• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

LameHug: first AI-Powered malware linked to Russia’s APT28

 | 

5 Features Every AI-Powered SOC Platform Needs in 2025

 | 

Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025

 | 

Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

 | 

United Natural Foods Expects $400M revenue impact from June cyber attack

 | 

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

 | 

UNC6148 deploys Overstep malware on SonicWall devices, possibly for ransomware operations

 | 

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

 | 

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

 | 

Former US Army member confesses to Telecom hack and extortion conspiracy

 | 

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

 | 

DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assault

 | 

U.S. CISA adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog

 | 

Android Malware Konfety evolves with ZIP manipulation and dynamic loading

 | 

Belk hit by May cyberattack: DragonForce stole 150GB of data

 | 

North Korea-linked actors spread XORIndex malware via 67 malicious npm packages

 | 

FBI seized multiple piracy sites distributing pirated video games

 | 

An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance

 | 

Interlock ransomware group deploys new PHP-based RAT via FileFix

 | 

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Cyber Crime
  • Dating scam package offered in the underground

Dating scam package offered in the underground

Pierluigi Paganini January 05, 2016

The popular security expert Brian Krebs has reviewed a dating scam package offered in the underground by Russians fraudsters.

Russians fraudsters have automated the sale of plug-and-play online dating scam packages. As usual happens in these cases, these services are offered on underground websites specialised in online frauds,  crooks promise a response rate of 1.2 percent from potential victims.

The popular security expert Brian Krebs has reviewed a package of dating material including scam emails, pictures, instructions, videos and love letter templates that are offered for sale to fraudsters in the underground.

The use of a dating scam package could be very profitable, the fraudsters that are offering it state that customers who average 30 scam letters per day can expect to earn roughly $2,000 a week, not so bad!

“The romance scam package is designed for fraudsters who prey on lonely men via dating Web sites and small spam campaigns. The vendor of the fraud package advertises a guaranteed response rate of at least 1.2 percent, and states that customers who average 30 scam letters per day can expect to earn roughly $2,000 a week.” states Brian Krebs in a Blog post. “The proprietor also claims that his method is more than 20% effective within three replies and over 60% effective after eight.”

The crooks behind the dating scam package analyzed by Krebs also highlight that their material is more than 20% effective within three replies and over 60% effective after eight.

The dating scam package packages also include blacklists for email addresses of known whitehat security who can hamper their business.

Dating scam package (Brian Krebs)

Dating scam package (Brian Krebs)

It means Russians will be able to send higher quality emails that follow a Choose-Your-Own-Adventure model in which scammers can use various text trees to con hopeful men.

Russian fraudsters are able to craft and send high-quality scam emails, the sample emails follow the Mad Libs or choose-your-own-adventure text models.

The scammer pretends to be a young woman in a desolate region of Russia who is searching for a new life.

In order to add legitimacy to the dating fraud scheme, fraudsters are urged to include an email from the mother of the girl in the first 10 emails between the scammer and a potential victim. The scammer pretends to be a young woman in an isolated or desolate region of Russia who is desperate for a new life, and the email from the girl’s supposed mother is intended to add legitimacy to the scheme.

Krebs noticed that although Russia is a hostile country toward homosexuals, the proprietor of the dating scam package included templates for targeting gay men.

The fraud scheme requires about a dozen emails are exchanged between victims and scammers before they are invited to establish a phone contact. The victims are redirected to a call centre staffed by women who play the part of the desperate girl.

In this phase, the girls explain they need money to get a travel visa and request a money transfer for an amount between $200 and $2,000 on average.

The call center is anyway an expensive option for fraudsters that prefer to use it in the most important phases of romance scams, in some cases, a call center charges $10 per call, payable only in Bitcoin.

Dating scams are a profitable business in the criminal ecosystem so it natural that fraudsters start looking with increasing interest to a product like a dating scam package.

Pierluigi Paganini

(Security Affairs – dating scam package, fraud)

 


facebook linkedin twitter

Cybercrime dating scam package fraud scam underground

you might also like

Pierluigi Paganini July 18, 2025
LameHug: first AI-Powered malware linked to Russia’s APT28
Read more
Pierluigi Paganini July 18, 2025
5 Features Every AI-Powered SOC Platform Needs in 2025
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    LameHug: first AI-Powered malware linked to Russia’s APT28

    APT / July 18, 2025

    5 Features Every AI-Powered SOC Platform Needs in 2025

    Security / July 18, 2025

    Broadcom patches critical VMware flaws exploited at Pwn2Own Berlin 2025

    Security / July 18, 2025

    Stormous Ransomware gang targets North Country HealthCare, claims 600K patient data stolen

    Data Breach / July 17, 2025

    United Natural Foods Expects $400M revenue impact from June cyber attack

    Security / July 17, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT