Tinder has seen an influx of spammers and fake profiles, according to internet security company Symantec.
They first warned about adult webcam spam on the app a year ago, saying there would be a “flood” once the app was released on Android.
A year later, the security company say they have seen three main spam campaigns on the app.
The first noticed were adult webcam spammers, which would tempt users to click a link to another site.
These campaigns evolved – modifying their scripts, switching to short URLs like bit.ly, and eventually asking users to move the conversation to Kik messenger to “close the deal.”
The second type was something noticed in April, when Tinder was invaded by love bots promoting the mobile game Castle Clash.
Users of the app reported on Twitter that after getting matched with women on the app, following a brief exchange, they were sent messages like “relaxing with a game on my phone, castle clash…have you heard about it?”.
They were then sent a link, which redirected to the URL “Tinderverified.com”.
While those specific bots have since disappeared, Symantec said that “one of the more recent adult webcam spam bots repurposed the Castle Clash script. The spam bot used the same username (TravelGram92) but instead linked to an adult webcam site called “Slut Roulette”.”
In the past month however, the “overwhelming majority” of spam on the dating app is fake prostitution profiles.
These take the form of provocative pictures of women, with a text overlay giving details about price and services, and a URL to connect with the women.
Satnam Narang, security response manager at Symantec, said: “If a user manually inputs one of the URLs listed on the image overlay into their address bar and visits the site, they will be redirected to an explicit personals website for casual dating and hookups.”
These profiles put the terms – such as GFE (Girlfriend Experience) – and rates in the picture, meaning they evade spam filters that search through the profile bio.
The cyber security company say all of these campaigns have one thing in common – affiliate programs, which will pay scammers if the campaigns are successful and leads are converted.
They reference blamcams, whose three month campaign, using seven URLs, resulted in half a million clicks.
“Depending on the offers given by the affiliate program and the number of successful conversions of leads, this particular spammer likely earned quite a bit of money.
“Some of the sites pay $6.00 per lead for a successful sign-up and up to $60 if a lead becomes a premium member,” Narang said.
Symantec recommend that users report such profiles to Tinder, by clicking below the profile image, and choosing the “Feels like SPAM” option.
Read the Symantec report here.
