Be careful about Valentine's Day phishing schemes, experts warn

Dubai - A recent survey found that 50% of respondents in the UAE said that they are not reporting suspect e-mails to their IT or security departments.

With a surge in online orders being predicted for Valentine’s Day this year due to the Covid-19 pandemic, security experts have warned shoppers to be careful about cybersecurity and phishing schemes when buying products for their loved ones.

“Valentine’s Day 2021 might look a little different this year with Covid-19 restrictions likely dampening the mood,” said Carl Wearn, head of Threat Intelligence Risk & Resilience at Mimecast. “And while this may prevent couples from dining out in droves, cyberthreat actors will seize the opportunity to attack unsuspecting lovers.”

He further explained that organisations also have to be more careful about Valentine’s Day phishing schemes this year, because more employees are using corporate-owned devices for personal use and the threat of targeted phishing attacks looms large. A recent Mimecast survey found that 87 per cent of respondents in the UAE said that they extensively use company-issued devices for personal matters, while 66 per cent reported an increase in personal usage of company-owned devices this year.

In addition, the results of the survey showed that 50 per cent said that they are not reporting suspect e-mails to their IT or security departments, leaving organisations at risk for serious breaches.

“Romance fraud increases exponentially year on year, and with the current pandemic this year will almost certainly be a bumper one for online romance fraudsters,” Wearn said. “If you believe you have been a victim please, please speak to friends or family and report it to the police. This kind of offending can, and does cause real hardship as criminals seek to take advantage of an individual’s good nature and demand ever increasing amounts of money.”

Despite changes in society in recent years, there is often still a feeling of personal embarrassment attached to being a victim of this form of crime, and many victims can, incorrectly, feel it is their own fault for becoming a victim.

This is never the case, Wearn pointed out. “The individuals carrying out these acts are highly skilled and completely dedicated to what they are doing. It is often a full-time job for them and you are extremely unlikely to be their only victim. It is important that any request for money is declined. At that stage, it is best to draw a line and cut communication.”

“The best ‘special cybersecurity tip for Valetine’s Day’ is really simple to describe,” said Paul Ducklin, principal security researcher at Sophos. “Whatever special cybersecurity tip you do for Valentine’s Day... keep doing it every day after that as well!”

“Even if there is just one cybersecurity thing you have been meaning to do for months, such as getting a password manager, turning on two-factor authentication, or setting a proper lock code on your phone... why not use Valentine’s Day to show a bit of cybersecurity love to yourself by actually doing it? And then keep on doing it!”

Cybersecurity improvements that you make in your own digital life help everyone else at the same time, he added. “Remember that if one of your accounts gets hacked, the crooks are almost certainly going to use that account to try to scam or trick your friends and family, using your name to win their trust. So, if you protect yourself better on Valentine's Day, you protect your loved ones better, too.”

rohma@khaleejtimes.com