Account Security / Credential Stuffing / New Account Origination / Website Scraping

Cupid or Cybercriminal: Arkose Labs Data Predicts 80% Rise in Romance Scams

February 14, 20225 min Read


Valentine’s Day is a prime activity period for romance scams and fake accounts. To maximize their exploits, bad actors prey on potential victims not just on dating platforms, but also on gaming and social media platforms

Valentine’s Day is the day for love. But for those who don't already have a special someone in their lives, the search for love these days primarily takes place online. Unfortunately, this reality has opened up a major route for scams and abuse - on dating platforms and beyond.

Fake accounts and spam increase during the Valentine’s season

The latest insights from the Arkose Labs Global Network warns consumers and businesses of heightened scams during Valentine's Day season. Fake new account registrations and online messaging spam tend to spike between the first and second week of February. In 2021, our threat researchers observed an 80% increase, indicating that attackers use fake accounts the most during the Valentine’s Day holiday than other times of the year. Interestingly, fake account creation drops in the week following Valentine's Day – for 2021, the figure stood at 50%.

Online dating websites and apps have become the hotbed for romance scams. To attract more consumers, these platforms allow them to set up their profiles quickly – often with just an email ID – and begin exploring profiles of interest. Valentine’s Day provides attackers with the perfect setting to dupe the vulnerable and lonely. They create fake accounts to entice good users into a fictitious romance. Then using social engineering, they trick their ‘love interests’ into transferring money. They also blackmail people into paying money after recording intimate video sessions and threatening to post them on social platforms.

According to our research, in January 2021, the average attack rate across dating sites was 5%; it skyrocketed to to 33% in February, with most of the attacks executed around the 14th.  The rate of human attacks (versus malicious bot-driven attacks) soared from less than 1% in January to nearly 15% in February. Based on these insights, we foresee a 15-fold increase in human-driven attacks on dating sites from January to February of 2022.

Another scam, raging on online dating platforms, that compelled the Interpol (International Criminal Police Organization) to issue a warning to consumers was the investment scam. The bad actors earn trust of the potential victim. They then convince their ‘partners’ to download fraudulent trading apps and sign up for financial products to earn money. The bad actors carefully plan the entire scam, complete with fraudulent websites, emails, and customer service executives to answer any questions that the victims may have. Once the victims 'invest' money, they get locked out of the 'investment' accounts. The scammer and the entire setup vanish. Victims cannot even retrieve the money since they authorized the payments themselves.

Attackers are targeting online gaming and social media platforms

Valentine’s Day is a lucrative time for attackers. They do not restrict themselves only to online retail or dating platforms. They are always looking out for vulnerable consumers anywhere they can find them. Online gaming and social media platforms, too, provide them with a happy hunting ground.

This notable shift occurred during the early days of the pandemic, and has held steady ever since. With people sheltered-in-place and unable to socialize outside of their homes, they began to “socialize” online and specifically through gaming platforms. Consumer use of data platforms waned while use of gaming site accelerated. Attackers recognized the pattern and followed consumers to the gaming platforms.

Most of the social and online gaming platforms have communities and social forums, where consumers can engage and interact with others. Bad actors take advantage of these features to befriend genuine consumers near Valentine’s Day and exploit them in several ways. They may extract money from them or use them as money mules for money laundering. In 2021, during the second week of February, one in five users on P2P platforms (dating, gaming, social media) were fake users trying to proliferate scams. 

Be extra vigilant at the entry gates

Attackers are in overdrive to make a profit during Valentine’s Day. They are scouting for vulnerable consumers across digital platforms – eCommerce, dating, gaming, and social – to prey upon. In addition to educating their users about the impending scams, these platforms must take steps to foil the machinations of the attackers. 

Digital platforms must shut the entry gates at bad actors. This will allow genuine consumers to engage meaningfully in a trustworthy environment. These platforms can be extra vigilant at entry points – login and new account registration – to prevent downstream abuse. However, they must refrain from treating genuine consumers on par with attackers. Instead, they should use targeted friction to intercept attackers while maintaining good user throughput. 

Digital platforms can adopt Arkose Labs’ long-term approach to fraud prevention for consumers’ account security. This approach erodes the returns from an attack to force the attackers to give up. To learn how a leading dating platform leveraged this approach to wean the attackers away, click here to read the case study.

‘An evening out’ is not an option for most consumers due to the still prevalent restrictions on physical outings. The celebrations will largely be digital – which means a field day for bad actors. The increase in the volumes of online transactions is a boon for attackers. They can take advantage of this surge in digital traffic and the relatively relaxed authentication measures to sneak into the business networks. They can exploit the system with account takeover attacks, fake new account creation, payment fraud, dissemination of spam, manipulating ratings and reviews, scraping – the possibilities are endless. 

To maximize their exploits during the peak activity period, attackers begin preparing in advance. They buy consumers’ stolen credit card details and payment data off the dark web. Using credential stuffing they validate this data and takeover accounts. They also create fake accounts on eCommerce platforms, web-stores, process fake coupons, and prepare bots or click farms to attack at scale.