Wed | Feb 1, 2023 | 5:02 AM PST

For some, Valentine's Day is a special day for love, romance, and affection. For others, it's another holiday to take advantage of people's emotions to steal their money and personal information.

Yes, the "others" that I am talking about are malicious threat actors, who frankly probably have nothing better to do on a holiday than ruin someone else's.

Over the last few years, it has been well documented how hackers utilize holidays to execute various cyberattacks. It's a perfect opportunity when employees are OOO and more concerned about what is going on in their personal life than work life. Even though Valentine's Day is not as big as some others like Christmas and Thanksgiving, expect hackers to take advantage nonetheless.

The Better Business Bureau (BBB) recently released a report on the top Valentine's Day scams, which includes things such as impostor websites, romance scams, wrong number scams, and fake florist scams. The report also notes that consumer spending is expected to reach nearly $26 billion for V-Day this year, which is a lot of potential money for scammers.

The U.S. Department of Justice (DOJ) also just released information on a case in which a Florida woman defrauded an 87-year-old Holocaust survivor of $2.8 million in a romance scam. The woman met the victim on a dating website and over several years convinced the victim to write a total of 62 checks covering made-up expenses.

Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, discussed these type of romance scams with SecureWorld:

"Romance scams are popular because they work and commonly target unsuspecting victims by slowly earning their trust before taking advantage of them. Romance scams tend to take a longer time from criminals as they need to build and earn the victim's trust first before tricking them into sending money or unknowingly infecting their system with malicious software. 

A major increase in romance scams is not for a financial reward but to gain unauthorized access to the victim's employer's systems and data. These types of social engineering techniques are typically more targeted at high-level employees with a goal to get them to leak data or click on a malicious payload that would infect their company devices. 

Always be suspicious of everything online and make sure you verify the person before building any type of trust. Check for mutual friends who can verify the person or other types of validated identities.  Identities that have very little details tend to be fake profiles.

Because most romance scams are international or cross-border in many instances, very little can be done to take legal action, and typically the criminals are in countries where it is not even considered a crime. It is still always important to report the incident,s and in some incidents the criminal gets caught when they visit a country with extradition treaties, but this tends to be for major incidents and does not occur often."

Valentine's Day is a time for love and celebration, but it's important to be aware of the scams that can potentially ruin the holiday spirit. By being mindful of your online activity and being cautious of unsolicited emails and messages, you can protect yourself from falling victim to a scam. Stay alert and enjoy the holiday with those you love!

Comments