Catphishing

You may have heard of the terms “phishing” or even “spearphishing”—they both refer to attempts by bad actors to gain personal information to pilfer bank accounts or damage reputation.  Phishing is a broader term for wide-reaching untargeted solicitations, whereas spearphishing concerns attempts to target a particular population set like veterans, the elderly, or employees of a particular company for example.

This type of targeting will be familiar with law enforcement, but what you may not know is that early hacking routines were known as “phone phreaking” and the word usage stuck.  Therefore the “ph” in these terms is derived from hacker slang where it is common vernacular to replace the “f” with “ph.”

“Catphishing” (also known as “sweetheart scams”)—our blog topic of discussion—is another emerging threat, one that entails exploiting individuals by targeting them through dating websites.  The term “catfish” has come to signify people who present false information about themselves online.  The term came about after a documentary of the same name came out in 2010 on long-term online relationships.

Catphishing can be used as a means to gain money, personal details, or even notoriety. Perhaps the most famous example of a catphishing victim in terms of notoriety is Manti Te’o, the Notre Dame football player who was lured into a relationship online with a nonexistent woman.  This story made headlines after his 2012 football season at Notre Dame.

More commonly, though, catfishing victims will be asked for money in leading up to meeting in person after several online exchanges.  A Colorado mother and daughter pair swindled thousands of dollars from victims while presenting themselves as soldiers in Afghanistan needing money. This catphishing scam was harder to detect, as are situations where victims are lured into a fake relationship with someone they’ve met and think they know, but who has instead presented a false profile to glean information from the victim.

Another type of victim in catphishing scams are those whose photos are used illegally in an attempt to present a false identity.  Fraudsters may glean publicly available sources, copy them for their own use, and then reuse the photo in setting up their fake online dating website profile.  This type of scenario can be harder to detect and investigate since photo permissions are often ill-defined.

So, how can you recognize catphishing, and what can you do to protect yourself and your community?  Many dating websites have precautions in place to flag this type of behavior, but it is still believed that one out of every ten dating website profiles are set up for scamming purposes.  If you are using a dating website, you should realize that catphishing scams tend to have rapid start-up time for the relationship, seem to arise out of the blue, and are unusually quick and intensive.  Victims have often noted the use of professional photos or location claims that aren’t consistent to be a red flag.  It is also likely that the fraudster will be reluctant to talk on the phone as well, remaining more comfortable and hidden in online interaction.  Finally, if your photos are used illegally, you can conduct a reverse Google Image Search to understand where else your photo may have been used without proper permissions or acknowledgement.

References:
https://identity.utexas.edu/infographics/online-dating-scams-red-flags-and-what-is-catfishing
http://robertsiciliano.com/blog/2015/03/03/what-is-catphishing/
http://robertsiciliano.com/blog/2013/12/11/catphishing-is-a-loveless-nightmare/
http://www.denverpost.com/ci_20892031/brighton-mom-daughter-team-accused-1-million-online
http://www.computerworld.com/article/2575094/security0/sidebar–the-origins-of-phishing.html
http://www.slate.com/blogs/browbeat/2013/01/18/catfish_meaning_and_definition_term_for_online_hoaxes_has_a_surprisingly.html

 

  • Was this article helpful ?
  • Yes   No

FBI Cyber Shield Alliance

IACP Conference

Contribute Content