According to Duane Nicol, cybersecurity expert at Mimecast, reports of romance fraud have soared during the pandemic, with some fraudsters going as far as posing as Nicolas Cage to trick their victims into handing over cash.
"Cybercrooks that prey on vulnerable people online are nothing new. However, with the impact of successive lockdowns on people's mental state and the general uptick in cybercrime activity since the start of the pandemic, these types of scams have grown in popularity, with often devastating results for the victims."
In late 2021, eight Nigerian men appeared in court in South Africa after a massive international operation where the FBI, US Secret Service and Interpol helped the Hawks arrest them in connection with dating scams, where they defrauded a number of victims out of a combined R100-million. All the women who fell victim to the scam believed they were in serious romantic relationships after meeting their supposed partners online.
"One of the most effective tactics used by dating scam fraudsters is social engineering, which utilises a potential victim's personal information - often publicly available on popular social media sites - to psychologically manipulate them into sharing sensitive personal and financial information, or even cash," explains Nicol. "By the time the victims become aware of the scam, the fraudsters have often made away with their money and disappeared without a trace."
Social engineering recently gained greater public awareness following the release of Netflix documentary The Tinder Swindler, which detailed how one scamster tricked several women in Europe into taking out loans and sending him nearly $10-million - or R156-million - before he disappeared.
According to Nicol, dating scams could pose a threat not only to the intended victim but to their friends, colleagues and even workplace. "A fraudster could manipulate their victim to divulge sensitive information about their employer that can later be used to commit further fraud. For example, if the victim works at a bank, the fraudster could try to gain inside information about certain security processes and use this knowledge to exploit vulnerabilities."
One of the most effective ways for organisations to protect themselves against cyber risks - including social engineering - is to conduct regular cybersecurity awareness training. "Empowering employees with tools and knowledge to help them identify and avoid potential cyber threats can protect employees and the broader organisation," explains Nicol. "Considering the mental toll that the pandemic has taken on professionals, this additional support is vital as it builds greater resilience among an organisation's last line of defence: their employees."
To protect against dating scam fraudsters, Nicol provides tips to help users stay safe: