Romantic lawsuit for two? Don’t let cyber criminals scam you or your business this Valentine’s Day

This article first appeared on SecureWorld.io.

2024 saw a 110% rise in cyber crime in the lead up to the 14th February. Valentine’s Day 2025 will be no different as increasingly sophisticated online hackers seek to take advantage of Valentine’s themed email traffic, social media adverts or marketing campaigns, and exploit heightened emotions and a desire to connect. Just as Christmas makes us a bit more likely to click on a dodgy parcel delivery text, Valentine’s Day means we are more likely to click on something romance related.  

Here are our top things to avoid:

1. Be wary of romance scams

People can be vulnerable on 14 February. If you’re using a dating app or social media, watch out for people who claim to fall for you really fast but avoid video calls, meetups or providing personal details. Also, listen out for a potential suitor who sounds a bit too ‘scripted’ during conversation and, if speaking on the telephone, ‘bot’ style chat with an automated tone or delayed responses.

2. Watch out for fake online stores

Need a last minute Valentines gift and tempted by an online store with a brilliant offer? Only shop from reputable stores and check for HTTPS in the URL. Scammers set up fake websites selling flowers, chocolates and jewelry at suspiciously low prices. If a store has limited contact information and no or too good to be true customer reviews this is also a red flag.

3. Avoid phishing emails and messages

You may receive emails or texts with fake Valentine’s Day deals, e-cards or delivery notifications. However genuine it looks, or tempting an offer, don’t click on links from unknown senders. If you spot an offer and need to verify it, go back to the original retailer’s website instead of clicking through links.

4. Be careful with eCards

Scammers can easily make eCards look legitimate, using familiar branding and designs to trick users into clicking without suspicion. Clicking on a seemingly innocent link within an eCard can lead to downloading malware or being redirected to a phishing website designed to capture personal or company details.  Attachments within eCards can also be used to deliver malware, even if they appear to be simple image files. 

5. Use secure payment methods

Avoid wire transfers, prepaid gift cards or cryptocurrency for online purchases for Valentine’s Day. These payment methods are wide open to cyber attack. 

Wire transfers are instantaneous and almost impossible to reverse, prepaid gift cards offer weak security measures and there are private key vulnerabilities when paying by crypto. Stick to PayPal or credit card services which both offer fraud protection.

6. Protect your personal information

Valentines scammers take advantage of social engineering and people letting their guard down on 14 February.  Never share sensitive information like address, phone number, or banking details with someone you just met online. Someone genuine would not be asking for that information. Using strong, unique passwords for dating apps and online stores is also a good idea.

7. Verify charities before donating

Scam emails and messages impersonating charities are common. Charity phishing often involves a personal plea for help from an individual, but it can be more sophisticated. Some emails are designed to look professional and branded just like the charity they’re impersonating. The emails usually include a link to a fake website designed to look genuine, which includes instructions on how to donate money. If you want to donate something to a charity and check its genuine, always go back to the official website and start the process there - not via an email.

8. At work, understand your own personal duty of care

Did you know individual leaders and directors have a fiduciary duty to their employer, and legal and regulatory responsibilities to protect the firm against cyber security attacks? If you are in a C-suite role, you need to be engaged, informed and accountable for what you are personally responsible for. For example, the CHRO might be responsible for ensuring cyber awareness is included in all onboarding and training; the CEO may be tasked with setting a ‘cyber risk appetite’ that balances the value chain, strategic differentiators and necessary controls.

9. Know which core business assets you need to protect first

If you were to fall victim to cyber crime at work, what are the core assets in scope and what is the extent of potential damage that can occur if they are compromised? Analyse systems, applications, data, operations and stakeholders. Then ascertain owners, reach and impact and define and rehearse your response.