Like hardcore lovers who go the extra mile to fulfill their love-life goals, cybercriminals also try hard to accomplish their malicious operations. They always look for occasions or opportunities to take advantage of innocents. From fake dating apps to online romance scams, threat actors are everywhere online. Hence, being blindfolded in love is acceptable, but not in cybersecurity.
Research from security firm Check Point revealed that over 400 Valentine’s Day-themed phishing campaigns were active every week in January 2021. It also found a 29% year-over-year increase in Valentine’s Day-themed domains registered last month. Out of the 23,000 domains, 523 were malicious or suspicious.
“As people go online to purchase gifts for their loved ones during this period, Check Point Research (CPR) has observed a surge in malicious phishing email campaigns in the second half of January,” Check Point said.
Leveraging Imposter Sites
Check Point stated that the majority of the phishing emails are focused on buyer fraud with reused themes and webpages from past phishing campaigns. Attackers usually use phishing sites and text messages to trick users into clicking/downloading malicious URLs/attachments.
Check Point researchers found a phishing email pretending to be from Pandora (a Danish jewelry manufacturer), which was used in Black Friday-related phishing campaigns in November 2020. Attackers tried to attract users into purchasing jewelry items by offering unreliable discounted prices on a fake Pandora webpage.
“Since these attacks are specifically designed to exploit the human nature of wanting a good deal, it is extremely important to prevent these attacks from ever reaching their desired victims – because even the most vigilant and cyber-savvy amongst us can sometimes get fooled,” Check Point added.
Check Point recommended safe online purchasing measures to avoid security risks. These include:
- Verify you are ordering online from an authentic source. Don’t click on promotional links in emails, and instead Google search your desired retailer and click the link from the Google results page.
- Beware of special offers. An 80% discount on the new iPad is usually not a reliable or trustworthy purchase opportunity.
- Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.
- Never share your credentials and always be suspicious of password reset emails.