Gangs run mass-scale romance cons with phished dating-site logins


Netcraft reports on a rising tide of automated phishing deployed against online dating sites; crooks steal accounts, strike up romantic relationships with their victims, then run 419-style cons on them. Using dating sites as part of a con isn't new, but using stolen accounts to do it is, especially at scale. The phishing kits are easy to deploy and are used to capture credentials for dating sites including match.com, Christian Mingle, POF (PlentyOfFish), eHarmony, Chemistry.com, SeniorPeopleMeet, Zoosk and Lavalife. Interestingly, the phishing kits found in the wild now disproportionately seek logins for dating sites, as compared to banking sites and other traditional fraud targets.


Criminals launch mass phishing attacks against online dating sites [Paul Mutton/Netcraft]

(via /.)

(Image: …And Then Sometimes Valentine's Day Sucks!, Jackie, CC-BY)