- Since January 2023, Check Point Research (CPR) sees a 54% increase in new Valentine’s Day related domains, compared to previous months
- One out of every 10 new domains containing the term “love” or “Valentine” found to be potentially risky, since the beginning of February 2023
- One out of 1000 Valentine’s Day related emails found to be malicious or suspicious since the beginning of February
- CPR urges online shoppers to be aware and stay alert, and offers recommendations to shop safely during this period of Valentine’s Day love
The season of Love and …Fraud
February marks the season of Valentine’s Day, merchants offer red roses, chocolates, and a variety of hearts in all colors, shapes and forms, decorates the stores and assorted web pages globally.
Indeed, a festive season.
But such occasions also seem to be an opportunity for cybercriminals who insist on participating actively and spoil the atmosphere for many online lovers out there.
In our 2023 Cyber Security Report, it has been noted that the proportion of email-delivered-attacks during 2022 has increased, reaching a staggering record of 86% of all file based in-the-wild attacks. Data shows an increase in the utilization of various types of archive file formats, as threat-actors attempt to conceal malicious payloads.
And indeed, since the beginning of February, our researchers flag approximately 1 in every 1000 emails relating to Valentine’s Day was found to be malicious or suspicious.
Not all Valentine’s Day webpages are filled with Love . . .
In January, a total of 12,441 new domains were registered containing the terms “Love” or “Valentine” in their name. This is a 54% increase compared to the average in the previous three months, significantly higher than the overall increase in new domains in this period, which stood at 36%.
The trend continued in February where in the first week alone, there were more than 2900 such new domains that were registered. Out of these recent new domains, approximately one out of each 10 were found to be potentially risky, based on the suspicious content included or the slightly different URL inserted.
In the past month, webpages containing Love or Valentine (regardless of when they were created), which were actually accessed or received as links, had double the probability of being found malicious than the overall average.
Phishing for user’s information
Phishing is a type of cybersecurity attack during which malicious actors send messages pretending to be a trusted person or entity. Phishing messages manipulate a user, causing them to perform actions like installing a malicious file, clicking a malicious link, or divulging sensitive information such as access credentials. Phishing is the most common type of social engineering, which is a general term describing attempts to manipulate or trick computer users. Social engineering is an increasingly common threat vector used in almost all security incidents. Social engineering attacks, like phishing, are often combined with other threats, such as malware, code injection, and network attacks. While phishing content can be delivered in a variety of ways, emails are the most common medium.
“Free” can often cost you a lot
In the beginning of February we found a campaign sending emails titled “Your valentines day reward has arrived!” sent from multiple senders with addresses such as