Security experts uncover Tinder porn site spam scheme

Chatbots use verification offers to lure in victims

Security experts have spotted a Tinder scam that tricks users into signing up for porn site membership in exchange for 'verification'.

The scam, identified by cyber security firm Symantec, uses chatbots to initiate conversations with the dating app's male users. After luring victims in with witty banter, the bots ask them if they are "verified by Tinder".

Note that this is separate to Twitter-style 'blue tick' verification, which Tinder launched last year for celebrities and public figures. Instead, the bots explain that this verification is "a free service tinder put up, to verify the person you wanna meet isn't a serial killer lol".

Victims are directed to an external site, which uses copycat formatting, fonts and logos of Tinder's branding. It promises that after completing the verification form, users will receive a code that they can send to their match for confirmation.

Advertisement
Advertisement - Article continues below

The verification form is, perhaps unsurprisingly, a scam. After providing a user name, password and email, victims must 'verify their age' using a credit card.

The site proudly proclaims that there is "no charge to become verified", but included at the bottom of the page is fine print revealing that unless they specifically uncheck the box, they are opting in to "special FREE bonus offer".

This 'bonus offer' consists of memberships to porn and explicit webcam sites, which have a total value of 118.76. These sites operate on an affiliate model, which means that the scammers receive a cut of the membership fees for every user they bring to it.

"Scammers are naturally attracted to large online communities and the surge in online dating amongst millennials makes these sites a prime target," said Nick Shaw, Norton's EMEA vice president and general manager.

"In the online world, as with anything in life, people aren't always what they seem," he said. "Therefore it's important that you are vigilant so you can enjoy dating online without placing yourself in a vulnerable position."

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/cloud/amazon-web-services-aws/354223/what-to-expect-from-aws-reinvent-2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Visit/business/business-strategy/354252/huawei-takes-the-us-trade-sanctions-into-its-own-hands
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019