Phishing professionals targeting dating apps in Africa, says Kaspersky

Vladimir Kuskov In 2019, Africa saw a circulation of 1,486 threats under the guise of more than 20 popular dating applications, with 7,734 attacks on 2,548 users detected, according to Kaspersky

The countries attacked most often were South Africa, accounting for 58 per cent of all attacks in the region, Kenya (10 per cent) and Nigeria (four per cent).

Popular dating apps used worldwide, such as Tinder, Bumble or Zoosk, often become a bait used to spread mobile malware or retrieve personal data to later bombard the users with unwanted ads or even spend their money on expensive paid subscriptions. Such files have nothing to do with legitimate apps, as they use a name and sometimes copy a design of authentic dating services.

Notably, cybercriminals would most often choose Tinder to cover their files: this app’s name was used in nearly a third of all cases (493 files detected in African regions). The danger these malicious files bring varies from file to file, ranging from Trojans that can download other malware to ones that send an expensive SMS, to adware, making it likely that every ping a user gets is some sort of annoying ad notification rather than a message from a potential date.

For instance, one of the applications that at first glance looks like Tinder is, in fact, a banking Trojan that constantly requests Accessibility service rights, and upon getting them, grants itself all rights necessary to steal money from the user. Another names itself as ‘Settings’ right after installation, shows a fake ‘error’ message and later disappears, with a high likelihood it will return with unwanted ads a few days later.

More than 7,700 attacks by threats disguised as dating apps in Africa

Fake copies of popular dating applications and websites, such as Match.com and Tinder, flood the internet. Users are required to leave their personal data or connect to the applications via their social media account.

“Love is one of those topics that interest people universally, and, of course, that means that cybercriminals are also there. Online dating has made our lives easier and yet uncovered new risks on the path to love. We advise users to stay attentive and use legal versions of applications that are available in official application stores. And, of course, we wish you best of luck finding the perfect date for this special day,” commented Vladimir Kuskov, head of advanced threat research and software classification at Kaspersky.

To avoid cyber risks ahead of Valentine’s Day, Kaspersky recommends:

Always checking application permissions to see what your installed apps are allowed to do

Not installing applications from untrusted sources, even if they are actively advertised, and block the installation of programs from unknown sources in your smartphone’s settings

Finding out more information about the dating website you are planning to visit: look into its reputation on the internet and try to find user feedback

Using a reliable security solution like Kaspersky Security Cloud that delivers advanced protection on Mac, as well as on PC and mobile devices.

twn Are you sure that you want to switch to desktop version?