Why cybercriminals love a good Valentine’s Day

As Valentine's Day approaches, most peoples' thoughts turn to romance and flowers. For the cybercriminal, however, it heralds another opportunity to draw in unsuspecting internet users.

Many of the most common scams around this February rely on existing vulnerabilities in software, spam, fake sites and distraction techniques. Organised criminal units have a long history of timing their attacks to coincide with popular occasions in order to achieve maximum success.  Valentine's Day 2009 is a day that is similarly marked on the criminals' calendar for targeted attacks.

In the weeks running up to February 14, many phishing emails have already been doing the rounds supposedly promoting love or dating opportunities. The Websense Security labs have seen several fake Valentine's Day sites serving up malware, an increase in adult dating and 'healthcare'-related email spam, and blended email/web/phone techniques promoting premium rate phone services - which are always a good way to make a fast dollar.

The same techniques have been used in other recent campaigns, such as Obama spam and fake New Year greetings cards. The public are becoming more aware of these, however, and it's getting harder to trick people this way. Cybercriminals are also taking their efforts to social networks, given its rising popularity and potential to manipulate the user through "friend" messages.

Here are the top three things to look out for:

1. Broken hearts

There are a number of fake Valentine's Day sites serving up malware courtesy of the Waledac gang (or at least exhibiting the same characteristics as them). The sites show colourful images such as puppy dogs or a picture of 12 pretty hearts and ask "Guess which one is for you?"

Unfortunately the web page is one big image and a single click from a tricked user commences the download of Trojans named "onlyyou.exe" or "youandme.exe" which are not as friendly as they sound. The Trojan can connect to remote websites to receive commands and send information about the compromised system.

2. I am your friend

Spammers are using our appetite for social networking and turning to sites such as Twitter, Facebook and MySpace as new ways to trick users into visiting fake sites, installing viruses and spreading malware on the internet. Web spam, in blogs and on comment pages, is also on the rise. Users should be wary of links posted by strangers on their blogs - chances are the links will not them lead them to love, as promised.

3. Money can't buy you love

Money can't buy you love, but it may get you a masked redirect. Our research shows that 70 per cent of the world's most popular websites have either hosted malicious content or contained a masked redirect to lure unsuspecting victims from legitimate sites to malicious sites.

In fact, we have seen specially-created malicious sites decline as cyber criminals switch to compromising trusted websites. They are cashing in, literally, on our increased confidence in shopping and researching online - a lot of which happens whilst in the office. As people turn to the internet to order flowers, chocolates and other gifts - so too are the cybercriminals turning to these sites to compromise them and steal data.

The underground economy is positively flourishing as companies fail to keep up with security technology. Criminals are taking advantage of the growing number of Web 2.0 properties which allow user-generated content. More than ever we're seeing websites injected with links to direct users to malicious and compromised sites. And since many email security systems lack web intelligence, spammers have also stepped up email campaigns which contain links to malicious web pages. It's clear that businesses need security with real-time protection, but until this becomes the norm - cybercriminals will continue stealing data and breaking hearts.