The Washington PostDemocracy Dies in Darkness
The Cybersecurity 202

A newsletter briefing on cybersecurity news and policy.

Romance scammers could cause unhappy Valentine’s Day

The Cybersecurity 202

A newsletter briefing on cybersecurity news and policy.

Welcome to The Cybersecurity 202! I’m looking forward to a party this weekend in honor of the greatest owl of all time.

Reading this online? Sign up for The Cybersecurity 202 to get scoops and sharp analysis in your inbox each morning.

Below: Hackers steal source code and internal data from Reddit, and the United States and United Kingdom jointly move to sanction Russian cybercriminals. First:

Behind the lies of romance scams

Love is in the air — and it’s also the time of year when federal agencies and cyber experts are warning consumers about crimes like romance scams, a type of digital swindling where crooks pose as love interests to seduce cash away from their victims.

FBI officials from around the country are speaking with local media in an attempt to warn readers and viewers about romance scams. And the Federal Trade Commission released information on Thursday about the most common lies romance scammers peddle.

“These scammers pay close attention to the information you share, and don’t miss a beat becoming your perfect match,” an FTC analysis of the data reads. “You like a thing, so that’s their thing, too. You’re looking to settle down. They’re ready too. But there is one exception — you want to meet in real life, and they can’t.”

The efforts to battle romance scams come as both Valentine’s Day nears and as the financial toll on victims skyrockets. Last year, around 70,000 people reported a romance scam to the FTC, with total losses at $1.3 billion. That’s the same amount as the total for the five previous years combined, with losses rising from $78 million in 2017 to $547 million in 2021.

And that’s just what’s been reported. The actual tally, most experts believe, is much higher because victims are embarrassed when they fall for such scammers.

By the numbers

Here’s what the FTC said were the most prevalent lies last year:

  • “I, or someone close to me, is sick, hurt or in jail” (24 percent).
  • “I can teach you how to invest” (18 percent).
  • “I’m in the military far away” (18 percent).
  • “I need help with an important delivery” (18 percent).
  • “We’ve never met, but let’s talk about marriage” )12 percent).
  • “I’ve come into some money or gold” (7 percent).
  • “I’m on an oil rig or ship” (6 percent).
  • “You can trust me with your private pictures” (3 percent).

Other telling stats from the FTC:

  • The median reported loss was $4,400 in 2022.
  • Most of the lost dollars were given to the scammers in cryptocurrency, followed by bank wire transfers or payments.
  • The majority of romance scam contacts (58 percent) were initiated via social media, with Instagram and Snapchat at the top of the list.

The last lie on the FTC’s list of prevalent falsehoods, in which scammers offer to receive private pictures, dovetails with another, related trend. Reports of sextortion — when a scammer obtains someone’s explicit photos and threatens to share them unless a victim pays up — are up eightfold since 2019, the FTC said.

Romance scams also overlap with another kind of scam that’s gaining momentum, known as “pig butchering.” That’s when scammers contact people they don’t know, often via text message, with conversation appearing to be directed at a wrong number. After getting a response, the scammers try to develop a relationship with the victim and encourage them to invest in cryptocurrency — investments which they instead steal.

Trying to help

FBI offices across the country are warning about the dangers that romance scams pose.

“This is one of the crimes where criminals are using what I call a ‘shotgun approach,’” Steven Merrill, special agent in charge of FBI Honolulu, told Hawaii’s KHON2 television station.

“They don’t care where you are,” Merrill said. “They just want a huge environment, because all they really need is one person to reply and start the relationship. If someone doesn’t reply, they’ll move on to someone else.”

Organizations and companies outside of government have offered help with, and insight into, romance scams and cybercriminals.

The National Cybersecurity Alliance offers a romance scams tool kit. IT security company Sophos recently warned about pig-butchering apps making it into Apple and Google app stores. Georgia State University researched common and successful tactics of romance scammers.

The FTC, for its part, explained some of the warning signs for spotting potential scammers.

“Nobody legit will ever ask you to help — or insist that you invest — by sending cryptocurrency, giving the numbers on a gift card, or by wiring money,” it said, adding that requests for money to get packages are also scams. The commission also encourages people to tell friends or family members about potential flings and check if they’re concerned. And it doesn’t hurt to run a reverse image search on profile photos to check if your love interest is real, the FTC said.

The keys

U.S. and U.K jointly impose sanctions on Russian cybercriminals

The sanctions by the United States and the United Kingdom targeted seven men for being involved in the Russia-based Trickbot gang, our colleague Joseph Menn reports. The group specialized in hitting U.S. hospitals amid the covid pandemic in 2020.

It’s the first time the United Kingdom has imposed sanctions against hackers for ransomware, and comes just two weeks after an international operation disrupted the Hive ransomware gang.

“There was no mention of any arrests, and the sanctions will not do much by themselves to seriously reduce the scourge of ransomware, though some criminals might move away from the group,” Menn writes. “The seven men do not operate the version of Trickbot prevalent in recent attacks, researchers say.”

U.S. authorities linked Trickbot to Russia’s intelligence agencies, but they were light on details. Some members of the group “are associated with Russian intelligence services,” the U.S. said, but it didn’t say that any of the seven men were. U.S. authorities also said that “the Trickbot Group’s preparations in 2020 aligned them to Russian state objectives and targeting previously conducted by Russian intelligence services.”

FBI director wants business to help fight cyberthreats from China

FBI Director Christopher A. Wray has pledged to work with U.S. companies to tackle a growing number of threats from China, specifically in the cyber sphere, Aruna Viswanatha reports for the Wall Street Journal.

The renewed commitment comes after FBI and other law enforcement agents in January disrupted the networks of the Hive ransomware group, which demanded hundreds of millions of dollars in ransom payments from nearly 1,500 businesses. At that time, only about 20 percent of victims actually contacted law enforcement regarding the attack. 

Now, after years of high-profile battles with the public sector over consolidation and white-collar crime, Wray is urging cooperation. He said that by mending that trust, including by sharing sensitive corporate material, the FBI can facilitate an effective response to such attacks. 

The agency’s top cyber official, Bryan Vorndran, has previously said the FBI wants to offer “Ritz-Carlton-level customer service” to companies that have been the target of a hack, offering to fight with regulators like the Securities and Exchange Commission that have been going after firms that fail to properly disclose to investors that they have been hit by cyberattacks.

Hackers breach Reddit to steal source code and internal data

Social media company Reddit was hacked Sunday, allowing attackers to obtain the site’s internal business systems and to steal internal documents and source code, Lawrence Abrams reports for Bleeping Computer.

The company said it became aware of the breach after an employee told the company’s security team about the incident. The hackers set up a fake log-in page that attempted to steal passwords and two-factor authentication tokens. 

After investigating the incident, Reddit said the stolen data included limited contact information for company contacts and current and former employees, as well as some details about its advertisers. 

However, Reddit said that details regarding credit card information, passwords, and ad performance were not taken. In its security incident notice, the site added, “We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).”

Global cyberspace

North Korea ransomware targets hospitals to fund digital spycraft, US agencies warn (CyberScoop)

Cyber insecurity

Michigan AG warns of cybersecurity risks after data breach of gaming sites (Michigan Live )

Indigo books hit by 'cybersecurity incident' impacting sales online and in-store (CBC News )

Encryption wars

Hacker develops new 'Screenshotter' malware to find high-value targets (Bleeping Computer )

The network

Insurers say cyberattack that hit Merck was warlike act, not covered (Wall Street Journal )


  • The Bipartisan Policy Center holds a meeting with experts to discuss cybersecurity risks that companies, governments and individuals will face in 2023 on Monday at 10 a.m. Your Cybersecurity 202 anchor, Tim Starks, will be hosting this event. 

Secure log off

Thanks for reading. See you next week.