Beware Valentines: You are at the risk of cyber attacks disguised as dating apps
Popular dating apps around the world often become a bait to spread mobile malware
Dubai: Ahead of Valentine’s Day on February 14, a cybersecurity company has advised people to be careful while using dating apps as they pose potential cyber attack threat.
While choosing the right partner is a matter of paramount importance, there is another matter that should be treated with care, said a statement issued by Kaspersky.
The cybersecurity company experts analysis has shown that within 2019 the region saw a circulation of 658 threats under the guise of over 20 popular dating applications, with 2,082 attacks on 1,352 users detected. The countries attacked most often were Egypt, accounting for 31% of all attacks in the region, Saudi Arabia (18%) and the United Arab Emirates (17%).
Popular dating services used worldwide, such as Tinder, Bumble or Zoosk, often become a bait used to spread mobile malware or retrieve personal data to later bombard the users with unwanted ads or even spend their money on expensive paid subscriptions. Such files have nothing to do with legitimate apps, as they only use a name and sometimes copy a design of authentic dating services.
Cybercriminals would most often choose Tinder to cover their files: this app’s name was used in nearly the third of all cases (693 attacks detected in the Middle Eastern regions). However, the researchers noticed that around 13% of attacks in the region came from the apps disguised as local services for solely Arab matchmaking.
How do cyber attacks happen
The danger these malicious files bring varies from file to file, ranging from Trojans that can download other malware to ones that send expensive SMS, to adware, making it likely every ping a user gets is some sort of annoying ad notification rather than a message from a potential date.
For instance, one of the applications that at first glance looks like Tinder is, in fact, a banking Trojan that constantly requests accessibility service rights, and upon getting them, grants itself all rights necessary to steal money from the user. Another names itself as ‘Settings’ right after installation, shows a fake ‘error’ message and later disappears, with a high likelihood it will return with unwanted ads a few days later.
Seeking to find love
Cybercriminals who specialise in phishing also do not miss the chance to feed on those seeking to find love. Fake copies of popular dating applications and websites, such as Match.com and Tinder, flood the internet. Users are required to leave their personal data or connect to the applications via their social media account. The result is not surprising: the data will later be used or sold by cybercriminals, while the user will be left with nothing.
A phishing website under the guise of Tinder teases users to register and find a date.
“Love is one of those topics that interests people universally, and, of course, that means that cybercriminals are also there. We advise users to stay attentive and use legal versions of applications that are available in official application storesm,” commented Vladimir Kuskov, head of advanced threat research and software classification at Kaspersky.
How to avoid cyber attacks
Always check application permissions to see what your installed apps are allowed to do
Do not install applications from unreliable sources
Find out more information about the dating website you are planning to visit
Use a reliable security solution
Avoid sharing too much personal information with strangers