Valentine's Day scams spread virally on Facebook

Filed Under: Facebook, Rogue applications, Social networks, Spam

With Valentine's Day approaching on February 14th, scammers on Facebook are ramping up their efforts to take advantage of the traditional day of love to make a quick buck out of unsuspecting users.

Facebook users are being tricked into clicking on messages that they believe their online friends have posted, saying who their Valentine will be in 2011 or how to put a heart or love poem on their sweetheart's wall.

Valentine's Day scam message on Facebook

Is there a girl/boy you really like? why not show him/her via Facebook! give him/her a Love Poem and a Love Heart straight to his/her wall! Get Started Here: [LINK]

Find your Valentine

My Valentine this 2011 is going to be [NAME] :) See yours now! [LINK]/valentine

My Valentine date this 2011 is going to be [NAME]! Learn who yours will be now- [LINK]

Sophos has identified rogue Facebook applications with names such as Valentine's Day and Special Valentine which are responsible for the messages, but it is possible that the scammers could have created others which use similarly love-themed messages.

If you make the mistake of clicking on the link you are taken to a splash screen which displays a teaser. Here's one example, where the application claims it will "generate a random poem and send to one or many friends you select".

According to this splash screen, the application has 220,673 monthly users - which may make you think that there's nothing to be suspicious about.

Valentine's Day scam splash screen

Here's the splash screen of another rogue Valentine's Day application, which claims to have almost 7.5 million monthly active users:

Find Valentine

However, the third-party Valentine's Day Facebook applications are rogue apps, trying to trick you into agreeing to give them the ability to post status messages to your wall as well as gather information about you including your name, photograph, gender and information about your friends.

Rogue Valentine's Day Facebook app

Clicking on "Allow" is a desperately bad idea, but plenty of Facebook users already have. What they don't realise is that application craftily and instantly posts the message advertising the rogue app to your Facebook wall, hoping to draw your online friends into the money-making scheme.

Because the scammers are not really interested in your budding romance. They just want to make money. And they do that by tricking you into taking an online survey disguised as a "Facebook Anti-Spam Verification" dialog box.

Valentine's Day survey scam on Facebook

The scammers, of course, earn commission every time a survey is completed. This is a trick which they are using time and time again on Facebook, earning themselves cash by duping unsuspecting users into taking their surveys. Some surveys even ask you for your mobile phone number, and then sign you up for an expensive premium rate service.

As Valentine's Day draws closer we can expect to see more and more scammers and cybercriminals attempt to exploit it - and not just on Facebook, in the past hackers have taken advantage of the international day of love to spread malicious ecards and trick users into running dangerous code on their computers. Make sure you keep your feet on the ground about your computer's security.

If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here's a YouTube video I made which describes what steps you need to take:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks. Join the Sophos page on Facebook, where over 60,000 people regularly share information on threats and discuss the latest security news.

, , , , ,

You might like

5 Responses to Valentine's Day scams spread virally on Facebook

  1. manfromthezoo · 1697 days ago

    The old saying is that the way to a man's heart is through his stomach. A constant proved true though, irrespective of technological implementation, is that any scam is best applied by levering the human ego.

    Unfortunately, social media has provided an ecosystem ripe with low-hanging fruit herds that will without fail, in spite of all warning, click on / install / allow anything if they think someone is giving them...attention. Nay, validation.

    I'm sure we can all think of a least a few folk that we could make do ANYTHING online at the vaguest whiff of 'someone fancying them' etc. They simply cannot control their base urges and this will continue to happen, irrespective of technical origin / platform impact ad infinitum. It's comically easy to engineer people, it takes almost no savvy at all. People can and *will* adandon all common sense and education at the behest of their ego.

    Sadly, I think this says more about the world we live in than the security products and / or methods we employ.

    Increasingly the local stack on a computer is becoming less and less the goldmine it once was; why bother circumventing complex (and broadly effective) security suites like Sophos offer, when the user will willingly open their hearts, and provide reams of information at the behest of an 'online admirer'? You essentially have a mine of data to get your dirty mitts on that is totally abstracted from the computer, totally unprotected, and completely accessible with the planting of a melliflous idea in a naive user's head.

    In that respect, the answer is not education - the vast amount don't care 'how stuff works' - they just want to find out *who fancies them / watches their FB page / insert promise from dubious app here*. The real solution? A two pronged approach. Secure your computing environments, and WISE UP - learn to be doubtful and suspicious of people / ANYTHING that asks for access to your data. Doubt motivations; analyse the likelihood of authenticity of stuff like this being thrown in your face. Become more cynical and you'll notice patterns - you'll spot rubbish like this from thirty paces.

    I have seen otherwise intelligent people forward status-line spam for the same reason - abject fear of not doing the same as everyone else, before *thinking*. Step away from the herds and shepard yourself.

    Alas, the most amazing security software ever - and I do think Sophos is strong here - won't secure YOU. Learn to be your own defence, and you'll find you'll complement your security solution in ways you didn't think possible.

  2. J@LocalPI · 1696 days ago

    I think it is sad that when we are online we have to be so cynical and suspicious of everything, but unfortunately, the internet is the perfect breeding ground for scammers and hackers and it is a sad truth that we do have to guard our confidentiality and identity fiercely. I am currently writing a blog series on different forms fraud takes, at, so this article was very helpful in my research. Thanks!

  3. Dan · 1694 days ago

    in the past hackers -> in the past crackers !!!!


  4. johnbragg · 1694 days ago

    "The scammers, of course, earn commission every time a survey is completed. "

    Who is paying for the surveys? That's the part I don't understand about FB postjacking and likewhoring scams. How do they pay off?

    I'm defended against survey-scams just because I don't have any patience. If it takes more than one or two "Next" buttons, I'm out. (Or more exactly, Clark Kent or Santa Claus or Joe Momma is out.)

  5. scamreporter · 1692 days ago

    Valentine day scammers are indeed smart enough to target people and infact social networking sites is indeed good platform for such crooks. Social networkers should be aware of such fraudsters and avoid sharing any personal informati9on.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley