SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

3 Common Valentine’s Day scams (and how to avoid them)

Posted on February 10, 2020

It’s almost Valentine’s Day … but Cupid isn’t the only one looking for targets. Every year, hackers and scammers take advantage of people’s emotions around this holiday and do serious financial and psychological damage.

To help you avoid identity theft, financial fraud, and heartbreak, we’ve put together a list of three common Valentine’s Day threats along with some advice on how to handle them.

  1. 1

    Romance Scams

    Romance scams are a type of confidence trick: an attempt to defraud someone after first gaining their trust. In an online romance scam, the bad actor targets his or her victim through social media or dating apps. The scammer will typically create an authentic-looking profile and spend time in conversation with their target in order to lull them into a false sense of security. Then they ask for something: cash for a family emergency, money to buy a ticket to come visit, or gifts. If the target complies, the scammer disappears, leaving their victim to deal with the financial fallout (and the heartache).

    How to stay safe: If you’re on a dating site or app, your best defense is to do your due diligence. Ask questions of the person you’re talking with, and be on the lookout for evasive answers or inconsistencies. Perform a Google reverse image search on their photos to see if these appear on other sites or with other names (a scammer will often use publicly available photos or “borrow” another person’s social media photos in order to create a fake profile). If they start asking you for money even though you’ve never actually met them in person, it’s a huge red flag. Your best course of action is to cut off contact immediately and block them. And remember, not everyone is as cyber-savvy as you: If you think you’ve spotted a romance scam, protect other users by reporting the profile to the online platform and the relevant anti-fraud authorities.

  2. 2

    Fake Florists

    There are few things more anxiety-inducing than the thought that your Valentine’s Day bouquet might not arrive on time — and bad actors know this. They prey on people’s insecurities by sending out phishing emails claiming to be from a florist and warning about a delivery or payment issue. There is no issue, of course: The hackers are attempting to get the recipient to click on a malicious link or re-enter login and credit card details so they can steal them.

    How to stay safe: First of all, just be aware that this happens (similar scams occur during the end-of-year shopping season as well). If you receive an email from a florist — assuming that you actually ordered flowers this year — realize that it may or may not be genuine. In terms of what to do, don’t click on any links contained in the email, and don’t call any number given by the sender: These could be malicious or fraudulent. If you want to make sure that there’s really no issue with your order, either look up the number online and call the flower shop directly, or navigate to their website in your browser and log in to your account area, where you will be able to deal with any issues in a secure environment.

  3. 3

    Phishing Valentines

    The thought of a secret admirer is enough to give anyone butterflies in the stomach! Alas, hackers are nothing if not master manipulators, and they take full advantage of people’s natural curiosity about mysterious love notes by sending out malicious emails disguised as Valentine’s Day ecards. Clicking on a link in one of these can result in a malware infection, leaving you pwned on Valentine’s Day (not exactly the “be mine” you were hoping for!).

    How to stay safe: First of all, just delete any obviously malicious emails: Legitimate ecards will never require you to download attachments or ask you to install software in order to view them. As for the rest, the best way to handle ecards is to use the “pick up” option on the card company’s website. Hallmark, American Greetings, Blue Mountain, and other major greeting card vendors allow recipients to retrieve their ecards from the company’s main website directly, instead of by clicking on a link in an email. Instructions for this option are usually listed toward the bottom of the email notifying you that an ecard has arrived, along with the code you’ll need to view the card safely. Open a separate browser and navigate to the company’s website, find the appropriate retrieval page, and enter the code that was sent in the email in order to see your card.

Holiday scams are sneaky and sleazy, but are also reasonably easy to spot once you know what you’re looking for. Follow the tips above to stay safe this Valentine’s Day — and be sure to share them with someone you love!

Join our mailing list for the latest security news and deals