Tessian’s mission is to secure the human layer by empowering people to do their best work, without security getting in their way.
Cybercriminals are exploiting “lockdown loneliness” for financial gain, according to various reports this week, which reveal that the number of incidents of romance fraud and romance scams increased in 2020.
UK Finance, for example, reported that bank transfer fraud related to romance scams rose by 20% in 2020 compared to 2019, while Action Fraud revealed that £68m was lost by people who had fallen victim to romance fraud last year – an increase on the year before.
Why? Because people have become more reliant on online dating and dating apps to connect with others amid social distancing restrictions put in place for the Covid-19 pandemic.
Romance fraud is the engineering of a supposed friendship or relationship for fraudulent, financial gain. Scammers invest significant amounts of time into socially engineering their victims – knowing that as they gain the victim's trust, they increase the chances of extracting considerable funds.
With more people talking over the internet, there has been greater opportunity for cybercriminals to trick people online. Adopting a fake identity and posing as a romantic interest, scammers play on people’s emotions and build trust with their targets over time, before asking them to send money (perhaps for medical care), provide access to bank accounts or share personal information that could be used to later commit identity fraud. Cybercriminals will play the long-game; they have nothing but time on their hands.
A significant percentage of people have been affected by these romance scams. In a recent survey conducted by Tessian, one in five US and UK citizens has been a victim of romance fraud, with men and women being targeted equally.
Interestingly, people aged between 25-34 years old were the most likely to be affected by romance scams. Tessian data shows that of the respondents who said they had been a victim of romance fraud, 45% were aged between 25-34 versus just 4% of respondents who were aged over 55 years old.
This may be because romance fraud victims are most commonly targeted on social media platforms like Facebook or Instagram, with a quarter of respondents (25%) saying they’d been successfully scammed on these channels.
This was closely followed by email (23%) while one in five people said they’d been targeted on mobile dating apps, and 16% said they’d been scammed via online dating websites.
This behavior is quite typical, say experts. Often romance fraud will start on dating apps or official dating websites but scammers will move to social media, email or text in order to reduce the trail of evidence.
It’s important to remember that most dating apps and websites are completely safe. However, as social distancing restrictions remain in place for many regions, people should consider how they could be targeted by social engineering attacks and phishing scams at this time.
We advise people to question any requests for personal or financial information from individuals they do not know or have not met in person, and to verify the identity of someone they’re speaking to via a video call. We also recommend the following:
And if you want to learn more about social engineering attacks, you can read Tessian’s research How to Hack a Human.