Researchers at Bitdefender Labs have published research into a widespread online dating scam that is exploiting its victims with the promise of romantic connections and even relationships with women in war-torn Ukraine.
The campaign has ramped up since 10 June, and seems to be primarily targeting inboxes in the US, Ireland, Sweden, Germany and Denmark, and a smaller number in the UK. The spam emails originate from IP addresses located in Turkey.
Subject lines vary but are known to include Enjoy dating hot Ukrainian singles; Ukrainian beauties for love and more; New private message from your Ukrainian girl, and so on. Most of the communications analysed by Bitdefender’s team direct to two online dating platforms.
Targets foolish enough to click the links in the spam emails will be redirected to insecure dating platforms that solicit personally identifiable information (PII) including birthdates, gender and dating preferences.
They are then redirected to another online dating platform where they are able to start interacting with women. However, this doesn’t come for free, with packages running into the hundreds of dollars for the ability to send emails, chat, and unlock profile pictures.
The scam is a fairly typical example of its type that most internet-savvy users should be able to see coming a mile off, but it is one of the first romance scams observed to exploit Ukraine directly – although other phishing campaigns linked to the war have been observed.
“Every year, romance scammers steal hundreds of millions of dollars from unwary internet users who attempt to find love online,” wrote Bitdefender’s Alina Bízgǎ. “With losses surpassing half a billion in 2021, online dating scams are increasingly popular among fraudsters targeting lonely hearts across the globe.”
“Behind all the smoke and mirrors, users risk a lot of money in searching for their soul mate. Moreover, the likelihood of actually communicating with a Ukrainian woman is slim. Dating platforms such as these are notorious for using bots to facilitate communication with as many users as possible. Profiles seem too good to be true and many customer reviews reveal that despite breaking the bank to set up a real-life meeting with the women active on the website, none have shown up.”
The Bitdefender team has been following adult content and dating spam campaigns for some time, and has observed a relative consistent number of spam campaigns related to online dating throughout the past 18 months. This is likely linked to increased loneliness and isolation during the Covid-19 pandemic, said Bízgǎ.
“Although it [the campaign] does not align with the situation in Ukraine, it does profit from human emotional drivers and the lack of personal connection experienced by millions of individuals during the pandemic,” she wrote.
Bízgǎ added that while there is less immediate danger in interacting with this particular spam campaign – it is not, for example, a ransomware vector – it is not recommended that anybody access the websites or confirm any personal information.
More importantly, it is essential not to make any credit card or PayPal payments to the sites – they are unlikely to have adequate cyber security measures in place, and doing so risks compromising your financial details and opening yourself up to other forms of cyber crime further down the line.