Criminals have launched massive phishing attacks against online dating sites, according to internet security firm Netcraft.
The most recent attack used a single compromised website to host hundreds of fraudulent PHP scripts, most of which were designed to steal usernames and passwords from dating site users.
Netcraft say this is a shift away from traditional phishing targets such as banks and other financial institutions.
A whole host of dating sites have been targeted, including Match.com, eHarmony, ChristianMingle, Zoosk and PlentyOfFish.
Only eight of the 862 fraudulent scripts on the server targeted banks.
Through hundreds of PHP scripts they redirect people’s credentials to another host website without them realising they have left the legitimate website.
Criminal gangs can then access existing paid accounts.
By accessing active accounts, they can take over ongoing conversations as well as risk less detection from the defences of dating sites.
From here, criminals try to run online dating scams, by tricking users into sending them money.
“The latest attacks make use of a phishing kit which contains hundreds of PHP scripts, configured to send stolen credentials to more than 300 distinct email addresses. More than half of these addresses used the yahoo.com domain, while gmail.com was the next most common choice.
“Although most of the fraudster’s scripts target online dating sites, some of them are also designed to steal credentials from users of these webmail platforms. Email accounts are often shut down after the provider notices they have been used for fraudulent purposes, so ensuring a fresh supply of compromised accounts gives fraudsters the opportunity to send even more phishing emails before the accounts get closed.”
They also found that some of the scripts were designed to steal credentials from Photobucket users, possibly so they can host photos and other images to further their scams.
They will also try and get the victim to move the conversation to another online messaging service or texting so they are even harder to detect.
Read more about the attacks here.