May 20, 2021 • Insikt Group®
Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.
Recorded Future analyzed current data from the Recorded Future® Platform, dark web, and open-source intelligence (OSINT) sources to review dating scams and the methodology and operations used by threat actors. This report expands upon findings addressed in the first report of the Insikt Group’s Fraud Series, “The Business of Fraud: An Overview of How Cybercrime Gets Monetized”.
Dating fraud or dating scams are a form of social engineering in which threat actors feign romantic interest in a target to lure them into a false sense of security, allowing the threat actors to manipulate the victim into providing them with money or sensitive information or using them to channel funds. Because they are straightforward and highly effective, these scams have existed for decades, often targeting lonely individuals looking to make an emotional connection. Though appearing simple, like any other complex cybercrime operation, dating scams usually require cooperation among different threat actors, each of whom will have a specialty. Identifying targets, allocating convincing images and creating personas, and cashing out the stolen money are often all separate services offered on the underground that are combined to create a successful, persistent dating scam.
- Dating scams are a niche cybercriminal ecosystem where specialized threat actors tailor their attack methods against select targets.
- The creation of subsections of dark web forums that are specifically geared toward the various stages of dating fraud — including target selection, social engineering, and cashout schemes — indicates a continued interest from threat actors to engage in these types of scams.
- The sharing of information, tools, and manuals by threat actors on dark web forums allows fraudsters to learn tips and tricks from one another and to continue to refine their techniques to successfully engage with victims. This also lowers the barrier of entry so that even novice threat actors can successfully participate in dating fraud.
Editor’s Note: This post was an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.