Personalise it: Effective cybersecurity awareness programs
Why does personalised content matter?
Read MoreWelcome to the new 125 cyber warriors who joined us last week. Each week, we'll be sharing insights from the Black Hat MEA community. Read exclusive interviews with industry experts and key findings from the #BHMEA stages.
Keep up with our weekly newsletters on LinkedIn — subscribe here.
Discover insights and exclusive interviews from the global Black Hat MEA community.
Romance scams – and why they’re so expensive.
Back in 2019, the FBI’s cybercrime report found that romance fraud was the second most expensive category of crime – costing victims in America USD $363 million in 2018. That year, 18,493 romance scams were reported in the US. And in 2023, according to the Consumer Sentinel Data Book, there were 64,003 romance scams in the country.
Also in 2023, romance scams in the UK rose by over one fifth. And between 2017-2023 individuals in America lost a staggering $1.3 billion to this category of scam, as revealed in data from the Federal Trade Commission.
Globally, data gathered by behavioural biometrics cybersecurity firm BioCatch shows that romance scams rose by 19% in 2023, with North America and the Asia Pacific region seeing particularly sharp spikes at 183% and 104% respectively.
The top communication channels for these scams are phone calls and text messages, and key platforms include Facebook and Whatsapp – according to a report published by the Global Anti-Scam Alliance (GASA).
Typically, romance fraud is a long game. The threat actor moves slowly; identifying targets, gathering information from social media accounts or online profiles to understand what they’re lacking in their lives and what they most want from a romantic partner, and then being that partner.
Romance scam victims often feel that they’ve met their ideal partner online. They can’t believe their luck – this person seems to be perfect for them; seems to understand them; and they begin to feel that their life won’t be complete without them in it. The threat actor builds trust with them, and gathers more and more personal information as they go; and when it comes to the moment when the criminal requests funds or personal financial data, the victim is emotionally primed to provide.
The GASA report found that the most at-risk age group are older adults, with 55-64 year olds most likely to be defrauded.
This points to the painful reality about these scams: threat actors target those who are most likely to be both lonely and have money in the bank. Victims aged between 65 and 74 experienced the largest financial losses – because they’re more likely to have accumulated wealth over time.
Another reason why romance fraud can incur such significant losses for victims is that threat actors often don’t ask for large sums of money straight away. Instead, they might request smaller amounts at regular intervals over a long period of time – from a few months to several years. With the foundation of trust, victims want to help this person who they feel so deeply connected to – so they keep sending money to help with fabricated personal challenges in the attacker’s life.
These smaller payments are more difficult for banks’ fraud detection systems to catch – they don’t trigger alerts in the way that the transfer of a large sum of money would.
For targets, the most difficult aspect of romance fraud is the emotional and psychological damage it leaves behind. As well as life-changing financial losses, victims are left with no self-esteem, a sense that they’re unsafe, and trust issues that can stay with them for a very long time.
Romance fraud isn’t going away. And new technologies are making it easier for threat actors to research targets and execute scams. AI and deepfake images are creating new layers of credibility of scammers, allowing them to impersonate other people with great detail and accuracy.
In an interview with PYMNTS, Kate Frankish (Chief Business Development Officer and Anti-Fraud Lead at Pay.UK) said:
“The more sophisticated these types of frauds get, the more difficult it is for even the savviest person to understand that actually, this doesn’t feel right. It’s not real.”
As tech continues to blur the lines between reality and deception, it will become easier for malicious actors to manipulate vulnerable targets. Romance fraud education and early detection tools across platforms (including fintech, online dating, and social media) must keep pace with this upward trend. Often, the most vulnerable targets are the hardest to reach with digital awareness campaigns – posing a real problem to the financial services providers that are tasked with cleaning up when a long-term scam has been identified.
What can the cybersecurity sector do to mitigate the risks of romance fraud? We’d love to know what you think. Open this newsletter on LinkedIn and tell us in the comments.
Do you have an idea for a topic you'd like us to cover? We're eager to hear it! Drop us a message and share your thoughts. Our next newsletter is scheduled for 05 June 2024.
Catch you next week,
Steve Durning
Exhibition Director
Join us at Black Hat MEA 2024 to grow your network, expand your knowledge, and build your business.
Join the newsletter to receive the latest updates in your inbox.
Why does personalised content matter?
Read MoreTwo experts explain why the future is passwordless.
Read More