Valentine’s Day scams spread virally on Facebook

Graham Cluley
Graham Cluley
@

 @grahamcluley.com
 @[email protected]

With Valentine’s Day approaching on February 14th, scammers on Facebook are ramping up their efforts to take advantage of the traditional day of love to make a quick buck out of unsuspecting users.

Facebook users are being tricked into clicking on messages that they believe their online friends have posted, saying who their Valentine will be in 2011 or how to put a heart or love poem on their sweetheart’s wall.

Valentine's Day scam message on Facebook

Is there a girl/boy you really like? why not show him/her via Facebook! give him/her a Love Poem and a Love Heart straight to his/her wall! Get Started Here: [LINK]

Find your Valentine

My Valentine this 2011 is going to be [NAME] :) See yours now! [LINK]/valentine

My Valentine date this 2011 is going to be [NAME]! Learn who yours will be now- [LINK]

Sophos has identified rogue Facebook applications with names such as Valentine’s Day and Special Valentine which are responsible for the messages, but it is possible that the scammers could have created others which use similarly love-themed messages.

If you make the mistake of clicking on the link you are taken to a splash screen which displays a teaser. Here’s one example, where the application claims it will “generate a random poem and send to one or many friends you select”.

According to this splash screen, the application has 220,673 monthly users – which may make you think that there’s nothing to be suspicious about.

Valentine's Day scam splash screen

Here’s the splash screen of another rogue Valentine’s Day application, which claims to have almost 7.5 million monthly active users:

Find Valentine

However, the third-party Valentine’s Day Facebook applications are rogue apps, trying to trick you into agreeing to give them the ability to post status messages to your wall as well as gather information about you including your name, photograph, gender and information about your friends.

Rogue Valentine's Day Facebook app

Clicking on “Allow” is a desperately bad idea, but plenty of Facebook users already have. What they don’t realise is that application craftily and instantly posts the message advertising the rogue app to your Facebook wall, hoping to draw your online friends into the money-making scheme.

Because the scammers are not really interested in your budding romance. They just want to make money. And they do that by tricking you into taking an online survey disguised as a “Facebook Anti-Spam Verification” dialog box.

Valentine's Day survey scam on Facebook

The scammers, of course, earn commission every time a survey is completed. This is a trick which they are using time and time again on Facebook, earning themselves cash by duping unsuspecting users into taking their surveys. Some surveys even ask you for your mobile phone number, and then sign you up for an expensive premium rate service.

As Valentine’s Day draws closer we can expect to see more and more scammers and cybercriminals attempt to exploit it – and not just on Facebook, in the past hackers have taken advantage of the international day of love to spread malicious ecards and trick users into running dangerous code on their computers. Make sure you keep your feet on the ground about your computer’s security.

Sign up to our free newsletter.
Security news, advice, and tips.

If you have been hit by scams like this on Facebook, and are struggling to clean-up your profile, here’s a YouTube video I made which describes what steps you need to take:

Make sure that you keep informed about the latest scams spreading fast across Facebook and other internet attacks.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.