Lovers, be careful of dating apps this Valentine’s Day
Those hoping for a bit of lovin via a dating app are being warned to think twice, as malicious mobile apps related to romance and dating are coming in at full force.
According to digital risk management firm RiskIQ, the approach of Valentine's Day causes a recurring seasonal spike in the availability and downloads of legitimate, illegitimate, and malicious mobile apps related to romance and dating.
Unfortunately, this predictably frenetic February dating app activity plays right into the hands of cyber threat groups and individuals looking to take advantage of heartache-induced lapses of judgment, RiskIQ says.
"These threat actors will leverage popular keywords and branding of well-known dating apps to trick people into downloading their fake and malicious apps, which can steal sensitive information, redirect traffic to malicious pages, and infect devices with malware," the company explains.
To combat this problem, RiskIQ applies its crawling platform to monitor 120+ mobile application stores and the nearly two billion resources it scans daily to look for mobile apps in the wild.
"With this proactive store-first scanning mentality, we observe and categorise the threat landscape as a user visiting app stores and downloading applications would," the company explains.
"Every app we encounter is downloaded, detonated, analysed, and stored to build a repository of over 14,000,000 mobile apps.
For RiskIQ's 2017 Valentine's Day dating app research, the company queried this data repository to find apps utilising the names of seven of the most popular dating apps in the United States:
· Zoosk
· Tinder
· Match
· OkCupid
· Grindr
· Happn
· Coffee Meets Bagel
"We found hundreds of mentions of these seven brands in apps and app stores around the world," RiskIQ says.
"While not all of the apps listed in Fig-1 are harmful to users, the vast majority of them have nothing to do with the brands they're leveraging," it explains.
Because these brands have no control over the content of the apps using their names, this (often fraudulent) activity can result in false brand association and the degradation of trust with consumers, RiskIQ says.
Although not all the apps RiskIQ found are directly harmful to end-users, the company says many are extremely dangerous and have been blacklisted by RiskIQ as a result.
These malicious dating apps were built to be used for phishing, distributing malware, or redirecting users to malicious pages:
Take a swipe at malicious dating apps: How to protect yourself
"This Valentine's Day, we know threat actors are taking aim at victims looking to download romance and dating-related apps," RiskIQ says.
By following these steps, you can save yourself from a broken heart:
- Beware of too many permission requests.
- Learn the signs of when an app is not credible
- Positive reviews and many downloads does not equal safe and trusted
- Only download from **official** app stores