Australian Tinder users have been warned about an outbreak of malware-spreading "flirty bots" on the popular dating app. The bots use sexually suggestive profile pictures to lure users into automated conversations before linking to malicious "game" downloads. Unfortunately, it seems many enamored victims are all too happy to click.
Model picture from Shutterstock
According to security firm Bitdefender, the social networking/"hookup" app Tinder has been infiltrated by an increasing number of bots which use profile pictures stolen from Facebook and online photography studios.
After enticing users to 'like' a profile and some back-and-forth flirting, the bot attempts to infect the user's phone via a bogus 'Castle Clash' download. The targets are usually men (natch).
As Bitdefender explains:
A typical bot message reads “Hey, how are you doing?”, “I’m still recovering from last night J Relaxing with a game on my phone, castle clash. Have you heard about it? 'http://tinderverified.com/castleclash'. Play with me and you may get my phone number.”
To anyone with even a smidgen of security awareness, the above conversation seems highly suspect -- but we suppose the possibility of sex can make people do pretty stupid things. This one time, I even pretended to like Heartbreak High (unfortunately the ploy backfired and I ended up marrying her).
Here are some warning signs to look out for:
- Tinder bots typically start the conversation by asking users if they have talked before. Like you wouldn't remember chatting to a user who looks like a supermodel.
- Scammers often target users in a precise region by faking their location. Don't automatically trust your “matches” just because they seem to be Australian.
- Never click a link received on Tinder. You should also be wary of links in the ‘About’ section of a user's profile.
- To minimise scamming opportunities, connect your Tinder account to a dedicated Facebook profile that only has a couple of pictures.
According to Bitdefender, Castle Clash developer IGG is currently investigating the issue.