When Love Hurts: How Cyber Criminals Are Going After Shoppers This Valentine’s Day

As Valentine’s Day approaches, love may be in the air for many, but scammers have no qualms about preying on people’s emotions in order to make quick money.

People are misled into transferring money to criminals who go to great measures to earn their confidence and convince them that they are in a genuine relationship in romance scams. They employ words to influence, convince, and abuse people so that money solicitations do not raise red flags.

“Cyber criminals are going after Valentine’s Day shoppers intensely this year. We’ve seen a staggering 152% jump in domain registrations themed around Valentine’s Day in January. Of those domains, 6% were deemed malicious by CPR, and 55% were deemed suspicious. Cyber criminals are looking to take advantage of the moment. They’re aim is to dupe shoppers into making ‘purchases’ on their sites, but really it’s a decoy to steal personal information, which could lead to a whole host of problems for victims, ” said Omer Dembinsky, Data Group Manager at Check Point Software (CPR).

ALSO READ: Step By Step Guide: How To File Cybercrime Complaint Online In India

Before the day of love nears, CPR urges shoppers to beware of ‘too good to be true’ offers this year and watch out for suspicious password reset emails and avoid oversharing personal information.

Malicious domain registration is a go-to tactic by cybercriminals looking to capitalize on the excitement of major shopping events, warns CPR.

CPR has graphed below the number of newly registered domains per month over the past three years. This year, the rise in newly registered domains jumped by a triple-digit percentage, similar to 2021 and 2020.

CPR also shares a real example of a spoofed domain imitating the brand “The Million Roses” that attempted to trick shoppers into giving up personal information.

In the following example, the fraudulent email (see figure below) was sent from a spoofed address. The fraudulent email listed a company address that was different from the legitimate “The Million Roses” brand. The subject line used was “Give your Valentine an unforgettable Valentine’s Day Gift.”

This is a sign that the email is from a dubious source, and the website is fake. Anyone who clicked on the link in the email would have been redirected to a fraudulent malicious link, currently inactive, which tried to imitate “The Million Roses” website.”

“Credit card fraud and personal identity theft are potential examples of what cyber criminals are capable of this Valentine’s Day season,” Dembinsky added.

“To avoid these traps, I strongly urge Valentine’s Day shoppers to be suspicious of password reset emails, to beware of too good to be true offers and look for spelling and grammar errors. Anyone or a combination of these are red flags and should tip you off that you’re in front of a trap set up by a cyber criminal,” Dembinsky said.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube