Category Archives: valentine’s day

Online security tips for Valentine’s Day: how to beat the cheats

Valentine’s Day is upon us once more, and so are lots of dating-friendly security tips. Read on and secure your profile, alongside (one hopes) the love of your life.

1. Not so hot singles in your area

Many dating apps have geotagging enabled, regardless of whether you created your profile on a website or through the app itself. Some dating sites base the location you initially enter to serve up a list of possible matches within a certain radius, but they don’t display the location info on your profile.

Get familiar with the granular controls on the dating site’s settings and make sure you understand the differences. Many mobile apps aren’t hugely clear about which thing does what, so if in doubt, disable a particular feature until you can be 100 percent sure. As a side note, ensure you don’t have geotagging enabled on any photographs you upload. If in doubt, use a picture from a public location away from your main residence. You can also use online tools to check what EXIF information is stored in images you want to use and remove it if needed.

You’ll find some additional practical advice in terms of real world security on the Selfie Security blog we posted a while back. You should pay particular attention to not including location specific items in your photograph(s), such as bills with your address on them. Of course, if you want to enable geotagging then go ahead—just be mindful of the issues that could arise. The easier you are to find, the easier it is for that one terrible date you had to hang around your home, workplace, or just generally trail around familiar locations and become a major nuisance. We see many cases of stalking due to jilted hangers on from dating apps—don’t fall into this trap.

If stalking does happen to you, go to your local police department and let them know what’s happening. Depending on how much information the other person has, it may already be too late to go on blackout, but you can at least let those in authority know that somebody is pestering you.

2. Money thieves in your area

Scammers setting up fake profiles then asking for money is astonishingly common, and it’s all to easy to be taken to the cleaners as a result. Just like 419 scams, romance fakers often use templates—or just lazily cut and paste Bot spam to reuse for their own purposes—and fans of dating sites should get into the habit of Googling common phrases, just to see if someone else is saying the same thing. If Steven J. Fakename is posting identical romantic overtures on six different sites, you can be sure it’s time to move along.

With regard to common scam angles, watch out for anything related to:

  • Sick relatives
  • Medical emergencies
  • Lost overseas and need a plane ticket
  • Lost passport and need a visa/replacement passport
  • Wallet stolen and no funds available
  • Coming to visit, but there’s a last minute ticket price hike and I need your help

On a related note, don’t ever let strangers send money to your bank account for any reason. They’ll probably get you to forward the cash on to someone else, and at that point, you’ve become a money mule.

That’s a criminal offence, and you really don’t want to be doing any of those.

3. My other profile is also in your area

Be cautious around links sent your way that direct you to another website, and be particularly careful around links to downloadable files. Scammers will often try and remove you from the relative safety of the service you happen to be using, directing you to links and files that the dating site you started with can’t hope to contain. That’s been a staple attack on social media sites for many a year, but it works with dating too.

If someone sends you shortened URLs, you can usually expand them to see where they end up. If you’re still not sure, try googling the link. If still nothing comes up to allow you to make an informed decision, you should just ignore whatever you’ve been sent—it isn’t worth the risk. You’ll probably want to block and report the sender while you’re at it.

4. Personal information in your area

Don’t put your real name, age, or location in your profile, email, or anything else related to the dating site you’re on. Anonymous usernames are fine. You should also use a disposable email address when you sign up to a new dating service—not only will this keep people you’d rather not stay in touch with away from your main mailbox, it’ll also be obvious if a dating site decides to sell your email to spammers. This is a good trick to use outside of online dating, too. Of course, the less personal information you put on a dating profile, the more likely it is that potential suitors may simply move on. As with everything, the decision is yours.

5. Bots in your area

If you have an open private message system, you’ll likely receive many, many messages from people wanting to chat. Some dating websites will also send multiple daily messages to users via email claiming that persons x, y, and z would like to talk to you. They may even ask about cookie dough (and it better be delicious considering the eventual $118.76 monthly fee). Most dating bots will cycle through a canned script of a dozen or so phrases before claiming you need to be “verified” in some way. This will inevitably lead to a request for payment information.

Don’t do it. If in doubt, contact the service you’re using and ask them about it directly. You’ve probably seen examples of this on blogs about Skype spam.

Bots will advertise everything from pornography to mobile games, and spammers commonly use images ripped from the net for their profile avatars. You can try and see if the picture is a stock photo by using the “Search Google for this image” option in your browser, or fire up TinEye to see what’s out there.

Bot accounts probably won’t have a realistic looking bio, or have links to profiles on popular social networks. If it looks cookie-cutter, there’s a good chance it might be. Feel free to see if they pop up across the web anyway and you’ll quickly learn if they’re one of a kind or part of a wave of identikit bots. The bottom line is that nobody is going to start sending you random messages that you’re their hero and can we get married in 10 minutes please, so approach any and all conversations with a healthy dose of skepticism from the outset.

6. Dubious pics in your area

Be wary of people asking for intimate photographs and/or video, as this is a surefire way to find yourself blackmailed into handing over lots of money. If you do pay the blackmailer, there’s no guarantee the images won’t be leaked anyway. There’s also the issue of revenge porn to consider, and the legal issues that will inevitably arise as a result.

Put simply: don’t do it. Again.

Even with these precautions in place, problematic pieces of tech, such as the recent Deepfakes furore ensures that anyone placing even a few dozen images or video online could end up in a (fake) pornographic movie. Given that people tend to place many, many photos of themselves in their best light on dating pages, along with the occasional movie clip, it might be an idea to at least roll back the volume of photos you have of yourself online.

Hopefully, the above will help to keep you out of trouble while swiping left, right, up, and quite possibly down. Here’s to a safe online Valentine’s Day experience for everybody.

The post Online security tips for Valentine’s Day: how to beat the cheats appeared first on Malwarebytes Labs.

Security Affairs: Necurs botnet is behind seasonal campaigns of Valentine’s Day-themed spam

Necurs botnet made headline again, the experts at IBM X-Force research team observed a spike in seasonal campaigns of Valentine’s Day-themed spam emails.

Necurs botnet made headline again, the experts at IBM X-Force research team observed a spike in the activity of the infamous botnet.

Necurs was not active for a long period at the beginning of 2017 and resumed it activity in April 2017. The Necurs botnet was used in the past months to push many other malware, including LockyJaffGlobeImposterDridex , Scarab and the Trickbot.

Scammers are mow using the Necurs botnet to send out an amazing number of messages offering companionship waiting for Valentine’s day.

Crooks are using the spam messages to trick victims into sharing personal photos that are used later by cybercriminals to blackmail the victims.

According to the IBM X-Force team, the campaign started in mid-January, it leverages the overall Necurs botnet that is composed of 6 million bots.

“The current campaign from Necurs reached over 230 million spam messages within a matter of two weeks as the botnet spewed tens of millions of messages in two major bouts. The first surge started on Jan. 16 and ran through Jan. 18; the second started on Jan. 27 and died down on Feb. 3.” reads the analysis published by X-Force researchers.

The expert spotted two current campaigns that sent out a total 230 million spam messages in 14 days-period.

necurs spammers valentines day

 

The first campaign reached a peak between Jan. 16 and Jan. 18 and the second one began on Jan. 27 and lasted through Feb. 3. Researchers observed an average 30 million spam messages were sent each day.

“Looking at the messages being sent out in excess of 30 million emails a day, the current campaign delivers short email blurbs from supposed Russian women living in the U.S. While typical spam email is notorious for bad spelling and grammar, these samples are rather well-worded.” continues the analysis.”

The experts determined that the spam messages are being sent from about 950,000 unique IP addresses, Most of IP are hosted in Vietnam and India while the top sender IP address is hosted via a Pakistani-based ISP.

“Together, Vietnam and India hosted 55 percent of the IPs from which the spam originated. It’s worth noting that spammers constantly shuffle the resources they leverage and the originating IPs logged in one campaign are not likely to be used in the next one. This is how fraudsters avoid blacklists and blocking.” added the researchers.

After the takedowns of the Andromeda and Avalanche botnets, Necurs remains the largest spam distributor in the cybercrime ecosystem. Crooks will continue to leverage the Necurs botnet for their spam campaigns, for this reason, the most effective countermeasure is to increase employee awareness on such kind of threats.

 

Pierluigi Paganini

(Security Affairs – Necurs botnet, Valentine’s Day)

The post Necurs botnet is behind seasonal campaigns of Valentine’s Day-themed spam appeared first on Security Affairs.



Security Affairs

Necurs botnet is behind seasonal campaigns of Valentine’s Day-themed spam

Necurs botnet made headline again, the experts at IBM X-Force research team observed a spike in seasonal campaigns of Valentine’s Day-themed spam emails.

Necurs botnet made headline again, the experts at IBM X-Force research team observed a spike in the activity of the infamous botnet.

Necurs was not active for a long period at the beginning of 2017 and resumed it activity in April 2017. The Necurs botnet was used in the past months to push many other malware, including LockyJaffGlobeImposterDridex , Scarab and the Trickbot.

Scammers are mow using the Necurs botnet to send out an amazing number of messages offering companionship waiting for Valentine’s day.

Crooks are using the spam messages to trick victims into sharing personal photos that are used later by cybercriminals to blackmail the victims.

According to the IBM X-Force team, the campaign started in mid-January, it leverages the overall Necurs botnet that is composed of 6 million bots.

“The current campaign from Necurs reached over 230 million spam messages within a matter of two weeks as the botnet spewed tens of millions of messages in two major bouts. The first surge started on Jan. 16 and ran through Jan. 18; the second started on Jan. 27 and died down on Feb. 3.” reads the analysis published by X-Force researchers.

The expert spotted two current campaigns that sent out a total 230 million spam messages in 14 days-period.

necurs spammers valentines day

 

The first campaign reached a peak between Jan. 16 and Jan. 18 and the second one began on Jan. 27 and lasted through Feb. 3. Researchers observed an average 30 million spam messages were sent each day.

“Looking at the messages being sent out in excess of 30 million emails a day, the current campaign delivers short email blurbs from supposed Russian women living in the U.S. While typical spam email is notorious for bad spelling and grammar, these samples are rather well-worded.” continues the analysis.”

The experts determined that the spam messages are being sent from about 950,000 unique IP addresses, Most of IP are hosted in Vietnam and India while the top sender IP address is hosted via a Pakistani-based ISP.

“Together, Vietnam and India hosted 55 percent of the IPs from which the spam originated. It’s worth noting that spammers constantly shuffle the resources they leverage and the originating IPs logged in one campaign are not likely to be used in the next one. This is how fraudsters avoid blacklists and blocking.” added the researchers.

After the takedowns of the Andromeda and Avalanche botnets, Necurs remains the largest spam distributor in the cybercrime ecosystem. Crooks will continue to leverage the Necurs botnet for their spam campaigns, for this reason, the most effective countermeasure is to increase employee awareness on such kind of threats.

 

Pierluigi Paganini

(Security Affairs – Necurs botnet, Valentine’s Day)

The post Necurs botnet is behind seasonal campaigns of Valentine’s Day-themed spam appeared first on Security Affairs.