Large dating sites have become a popular target for phishing attacks, demonstrating how cybercriminals shift from bank accounts to other, new targets. The internet monitoring company Netcraft found hundreds of PHP scripts on a hacked server, many of them designed to steal passwords of dating site accounts.
Of the 862 PHP scripts Netcraft found, only 8 were designed to steal bank account information. Most of the other scripts were designed to fake a legitimate dating site. The scripts should give an user the impression that he's on his usual dating site, while he's actually on a fake site built by cybercriminals. Once they are on the fake site, the scammers ask them to login and then steal the username and password.
Sites affected by the found PHP scripts were Match.com, Christian Mingle, Plenty of Fish, eHarmony, Chemistry.com, SeniorPeopleMeet, Zoosk and Lavalife. The obtained usernames and passwords are used by cybercriminals to give other users, looking for real relationships, the impressions they are a legitimate member of the site. By trying to establish a relationship they try to seduce the other member to pay all kinds of costs for them like for food, flights or medical treatments.
The stolen accounts that are used are of members with a paid subscription. On most sites a paid subscription is required to make contact with other members and the cybercriminals hope paid accounts look more legitimate. Also, by making use of existing accounts it's harder for the dating sites to find the fraudulent users and block them. It's estimated that every year thousands of people become victims of this kind of fraud.
