this post was submitted on 15 Mar 2025
28 points (100.0% liked)

cybersecurity

3834 readers
87 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 2 years ago
MODERATORS
 

At the beginning of the year, a spate of very similar mails appeared in my spam-box. Although originating from different addresses (and sent to different recipients), they all appeared to be the opener for the same romance scam campaign.

Romance fraud is increasingly common and campaigns can extort large sums from victims, who are often quite vulnerable and lonely.

If you found this page because you think that you might be being targeted, speak to Crimestoppers or Action Fraud.

When stories of romance fraud hit the news, we often hear that the victim had become extremely attached to the scammer, but very little on how they got engineered into that position.

At it's heart, romance fraud relies on social engineering and I was curious to see what techniques were actually being used. I'm no particular stranger to scam baiting, so I decided to masquerade as a mark and see how the campaign was run (as well as what, if anything, I could engineer out of the fraudster).

The emails that I'd received were all associated with one persona: "Aidana", who claimed to be a dentist in Kazakhstan.

This post analyses the scammers approach, systems and material, sharing some of what I was able to learn over the course of a few weeks of back and forth.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] TORFdot0@lemmy.world 6 points 2 days ago (1 children)

Really good read. Worth it for anyone with the time to devote to a long post

[โ€“] chrisbtoo@lemmy.world 6 points 2 days ago

Agreed!

Not the first time I've read through one of these scam-baiting articles and I'm sure it won't be the last. It's quite fascinating how they work.