At online dating sites, crooks impersonate exciting new love interests, who before long need some money from you. All too often they get it: Their average take is $10,000. But it's not just those who seek a cyber-sweetheart that get swindled. Even sober non-romantics can be taken in by the scammers' holiday-themed hoaxes this time of year. So be on your guard. Here's what to look out for:
"Gotcha" greetings. Opening an electronic greeting card sent to your computer is "one of the easiest ways to invite malware onto your machine," says Brenda Moretto, of online security company McAfee.
Don't click on links or follow instructions to download software that you supposedly need to view a card. Doing either can unleash malicious programs that turn your computer into a spam-sending "botnet" or give cyber-crooks remote access to your personal information, online bank accounts and passwords.
Legitimate e-card notifications include a confirmation code that allows you to open the greeting at the card company's website. If there's no card at that site, the message was a scam. Ignore any messages sent by strangers, or bearing titles like "firstname.lastname@example.org," "friend" or "secret admirer." And be careful even if a message has a friend's name — scammers can also impersonate them.
Sale-related spam. Expect an in-box littered with offers for deals on chocolates, jewelry, roses and other Valentine's Day-themed products. But be skeptical unless the offer is from a company you've done business with and which has your contact information. Links within emails can download malware, direct you to a scammer-run website to glean your credit card without delivering anything, or lead you to a copycat website selling cheap counterfeits.
How can you spot scam websites?
• Start by carefully reading the Web address. For instance, look at the difference between these two addresses: "www.tiffany.com" and "www.tiffanyco.mn" (a Mongolian site exposed by Scam Alert). If it looks fishy, don't click.
• Hover your mouse over the link (without clicking) to see its full address.
• Copy and paste (again, without clicking) the link into a Microsoft Word document. Then right click on the pasted link and select "Edit Hyperlink" from the menu that appears, which should open a pop-up window that shows the address to which the link directs.
• Copy and paste the link to http://browsingprotection.f-secure.com/swp/ to check the safety of the website.
Next page: Do dating scammers use social media? »