Dating sites become target of mass phishing attacks

App Dev and SOA

by CBR Staff Writer| 20 June 2014

The loveless are also becoming the luckless victims of hackers.

Hackers are attacking the lovelorn users of dating websites with phishing attacks, shifting their focus from the typical targets such as banks.

Users of several dating sites such as Match.com, eHarmony, Zoosk, Christian Mingle and many others have been targeted by phishing emails that have stolen various details, according to Netcraft, an online monitoring firm.

In order to hide their identity, criminals send emails from hacked websites and any data acquired is later used to befriend users of dating sites.

Once they have gained sufficient trust of users, criminals trick them into handing over cash to pay for non-existent medical condition or to help fictitious relatives.

In the most recent attack, a single compromised website was used to host several fraudulent PHP scripts. Most of these programmes were meant to steal usernames and passwords of online dating users.

These attacks are massive in nature as just in the past week, Netcraft had found over 100 compromised sites targeting Match.com users alone.

It is still not clear how these sites are being compromised to host the fraudulent programme, but servers and websites operated by small firms and individuals have all unknowingly become hosts of the phishing scam.

Hackers typically use fraudulent scripts to attack banks - however, according to Netcraft, only eight of the 862 fraudulent scripts have targeted such institutions.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.