,” the researchers conclude. “Moreover, the likelihood of actually communicating with a Ukrainian woman is slim. Dating platforms such as these are notorious for using bots to facilitate communication with as many users as possible. Profiles seem too good to be true and many customer reviews reveal that despite breaking the bank to set up a real-life meeting with the women active on the website, none have shown up.
The correspondence resembles a marketing romance scam, and although it does not align with the situation in Ukraine, it does profit from human emotional drivers and the lack of personal connection experienced by millions of individuals during the pandemic.”
New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for these types of scams.
Bitdefender has the story.