Internet scammers who lured victims through dating sites to phishing resources and deducted their funds began to bring this scheme to the EU, CIS countries, Turkey and the UAE, cybersecurity experts say. Experts attribute the beginning of the “export” to the success of the scheme in the Russian Federation, as well as to the move abroad of many Russians who are looking for acquaintances in new places of residence. Fake Date – spread abroad, told Kommersant in Group-IB. Swindlers master the countries of the CIS and Europe, as well as the USA, the United Arab Emirates, Australia and Turkey. So, in a little more than six months, 52.2% of incidents under the Fake Date scheme occurred in the EU, 30.4% in the CIS and 17.4% in other countries. Group-IB discovered that some of the fraudulent resources are already localized in local languages, and some, in English, are aimed at several locations at once.
After a short communication, the victim is invited on a date, sending a link to buy tickets to an event, cinema or theater that leads to a phishing site. A person buys tickets but does not receive them. Usually, the lifetime of a fraudulent account on a dating site is no more than 20 minutes, Andrey Bronetsky, CEO of Mamba, clarified: “Knowing this, the scammer tries to take the interlocutor to a third-party messenger.” In total, according to him, about 1.5 thousand profiles are blocked per day, and the percentage of real cybercriminals on the site is quite low.
The first fraudulent resources operating under the Fake Date scheme were noticed outside of Russia in March, by the end of summer, their number reached fifty, said Yulia Zingan, senior analyst at the CERT-GIB Information Security Incident Response Center. According to her, most often, cybercriminals use fake resources of theaters, cinemas and food delivery services as bait: “Now there are at least four fraudulent teams operating abroad under the Fake Date scheme.”
companies, in the Russian Federation the scheme is already well known, and in many other countries the user is more trusting. According to the company, in 2021, the revenue of just one group of such scammers exceeded 18 million rubles. with more than 7 thousand transactions.
In 2021 in Russia, one of the most common “rods” on dating sites was an invitation to performances by popular comedians (standup), then analysts counted about 25 fake sites on the topic of comedy (see Kommersant dated August 28, 2021). In 2022, the creators of phishing sites in Russia focused more on the news agenda, for example, creating fake offers to provide documents to defer mobilization (see Kommersant on September 21).
At the same time dating applications are used almost all over the world today, notes R-Vision product manager Petr Kutsenko:
According to his forecast, the growth of revenue from Fake Date groups’ activities abroad next year will be about 5–7%: “The growth of phishing sites in the CIS and the EU may be associated with an increased level of relocation of Russians to the countries of these regions during 2022.”
Schemes that have become widespread and publicized in one country may -the moment to become irrelevant, says Olga Svistunova, content analyst at Kaspersky Lab: targeting the audience of another country, slightly adapting it to the new region. In general, the expert adds, the topic of dating is one of the eternally relevant, attackers have already actively used it in spam and phishing mailings around the world.