Neil Young said only love can break your heart. It can break the bank, too, particularly during Valentine’s season, when emotions — and loneliness — can run high.
Scammers and companies that turns gotchas into profits know all about your weaknesses. The “loneliness industry” cut its teeth with 1-900 commercials during the 1990s, but now it’s perfected the craft. The loneliness business runs the gamut from legit-but-sneaky, like many online flower delivery firms, to outright fraud, like sweetheart scams.
Valentines will spend an average of $142 this year on candy, flowers, apparel and more, up from $133.91 last year, according to the National Retail Federation, totaling $18.9 billion just in the U.S. Plenty of folks want a chunk of that change. To try to keep you and your money safe this holiday, here’s a guide.
1. Flowers
There’s no way around it: Flower prices jump off the charts this week, as demand skyrockets. Expect to pay $40 for a bouquet that cost $20 last week (or next week). If you are in the kind of secure relationship that allows for smart holiday shifting — Christmas cards sure are cheap on Dec. 26 — buying flowers next week is a great option!
Major online florists like ProFlowers, 1800Flowers and FTD.com all have a good reputation for delivering bouquets on time, no small feat during the crunch of Valentine’s Day. While picking out your own gift at a local florist may be a better idea, there’s nothing wrong with ordering flowers online. Just be sure you know what you are paying, and understand it’ll take some stick-to-it-ive-ness to find out. At all three retailers, you don’t learn the final price until you’ve worked your way through several pages of forms, including delivery address and so on. The arrangement that sounded like it would cost $30 in a radio ad will actually cost $50 or more, particularly if you’ve waited this long to order. Delivery on Valentine’s Day, a Saturday, could set you back even more.
2. Romance scams
Don’t have someone to buy flowers for? You are likely to turn to an app or website for help. Pew says one in 10 U.S. adults have done so, and the number of people who dated someone they met online grew to 66 percent over the past eight years. Maybe this week will inspire you to take the plunge. When you do, know that plenty of criminals lurk on all the sites. And there’s nothing more tragic than a “sweetheart scam.”
Con artists may spend weeks and even months gaining trust from victims — even sending flowers purchased with stolen credit cards or using fake photos they’ve lifted from actual dating profiles. Then, they make their move. Barb Sluppick has been running a forum called Romance Scams for more than five years, and she says the scams show no signs of slowing down. Most victims find her support group after it’s too late.
“We are getting a lot of the same. Getting victims to send money, cash checks, ship merchandise,” she said, adding that prepaid cards have been the currency of choice for scammers lately.
Particularly tragic are family members who contact Sluppick looking for advice when a loved one simply can’t be convinced that their “lover” is really a criminal.
“We are also getting lots of contacts from family and friends of victims who are so caught up in the scam and do not believe that they are being scammed,” she said. “We do our best to assist them in steps to take to help the person out of the scammer’s hands. I am sad to say that those kinds of interventions are not always successful.
"There are families that have been ripped apart because the victim chooses the scammer over their family and friends. That is one of my biggest frustrations and we are trying to find better ways to help these families and friends.”
3. Apps and hackers
But even if you don’t think you would fall for that, your online love search might leave you more vulnerable than you think.
A new study released this week by IBM found more than 60 percent of leading dating mobile apps they studied, on the Android mobile platform, are potentially vulnerable to a variety of cyber-attacks that put personal user information and corporate data at risk. Fully 26 of the 41 dating apps they analyzed on the Android mobile platform had either medium or high severity vulnerabilities, by IBM’s ratings.
The study has implications for both individuals and corporations, which now routinely allow employees to “bring your own device” for work. That means company data is intermingled with online dating apps that might not be safe.
Here’s what IBM found:
Dating App Used for Malware: The anticipation of receiving interest from a potential new date is just the sort of moment that hackers thrive on — when users let their guard down. Some of the vulnerable apps could be reprogrammed by hackers to send what seems like a message that asks users to click for an update or to retrieve a message that, in reality, is just a ploy to download malware onto their device.
GPS Information Used to Track Movements: IBM found 73 percent of the 41 popular dating apps analyzed have access to current and past GPS location information. Hackers can capture a user’s current and past GPS location information to find out where a user lives, works or spends most of their time.
Steal Credit Card Numbers From App: 48 percent of the 41 popular dating apps analyzed have access to a user’s billing information saved on their device. An attacker could gain access to billing information saved on the device’s mobile wallet.
Take Control of a Phone’s Camera or Microphone: All vulnerabilities identified can allow a hacker to gain access to a phone’s camera or microphone even if the user is not logged into the app. This means, an attacker can spy and eavesdrop on users or tap into confidential business meetings.
Hacker Can Hijack Your Dating Profile: A hacker can change content and images on the dating profile, impersonate the user and communicate with other app users, or leak personal information externally to affect the reputation of a user’s identity. This poses a risk to other users, as well, since a hijacked account can be used by an attacker to trick other users into sharing personal and potentially compromising information.
“Consumers need to be careful not to reveal too much personal information on these sites as they look to build a relationship with another user on these dating apps,” said Caleb Barlow, Vice President, IBM Security. “Our research demonstrates that some users may be engaged in a dangerous tradeoff – with increased accessibility resulting in decreased personal security and privacy.”
It’s not easy to adjust privacy settings on most apps — many won’t work if you turn off certain features — but users should at least restrict app access to location information as much as possible. Obviously, with an app like Tinder, which lets users find potential mates who are nearby, that’s not possible, so use your judgment.
Most critically, users should avoid revealing too much in dating profiles. Even something innocuous like a pet’s name could make someone more vulnerable to a hack later — many sites use pet’s name as a security question. It’s always a good idea to check your free annual credit reports for possible signs of fraud (like unauthorized new accounts or collection items for a debt someone else ran up in your name) — and it’s especially important to check your credit if you believe someone has scammed your identity info from you.
And don’t forget, online dating profiles can remain online long after you’ve found love. It’s good data hygiene to remove profiles when they aren’t necessary any longer. It’s probably good for domestic tranquility, too.
Bob Sullivan is author of the New York Times best-sellers Gotcha Capitalism and Stop Getting Ripped Off. See more at www.bobsullivan.net.
More from Credit.com
How to Use Free Credit Monitoring Tools
The Signs Your Identity Has Been Stolen
What to Do If You're a Victim of Identity Theft
This article originally appeared on Credit.com.