Tenable Warns of Surge in Romance Scams that Abuse the Currency of Trust
February 2023 by Satnam Narang, Principal Research Engineer, chez Tenable
Romance scams are on the rise and Valentine’s Day is just one example of when these scams can significantly increase. The reality is that scammers are constantly looking to prey on those looking for genuine connections and abuse the currency of trust. Reports from around the globe show a similar trend in the rise of romance scams resulting in millions of dollars being lost. The Federal Trade Commission reports that individuals have lost a staggering $1.3 billion to romance scams over the last five years. According to figures from Action Fraud, UK victims have been conned out of £317 million over the past four years. According to ScamWatch Australians reported losing over $40 million in 2022 to romance scams. In a statement by the National Police in the European Union following the arrest 16 alleged cybercriminals who carried out an online scam dubbed the ‘love scam’ around 20 people across Europe were conned out of millions of euros.
Tenable, the Exposure Management company, has warned that dating apps are a prime destination for scammers looking to prey on vulnerable individuals seeking romance. Scammers create fake profiles using stolen photographs and pose as someone else. Once connected, they may tout get-rich-quick schemes, especially cryptocurrency investment scams, to lure unsuspecting users into fake investment websites in order to steal their funds.
Pig butchering scams
One of the latest schemes to make headlines is "Pig Butchering", which targets individuals across various messaging, social networks and dating apps through wrong-number text messages and fake dating prospects. Pig Butchering derives tactics from romance and cryptocurrency scams that rely on duping victims of money by gaining their trust with the promise of a real relationship. Scammers then exploit this trust by luring their victims into an investment scheme, typically cryptocurrency but may also include Forex or precious metals like Gold — much like feeding a hog before killing it.
Adult dating websites
On dating apps, scammers will also create fake profiles to drive potential victims to external adult dating websites. These websites, which are often seeded with fake users, leverage affiliate programs to help drive traffic. As a result, scammers abuse the affiliate programs to direct victims to create accounts on these websites with valid email addresses, which earn them a modest profit between US$2.00 - 4.00. The holy grail is a premium lead, which is where a victim inputs their credit card information into these websites, which can earn a scammer anywhere between $50-100 USD per sign-up.
ChatGPT fuel scams
Poorly constructed sentences or grammatical errors are one of the few tell-tale signs of phishing emails and dating app profiles. With the prevalence of Pig Butchering scams, ChatGPT could aid scammers by helping them create more believable profiles. This technology can also be used to help facilitate scripts used by dating and romance scammers when trying to convince their potential victims to part ways with their money or cryptocurrency.
“For dating app users, it’s increasingly important to remain skeptical, especially when being asked to participate in a get-rich-quick scheme around cryptocurrency or to send money to someone you barely know, said Satnam Narang, sr. staff researcher, Tenable.
“Scammers are playing on people’s vulnerabilities and need for connection. If anyone on a dating app is trying to get you to invest money into something, it’s a huge red flag. Always err on the side of caution and use the reporting tool built into the dating apps to flag potential fake profiles and scammers.”
What can users do if they come across a dubious account?
1. If users do come across a suspicious account, they should use the reporting tool built into the dating apps to flag these profiles so providers can remove them ASAP.
2.Don’t ever give money to people on dating sites, no matter how desperate they say they need it.
3. If you’re asked or pressured into participating in an investment opportunity, such as cryptocurrency or Forex by a potential dating prospect, recognize that you are being scammed and report the account and/or block the user.
4. Screenshot photos from Tinder profiles, then drag and drop them into Reverse Image Search tools like Google Image Search or Tineye to see if they’re taken from an existing source. Scammers love stealing images from various websites.