You should think twice about finding the perfect match or a quick hook up online this Valentine’s Day, as scammers and hackers continue to prey on vulnerable hearts.
The Australian Competition and Consumer Commission (ACCC) estimated more than $40 million were lost to romance scams in 2022 – an eight per cent increase on the year before.
“Scammers are cold-hearted criminals who use unscrupulous tactics to trick their victims into sharing their personal details and emptying their wallets,” ACCC Deputy Chair Catriona Lowe said.
“As more Australians meet people through social media and mobile dating apps, it has never been more important to be absolutely sure of who you are communicating with.”
The ACCC knows of an incident in which a woman lost over $250,000 in a romance scam.
She was in a purely online relationship with a man who claimed to be a doctor in need of medical equipment and was sending money.
Likewise the Australian Federal Police (AFP) shared the story of a package of cash being sent from a woman in Western Australia.
When authorities asked the sender why she was posting a bundle of notes across the country, a woman said her online boyfriend claimed he needed the money to pay his workers.
Police are still trying to track down the scammer.
AFP Commander of Cybercrime Operations Chris Goldsmid said it’s important for people to be open about these scammers and is encouraging Australians to talk to friends and family if something doesn’t feel right.
“In addition to the extreme heartbreak and financial loss, many victims feel ashamed and embarrassed about telling anyone about being scammed,” he said.
“If you think you’ve fallen victim to a scam you should gather as much information as possible about the fraud, contact your financial institution and report it to the police.”
Beware of the tell-tale signs of a romance scam:
-the person can’t meet in-person or by video
-they are quick to profess their love
-they claim to be in crisis and desperate need of money.
Watch out for fake Facebook profiles
While women tend to report the most romance scams (68 per cent), men are also frequently targeted by criminals looking to score an easy pay-day.
One type of scam commonly called ‘pig butchering’ sees victims lured in on popular dating apps like Tinder where they try and convince victims to invest using fake cryptocurrency or other investment apps.
And of course there are appeals to some people’s baser instincts, as found by cyber security company Zscaler which last month unpacked a new malware strain called Album Stealer that lures people in with the promise of raunchy photos.
It’s an infection vector as old as the internet and is still proving an effective way of delivering malware.
The attack involves hackers posing as women on Facebook who start chatting up strangers. As the conversation heats up, they say they’ll send through some photos.
But instead of copying pics straight into the chat, they send a link to an innocent-looking OneDrive folder in which is a ZIP file that has generic names like “albumgirlsexy.zip” or “sexyalbum.zip”.
Within this zip are three more files: an executable, a DLL, and a DAT file.
The executable ‘Album.exe’ is a legitimate PDF viewer signed by Swiss-Hungarian company Tresorit.
When the victim opens the executable, it gets loaded with malicious DLL packaged in the album folder that in turn opens the DAT file, a self-extracting archive which contains the pictures the victim was promised.
While the victim excitedly sifts through the images sent to them by a fake person on Facebook, the virus starts unfurling a package of seemingly random executables vulnerable all of which are vulnerable to side-loading malicious DLLs.
Each program is signed by a legitimate source including storage manufacturer Western Digital and electronics company Canon, making them less likely to trip antivirus software.
The malware is an intricate, unfolding chain of events that locks guarantees persistence and learns BIOS details about the machine before stealing cookies and credentials straight out of their browser which could be used in identity theft and other hacking activities.
