IP geolocation API & WHOIS lookup: Protection against romance scams

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

Incidents related to romance cons—a popular type of fraud—often spike around this time of the year, counting many online daters as victims. Data from the Federal Trade Commission revealed that financial losses related to these scams amounted to US$342 million between 2015 and 2019. The commission received 84,119 complaints around the same period, although many incidents remain unreported.

Victims often meet fraudsters through social media, online chat rooms, and popular dating websites. Some lure targets to impostor dating sites via bogus ads, social media links, or even games like “Words with Friends.” To avoid being found out, the perpetrators conceal their identities behind fake social media accounts. And they often move quickly in the relationship, employing social engineering tactics to brainwash victims to behave in uncharacteristic ways.

Fake account registrations and logins on social media websites rose in the first quarter of 2020, as observed by Arkose Labs. The company also noted that two in five login attempts and one in five new account sign-ups were related to fraud.

Attack mediums have also evolved. Human-driven fraud attacks significantly increased by 82%, 50% of which occur on social media. According to the same report, the perpetrators work in “organized sweatshops” owned by criminal networks. Bots were also employed, although real people outnumbered them.

Detecting Romance Scams with IP Geolocation API & WHOIS Lookup

Users’ increased dependency on their devices and the Internet lead to the rising number of romance scams and fraud in general. As people rely more on technology, they forget that they also bear the primary responsibility of protecting the data they share. Users often end up entrusting their information to random people they speak to online or using weak login credentials for online accounts.

However, online services, including dating and social media sites, must also implement aggressive security strategies for fraud detection and abuse. In this regard, cybersecurity research tools like IP Geolocation API and WHOIS Lookup, which both allow gathering information about IP addresses and domain names, can offer protection against romance scams and other forms of cyber fraud. Below are some ways by which the tools aid platform owners in cyber fraud investigations.

• Beware of scamful users

Both IP and WHOIS information can be useful to run background checks on users who wish to become part of their communities. When inputting an IP address tied to a new registration in IP Geolocation API, for example, one may collect information about the new user’s location:

If said information is suspicious, because of an apparent mismatch between where the user pretends to be in his profile and where its IP address has been recorded last, this might be a cause for suspicion.

If the user signed up for the service using a branded email address, it’s also possible to run a background check with WHOIS Lookup. Say that the domain name contained in the email address was only registered a few days ago, this might indicate that a scamful user just made it to the service. Indeed, cyber criminals often register new domains just to deceive their victims.

• Beware of impersonators

Cybercriminals can also take romance scams to a whole new level by creating phishing sites of well-known social media and dating sites and lure users to sign up for these ill-intended replica platforms. While users believe they’re interacting on a legitimate entity, they might share confidential information, including credit card details (e.g., while signing up for a premium plan) that can later serve in card-not-present transactions. What’s more, the brand impersonated can suffer the consequences and get a bad reputation in the process.

To avoid the inconvenience, platform owners can rely on WHOIS Lookup to check for the legitimacy of websites which they suspect is mimicking their brand. For instance, they can find out if the domain ownership details have ties to known criminals or cybercrime networks via a comparison with publicly available blacklists. In addition, they can set up alerts via Brand Alert API to be informed of any instances where new domains registered contain their brand names or other terms of interest.

Romance scams and other forms of cyber fraud will continue to exist so long as targets remain susceptible. However, it’s possible to detect and address them by improving cybersecurity practices aided by reliable tools.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

• How to boost cyber defense with DNS lookup API and DNS database download
• Uncovering a domain’s past using domain name history search tools
• Top things to consider when designing your website
• 4 aspects to consider when choosing a WordPress theme

Editor’s Note: Jonathan Zhang is the founder and CEO of Threat Intelligence Platform (TIP)—a data, tool, and API provider that specializes in automated threat detection, security analysis, and threat intelligence solutions for Fortune 1000 and cybersecurity companies. TIP is part of the WhoisXML API family, a trusted intelligence vendor by over 50,000 clients.