Fraudsters are stepping up phishing campaigns that target people who use dating websites, suggests research.
Members of Match.com, eHarmony, Zoosk, Christian Mingle and many others had received emails seeking to steal login details for the sites,said Netcraft.
The net monitoring firm said the emails had been sent from other websites, hacked to hide the senders’ identity.
Stolen data would be used to befriend other users in an attempt to trick them into handing over cash, it said.
The phishing campaign against dating sites marked a departure for fraudsters, who typically preferred to target banks, said Paul Mutton, a security analyst at Netcraft who investigated the attacks.
The attacks were “massive”, he said, adding that in the past week Netcraft had seen more than 100 compromised sites targeting Match.com alone.
So far, he said, it was not clear how sites were being compromised to host the scripts. Websites and servers run by individuals, small businesses, construction firms and telecom suppliers had all become unwitting hosts of the phishing tools, he added.
Mr Mutton said just one compromised site he had seen was home to about 800 short programs or scripts that targeted many different dating sites. Each script looked like it had been generated by a “kit” bought online.
“Anyone with a very basic knowledge of programming could make use of the kit,” he said.
