Photo shows social media app icons on a smartphone held by an Associated Press reporter in San Francisco. (File Photo/AP)
RIYADH: Choosing the right partner is important, but there is a need to be careful while using apps for this as Saudi Arabia is the second most-affected country in the Middle East from cyberattacks disguised as dating apps.
An analysis by Kaspersky, a global cybersecurity and anti-virus provider, has shown that in 2019 the region saw a circulation of 658 threats under the guise of over 20 popular dating applications, with 2,082 attacks on 1,352 users detected.
The countries attacked most often were Egypt, accounting for 31 percent, Saudi Arabia with 18 percent and the UAE with 17 percent of all attacks in the region, Kaspersky’s analysis said.
It added that popular dating services used worldwide, such as Tinder, Bumble or Zoosk, often become bait used to spread mobile malware or to retrieve personal data to later bombard users with unwanted ads or even spend their money on expensive subscriptions.
Such files have nothing to do with legitimate apps, as they only use a name and sometimes copy a design of authentic dating services, it said.
It added that cybercriminals would most often choose Tinder to cover their files: The app’s name was used in nearly a third of all cases (693 attacks detected in the region).
However, the researchers noticed that around 13 percent of attacks came from apps disguised as local services solely for Arab matchmaking.
The danger these malicious files bring varies from file to file, ranging from Trojans that can download other malware, to ones that send expensive SMS messages, to adware.
It further revealed that cybercriminals who specialize in phishing also do not miss the chance to feed on those seeking to find love. Fake copies of popular dating applications and websites, such as Match.com and Tinder, flood the internet.
Users are required to leave their personal data or connect to the applications via their social media account. The result is not surprising: The data will later be used or sold by cybercriminals, while the user will be left with nothing.
Muhammad Khurram Khan, professor of cybersecurity at King Saud University said, “As the use of dating and social media apps continues to rise and gain popularity, cybercriminals continue to promulgate and leverage fake malicious apps to steal users’ personal data. This technique is called social engineering, which exploits human psychology and weaknesses to trap innocent netizens.”
Khan, who is the founder CEO of the Global Foundation for Cyber Studies and Research, Washington D.C, added that fake apps masquerade as legitimate applications to trick users to install them and once installed, these applications could perform a variety of malicious actions through ‘honey traps’ e.g. access the device’s camera, microphone, calendar, GPS location, personal data, contact list, and financial information.
“Cybersecurity awareness and hygiene could help to protect from these risks by practicing simple sets of actions,” he said.
As an expert, he advised that users should always stay attentive and download original versions of applications that are available in the official app stores.
“It is imperative to keep checking the apps permissions to know about their rights to access the devices resources e.g microphone, camera and photos,” he said, adding: “Users should also use and update their antivirus and other malware protection tools.”
Vladimir Kuskov, head of advanced threat research and software classification at Kaspersky, said: “Love is one of those topics that interest people universally, and, of course, that means that cybercriminals are also there.
Online dating has made our lives easier and yet uncovered new risks on the path to love.
We advise users to stay attentive and use legal versions of applications that are available in official application stores.”
(with inputs from Agencies)