Valentine’s Day malware surge is a test of corporate email defences

Don’t let lonely employees compromise your network and the data it carries

It may be a day for love and for lovers, but Valentine’s Day is also living up to expectations as a magnet for cybercriminal activity.

Advising of an ongoing dating-spam campaign driven by the Necurs botnet, IBM’s X-Force cybersecurity team warned businesses of all types to be on the alert as a massive influx of spam saw more than 230 million dating-related spam messages sent over two weeks out of the last four.

More than 30 million daily emails target lonely-hearts with short emails supposedly sent by Russian women living in the United States. These scams have been around since time immemorial but, as X-Force executive security advisor Limor Kessem noted, “when it comes to spam, mass volume makes for a numbers game, and fraudsters only ned a small percentage of recipients to reply.”

“The threat actors behind this campaign will likely lure their victims to share revealing photos and extort them, ask for money to come visit or simply infect them with malware.”

The dating spam has been sent from around 950,000 different IP addresses, with the top sender a Pakistani ISP that has already been reported as a spammer 655 times. Vietnam and India were the most frequent originators of the spam, comprising 55 percent of all messages sent during the campaign.

Emails aren’t the only vector by which cybercriminals are working to capitalise on others’ loneliness. Many scammers are working to set up online chats with victims, collecting enough background information about them to share with a third party for use in identity theft and similar fraudulent activity.

Consumers must be cautious what information they reveal about themselves and to whom, noted Tony Jarvis, Check Point chief strategist for APAC, Middle East and Africa. They should also be wary of clicking on attachments from people they don’t know, while online shoppers should go straight to the target Web site instead of clicking on links that purport to take them to an online store.

The implications of a few stray clicks on Valentine’s Day can extend far beyond consumers’ own wallets, however: with malware-laden email attachments flying fast and furious, employees potentially expose their employers’ networks to laterally-moving malware that can compromise key systems and steal sensitive data. For this reason, CSOs must make sure they have implemented both technological defences and employee-education campaigns to reduce the chance of infection during times of peak spammer activity.

Romance-linked fraud is a perennial problem that is remarkably successful as perpetrators draw on a variety of techniques to win victims’ trust. The US FBI’s Internet Crime Complaint Center reports that romance scams “result in the highest amount of financial losses to victims when compared to other crimes.” That organisation received almost 15,000 complaints from US totalling more than $US230m ($A296m) in 2016 alone.

Australia’s ScamWatch, maintained by the Australian Competition & Consumer Commission (ACCC), paints a similar story, with 341 reports of dating & romance-related scams in January causing more than $2m in total losses.

Fully 36.7 percent of these scams are delivered via email, ScamWatch says, with 27 percent carried over social networking. Mobile applications accounted for 10 percent, with women – accounting for 52.5 percent of all scams – more susceptible than men (44.9 percent).

The Valentine’s Day peak is being augmented by additional malware campaigns coinciding with the ongoing Pyeongchang Winter Olympics, which has lived up to expectations as cybercriminals conducted a campaign against the event’s opening ceremony.