English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Honey traps on the Internet

In the world of espionage, a ‘honey trap’ traditionally involves a seductive encounter designed to coax information out of an agent, or to compromise him in his work.

Of course, the life of an ordinary person rarely features such mysteries and dangers. However, he (and in the vast majority of cases it is men who are the intended targets) should be watchful too. Numerous scammers, marriage fraudsters and other shadowy characters are out to manipulate the natural human desire to find a partner. This kind of criminal has long chosen the Internet to set traps on the web pages and through advertising. They even cast their nets into your email box. So the virtual "honey trap" is not uncommon on the World Wide Web – and once dazzled by a momentary passion, a user can easily find himself left without money or with a nasty infection on his machine.

Pleased to meet you?

Online dating sites have long occupied their niche on the Internet. There are millions of users registered on major dating resources (match.com, badoo.com mamba.ru, loveplanet.ru) and the popularity of online dating could hardly escape the attention of fraudsters.

Spam emails inviting the reader "to meet a nice young girl" or just "spend a night" have become quite common. Of course, they are in no way related to the major dating portals. Responsible sites care about their reputation and regularly check their users, while on the contrary spam emphasizes that registration is not required on the sites being advertised. By clicking the links in these emails the user runs the risk of infecting his computer with malware which is usually downloaded instead of the promised photos of a beautiful stranger.

Below is an email in Russian containing an advert from an online dating site. The message offers the chance to make new friends and start serious relationships. Dates can be arranged, while special apps are offered to chat, flirt and rate photos. The recipient first needs to register.

From: Лаура
Subject: Интим Mamba – сладкие знакомства!

Поиск новых знакомств с целью дружбы и серьезных отношений, а также попутчиков. Возможность назначать свидания. Онлайн-игры, приложения для общения и флирта, рейтинг фотографий. Регистрируйтесь, начинайте знакомиться и получать удовольствие от общения» Кто-то ждем именно Вас прямо сейчас! Это место, где осуществятся Ваши желания!

{LINK} ***********.5ballov.ru


But the link in this email led to an infected web page:

Phishing attacks are yet another threat. For example, Russian Internet users have recently started receiving mails inviting them to “adult sites” supposedly connected with the popular Odnoklassniki (classmates) social network. To access this site, users had to enter their login and password. All these sites turned out to be phishing – the scammers used them as bait to access Odnoklassniki accounts.

In addition, some of these bogus sites also asked for a phone number, potentially sparking a torrent of mobile spam.

A matter of technique

These fake sites not only pose risks associated with phishing or malware – they can also jeopardize the wealth of the unwary user.

One simple scam to loosen the users’ purse-strings is to demand registration or confirmation of age via a text message costing from 0.30 USD to 12 USD. However, once the money has been spent no access is provided – because there is no content to access.

Usually, these web resources do not last long – in a few weeks or even days the fake welcome pages of online dating sites disappear, or their content is changed to typical spam adverts (Viagra, etc.)

The mobile phone often turns out to be the ally of the “honey trappers”, who sometimes use rather crafty tricks. For example, Internet forums have started to publish messages from bewildered visitors to a dating site. They tried to communicate with the authors of the profiles via instant messaging on this website. However, they gradually realized that, far from flirting with a pretty girl, they were prompting mechanical responses from a robot. Since each message from the user was sent via a text message – at the user’s expense – the fraudsters quickly racked up profits from each visitor.

All you need is spam

Any dating site relies heavily on a large user base – so scammers use all their tricks to lure as many visitors as possible. Spam is the key tool here. Generally, unsolicited adverts promoting these web resources are distributed using very basic techniques. Most junk emails are messages containing two or three sentences and a link to a dating site. In many cases, the text of the message is generated automatically using templates of typical phrases - clearly visible if you look through several emails in a row. The format is very simple without any images. The text is primitive with lots of mistakes. All the author of the email needs is to lure the unwary recipient to a specific web resource – after that it is a purely technical matter.

Similar emails are spread widely in almost all major languages. The quality of the texts leaves much to be desired so the spammers bulk up the quantity: the volume of such mass mailings is literally enormous. The idea is very simple – there will always be a certain number of people who fall for it.

Of course, spammers do not neglect more prosaic ways of making money: the distribution of emails advertising brothels under the guise of saunas, prostitutes’ profiles, etc.

Dying to meet you

The most creative type of junk mail which has not lost its popularity throughout the years is the so-called "Nigerian" spam.

The more romantic authors of these letters target potential victims registered on dating sites.

The girl, who is allegedly writing the email, usually lives in a distant, war-torn African country. If the user is registered on the dating site, the girl’s first email lets him understand that she is madly in love with him. If the email arrives as part of a mass mailing, the girl’s feelings develop in the course of correspondence, becoming clear from the second or third email.

Below is one of the spam emails sent to tens of thousands users in January:

Subject: Hello my dearest Friend in mind with hope you are good healthy?


Hello my dearest Friend in mind with hope you are good healthy?

How are you today and your work with hope all is well?

Praise the day. I am very happy to meet you today I know this mail will find you in good health and also surprised, but I believe God has his own way to bring people together considering the fact, we have not know each other in person or even have seeing before, forgive my indignation if this mail comes to you as a surprise and may offend your personality for contacting you without your prior of consent, my name is Nadine Konan Soro, it's my pleasure to contact you today for a serious relationship, I saw your profile today from your Country data base dueling my browsing in the Internet I become interested in you,

I would like us to know ourselves more better I believe we can become a good Friend I like you for being my friend and I also seek advice from you that will help me, My dear, please write back to me so I'll tell you more about myself also send you my picture, Please do not let a humble heart that is lonely and looking for your reply, because friendship is a foundation to build other relatives, Remember that religion does not matter what matter is understanding and sincere matters a lot in life, I believe it's a day human beings use to know each other let makes the world a global village, I will be expecting to hear from you, I wish you happy near year and prosperous new year of the 2013 and prosperity

Have a great new year and remain blessed,
Yours sincere Friend Nadine,


The fiancée-to-be may tell her would-be husband the heart-rending details of her life. The girl’s faithfulness is confirmed by emails from her pastor and her lawyer.

Very soon the potential groom finds out his fiancée is an heiress to a million-dollar inheritance and is willing to share her wealth with her betrothed. However, to get his bride and her money out of the country her future husband is asked to pay for some legal services. The sum may amount to thousands of dollars but it pales into insignificance compared with the millions which will soon arrive in the groom’s bank account. Having received the money, the fake beauty, the pastor, the lawyer and the millions vanish into the vast expanses of the Internet.

These tactics need long-term correspondence because very few people would agree to pay considerable sums guided by their heart rather than their head. The first emails from the potential patsy are answered by the robot but once the fraudsters understand they have got a chance to make hay, they immediately enter the correspondence. Processing a potential victim can last a long time and here an individual approach and an understanding of psychology are especially important.

Depending on the how good the scammers’ skills are, they may try to gain unauthorized access directly to a user’s account by using social engineering techniques. This approach is laborious, but it pays off: the prize is greater than that from ordinary online fraud.

Then there are the fraudsters who send emails on behalf of "Russian brides". Such emails mostly target users in western Europe and the US.

Subject: hello

Hey.

I just saw your profile on a dating site. You're an interesting man. And of course I liked you. I'm looking for a good, good and good guy for friendship and possible serious relationship.

I send you my picture. Now do you see what I look like, and I hope that I'm your type.

Reply to my email, if I am interested you.

And do not forget to send me your photos.


Unlike the "Nigerians", these "Russian" brides are damsels in distress who invest their hopes in a future with a rich husband. It turns out that they only need money to buy an air ticket and finally meet the man of their dreams – and of course they will not refuse any presents that come their way.

It’s hard to believe that anyone with any common sense would get suckered by such a preposterous story. However, according to the media, the number of victims of fake bride scams remains constant, even though these adventures may end tragically for the “groom”. Two years ago there was a story on the Internet about a US citizen who had killed himself after losing hope of meeting his virtual sweetheart. According to unconfirmed reports, the scammers told him that his bride had committed suicide - but not before they had extorted a number of money transfers from him totaling about $ 50,000.

Follow the safety rules!

The Internet offers ample opportunities for communication. However, it is not always a safe place to search for romance.

We have described only a few of the honey traps lying in wait on the Internet. To avoid disappointment, follow these safety rules:

  1. Do not visit unknown dating sites, especially those advertised in spam
  2. Do not open emails from unknown senders
  3. Do not reply to emails if they seem suspicious
  4. Do not trust excessively generous or doubtful offers even if they are made by a pretty girl or a handsome man
  5. And, the most important piece of advice, use reliable security solutions to protect your computer

In conclusion, we wish our readers success in finding their true love – and avoid the bait of the fake paramours lurking on the Internet.


Comments

If you would like to comment on this article you must first
login


Bookmark and Share
Share

Author

Tatyana Kulikova


Blog