Three is a crowd on Valentine’s Day, especially if the ‘third party’ is a cyber criminal. The Union government and top cyber security watchdogs have rang alarm bells over a different type of ‘love attack’—increased cyber crime possibilities related to Valentine’s Day and related shopping.
Close on the heels of the Union home ministry issuing a warning to phone and internet users to be cautious of suspicious links offering Valentine’s Day offers, Check Point, one of the world’s leading cyber security establishment, issued an alert Friday afternoon with data from its ‘Threat Prevention’ technologies that showed increased phishing emails and malicious domain registrations related to Valentine’s Day online.
“As people go online to purchase gifts for their loved ones during this period, Check Point Research has observed a surge in malicious phishing email campaigns in the second half of January, with over 400 malicious Valentine’s Day-themed individual phishing emails weekly,” it said in its statement.
Most of the phishing scams aim to defraud shoppers by leading them to fake websites that look similar to those of established brands offering jewelleries or other gifts that are popular gifting options during this period. The sites offer cheaper than normal prices, enticing gullible customers to part with their financial information.
Additionally, the agency noticed a spike of nearly 30 per cent in new Valentine’s Day-themed domains being registered through the month of January—in time for the season. Of 23,000 new domains, more than a 100 were established to be malicious, with the cloud of suspicion on over 400 others.
Home ministry’s ‘Cyber Dost’ initiative had also warned of Valentine’s Day online scams, like invitation for prizes associated with quiz or lucky number winners or links to discounts in star hotels to celebrate the special day. It also warned of fake websites, which may offer gift vouchers, high discounts or deals on Valentine’s Day items like chocolates, jewellery, roses, etc.
“Avoid to click such malicious links as it can install malware or lead you to malicious/fake websites. And verify the genuineness of deals before purchasing anything online,” the government alert warned.
“Other common attack vectors are phishing sites and text messages usually aimed at stealing credentials to perform account takeovers,” explains Check Point’s blog, further adding, “These can lead to devastating results such as data loss, fraudulent money transfers and more.”
CERT-IN, India’s official computer emergency response team, had also undertaken a text message campaign earlier this week, advising users to keep their "digital devices bot free", offering links to bot removal tools. It is among a total of seven tools the government officially released this week for citizens to safeguard smartphones and computers from botnet attacks.