Plenty of phish dating
Due to more pressing concerns, I will not be updating this blog or adding new content.I will also be closing the blog to comments as I no longer have the time to moderate them.While many online dating sites take measures to identify fake profiles, phishing for genuine established accounts gives fraudsters the edge.If a legitimate profile has been in active use for several months without cause for concern, then compromising this profile will allow the fraudster to benefit not just from the plausible appearance of the profile, but also take over several ongoing conversations.The real owner of the hijacked account will have already done the hard bit by establishing dialogues with other members on the site, possibly gaining enough trust to allow the fraudsters to strike immediately with success.The latest attacks make use of a phishing kit which contains hundreds of PHP scripts, configured to send stolen credentials to more than 300 distinct email addresses.The online dating sites targeted by the latest attack include match.com, Christian Mingle, POF (Plenty Of Fish), e Harmony, Chemistry.com, Senior People Meet, Zoosk, Lavalife, amongst others.Only eight of the 862 fraudulent scripts on the server targeted banks.
The amount of money involved in these scams can be considerable.Some of the scripts are also designed to steal credentials from Photobucket users, possibly so the fraudsters can host photos and other images to further their scams.It is not unusual for fraudsters to encourage their victims to migrate to instant messaging software or even text messages instead of continuing to chat on a dating site, which could be monitored to prevent such fraud.Rather than displaying any phishing content, the server simply accepts values that have been submitted from elsewhere, such as a form hosted on another website or within a phishing email.The victim is then immediately redirected to the legitimate website, most likely without realising that his credentials have just been transmitted to a different website.
Search for plenty of phish dating:
The subject of the email is modified to describe what type of credentials are in the email (e.g.