Author: Simon Fletcher

Date: 10th February 2022

Valentine’s Day is a day of wonder and joy for many people around the world. Unfortunately, it is also a special day for cybercriminals.

Whether you love it or hate it. Whether you’re wondering if you’re going to get a card or a gift from a loved one or even a secret admirer. Perhaps you are stressing over what to get your loved one. Either way, cybercriminals are rubbing their hands with joy as they come up with new and creative ways to exploit your emotions.

Law enforcement warns every year that scammers use poetry, flowers, chocolates, and other gifts to reel in victims, the entire time declaring their “undying love.” These are mostly in the ways of Valentine’s themed phishing scams.

Creative Scammers

Thanks to the gift buying frenzy for that special someone, shoppers are on the hunt for bargain deals and may not have their guards fully raised.

Cybercriminals know this and craft phishing emails containing popular Valentine’s Day gifts, offers and e-cards. Unfortunately, unsuspecting shoppers clicking on these links won’t be getting any bargains, though.

Instead, they may hand over personal information, system credentials, trigger a malware download onto their device, or open a compromised attachment leading to a ransomware infection.

An example Valentine’s scam

Below is an example of the sort of special Valentine’s offer you may receive. As usual these emails look very authentic and could easily catch out an unwary user.

The impact of phishing

Phishing is the primary vector of compromise for 29% of major ransomware attacks. Interestingly, contrary to popular belief, the impact of a user clicking on a phishing email, does not manifest immediately. Typically, the actors spend on average 13 days inside the compromised network before deploying the encryption process. During this period, they would move through the network and increase their control, identify, and remove backups for increased impact.

We heard a user in one organisation opening an attachment from a phishing email and reporting it to their IT department. But because there wasn’t an immediate indication of a compromise, they closed the incident and used the reasoning ‘close call’. In the meantime, on the user’s computer, malware was laying dormant and waiting for the user to log into the company’s systems so it could intercept their credentials and send them to the cybercriminals. Some weeks later, after the attackers had propagated their control throughout the organisation, all their systems, email and backups were encrypted and held to ransom.

How to protect yourself

Do not trust emails or advertising from online florists or other gift retailers until you are sure that they are valid. Otherwise, you might be turning over your credit card information to a scammer or infect your computer with malicious software. 

Do not trust an online greeting card, particularly if it does not indicate who sent it to you. Be very wary of a card sent by “a secret admirer.” Even if you recognise the name, confirm that it was really sent from that person before you click on the link and open the card.

Do not trust special deliveries, there is no special charge for alcohol so if someone requires a credit card payment for such a delivery, just politely decline knowing you just dodged a bullet.

Do not trust anyone who indicates he or she is in love with you and then wants to communicate with you right away on an email account outside of the dating site. Claiming to be working abroad, asking for your address and poor grammar are often signs of a foreign romance scammer. Many romance scams originate in Eastern Europe… The rule still applies: THINK before you click.

How to protect your organisation

There is no magic cure for phishing, as with all social engineering, it’s exploiting the human element of your security. The most effective defence is to educate your users. Which is easier said than done.

Recently we’ve deployed KnowBe4’s Security Awareness Training platform internally in Cyberfort. Which not only provides a large repository of online training courses, but also runs simulated phishing campaigns to measure the effectiveness of the training. We’ve noticed a dramatic reduction in the percentage click rate in the few months since implementation.

We’ve been so impressed that we are now recommending it to all our clients and offering to help setup and manage the platform on their behalf.

If the thought of ransomware is keeping you up at night, then give us a call. From consultancy, to managed security awareness training to full on security operation services, we’re here to help.

Other resources

Managed Security Awareness Training Service

Unsure how to keep your workforce up to date on the latest cyber threats? Are your current plans dated and ineffective? Move away from the old school training programs and move to the new way of training that results with your employees being empowered and confident. Find out more >

What can Arcturus do for you?

Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Arcturus Deep Dives

Arcturus cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >