Security experts have spotted a Tinder scam that tricks users into signing up for porn site membership in exchange for 'verification'.
The scam, identified by cyber security firm Symantec, uses chatbots to initiate conversations with the dating app's male users. After luring victims in with witty banter, the bots ask them if they are "verified by Tinder".
Note that this is separate to Twitter-style 'blue tick' verification, which Tinder launched last year for celebrities and public figures. Instead, the bots explain that this verification is "a free service tinder put up, to verify the person you wanna meet isn't a serial killer lol".
Victims are directed to an external site, which uses copycat formatting, fonts and logos of Tinder's branding. It promises that after completing the verification form, users will receive a code that they can send to their match for confirmation.
The verification form is, perhaps unsurprisingly, a scam. After providing a user name, password and email, victims must 'verify their age' using a credit card.
The site proudly proclaims that there is "no charge to become verified", but included at the bottom of the page is fine print revealing that unless they specifically uncheck the box, they are opting in to "special FREE bonus offer".
This 'bonus offer' consists of memberships to porn and explicit webcam sites, which have a total value of 118.76. These sites operate on an affiliate model, which means that the scammers receive a cut of the membership fees for every user they bring to it.
"Scammers are naturally attracted to large online communities and the surge in online dating amongst millennials makes these sites a prime target," said Nick Shaw, Norton's EMEA vice president and general manager.
"In the online world, as with anything in life, people aren't always what they seem," he said. "Therefore it's important that you are vigilant so you can enjoy dating online without placing yourself in a vulnerable position."
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
Malicious WordPress plugin installed backdoor on thousands of websitesNews Widget plugin spewed spam to unsuspecting victims
-
711 million data records revealed in spambot dumpNews The data contains email addresses, passwords and server information too
-
YouPorn and Pornhub activate HTTPS encryptionNews Smut sites switch on super-secure encryption to stop state snoopers
-
Spammers selling fake tickets for Rio Olympics 2016News Fraudsters have created fake ticketing websites to trick users
-
PPI companies punished for sending spam textsNews One company was fined £80,000 for sending 1.3 million texts to unsuspecting victims
-
Malware spotted lurking on YouPorn and PornhubNews Malvertising campaign had 800 million potential victims before being removed
-
Uh-oh - millions of hook-up customers have their details exposed
News But AdultFriendFinder still isn't telling new customers it's been hacked
-
Why restricting porn access opens door to spyingIn-depth Tories' election pledge to introduce age restrictions is more worrying than it appears
