Online Dating: The Trust Equation

Intimacy powers the online dating ecosystem. How do we secure that trust?

Online dating platforms are the places we turn to find love, company, and community. Therefore, the space relies on trust between users and trust that the platform is safe and private. Users share some of their most personal information and make themselves vulnerable to each other. They are at that moment exposed to threat actors working for malicious purposes. The key question is how we maintain the security of users while allowing the currency of trust to flow freely.

It’s projected that by the end of 2022, there will be over four hundred and ten million people active on online dating platforms worldwide, with over 50 million users in the US. These users, though, are not a monolithic group. They break down into many diverse communities defined and organized around specific identities and goals. Each community faces different risks, which Trust & Safety teams can mitigate through proactive planning and careful intelligence collection. In this blog, ActiveFence provides our perspective on the challenges facing Trust & Safety teams at dating platforms and how they can keep daters safe.

ActiveFence is a leading provider of proactive intelligence about harmful online activities. Using specialist knowledge in threat actor communities, we offer platforms actionable insights to secure their services and users.

Segmented Populations

The activities on dating applications are oriented around meeting new people and forming intimate relationships based on compatibility and shared traits.

The use of dating platforms requires users to select and reveal specific characteristics and share high volumes of personal information. They disclose information such as their self-identification, choice of partner, place of work, sexual health, history, orientation, and preferences. They often share their name, telephone number, and location. However, this sharing of sensitive information makes users vulnerable to various threats, including violent crime, extortion, and fraud.

Perceived & Materializing Dangers

Each group is vulnerable to specific forms of abuse targeted on their characteristic. Users who self-identify as being from a specific minority community can receive targeted abuse or be lured into unsafe situations. Fraud actors can target those looking for casual hook-ups in various phishing scams. While those who are encouraged to share intimate images or reveal their sexual health history can be extorted.

The results of a 2019 Pew Study, The Virtues and Downsides of Online Dating, are telling. The following percentages of respondents perceive online dating to be unsafe or ‘not at all safe.’ These are not simply perceptions; they are formed from lived experiences, which ActiveFence has identified.

The study was revealing.

  • 53% of female respondents felt online dating was unsafe, with 19% reporting threats of physical harm.
  • 58% of Black and 53% of Hispanic respondents reported the same fears.
  • Meanwhile, 34% of those surveyed who are lesbian, gay, and bisexual also consider the online dating ecosystem to be an unsafe environment.

Targeted Abuse of Online Daters

These communal perspectives are perhaps unsurprising. When you are using a dating application, you are exposed. LGBTQ+ users are easily detectable and searchable (either on broad-community or niche applications). Women seeking more control in their dating interactions will choose applications that offer this to them. At the same time, members of ethnic or religious minorities will gravitate to applications where most users are from their community.

Threat actors hostile to these groups can use group behavior to locate and isolate individuals. This is especially true, as following a successful interaction, users meet in person and often can be persuaded to reveal personal information. Take LGBTQ+ users as one example of a group vulnerable to violence, intimidation, blackmail, and extortion threats. In other types of targeted abuse, child predators use dating platforms to seek out and target single mothers to gain access to their children.

ActiveFence tracks the off-platform, dark web sources of chatter where these predators share information and advise each other on identifying potential victims on specific dating applications and gaining access to the children.

Other threats involve soliciting and non-consensual sharing of nude images from legitimate users. Here again, networks of threat actors work together to coordinate the acquisition of these images, which are then shared, traded, or sold in dedicated forums. This sharing of non-consensual intimate images (NCII) often targets specific individuals or groups based on characteristics or personal relationships.

Threats from Fraud

Users are not only concerned about physical threats and the risks from the increasing numbers of inauthentic accounts active on the platforms – 50% of users polled think fake accounts are created for scamming.

The industry supplying such accounts is highly sophisticated and ever-developing. Fraud vendors are finding novel ways to create or otherwise gain access to accounts that appear legitimate, selling accounts and methods to bypass the platform’s moderation systems.

These fake accounts are leveraged for multiple purposes, two examples of which are eWhoring and PII and credit card fraud. Both malicious activities use attractive aliases to direct users off-platform to commit fraud.

  • eWhoring is conducted by creating an attractive alias, providing only a link to a social media account as contact details. When legitimate users attempting to contact these individuals move to off-platform spaces, these fraud actors use the promise of a date or sexual content to convince their victims to reveal their PII, bank account details or willingly transfer funds.
  • Fraud and PII dating scams are conducted by directing victims to third-party websites that use brand names and logos to appear as legitimate dating applications. These websites prompt users to provide personal details using fake registration schemes while allowing fraudsters to access this information. These fraudulent schemes are often targeted at minorities, taking advantage of user fears about safety for online dating.

A thriving APK Mod market compounds these threats from inauthentic fraudulent accounts. Here fraudulent developers sell what appear to be premium versions of dating applications that allow fraudsters to expand their on-platform reach: moving geolocation, increasing the visibility of their profile, and maximizing the number of matches they receive.

Weakened Platform Trust Harms User Retention

The core challenge is to protect users from harm.

However, the indirect consequence of threat actors stalking dating platforms with impunity is weakened trust and weakened user retention. If a platform gains a reputation as being unsafe, its users will migrate to those platforms that feel secure.

Anticipate & Mitigate: Proactive Approach to Safety

The challenge of moderating the millions of daily on-platform interactions seems almost impossible without damaging user privacy. The challenge is to be proactive, rather than reactive to harms already carried out.

Threat actors, like the daters seek to harm, self-identify, and segment.

They cluster in online communities to share their targets, tactics, and tools. Homophobic, racist, or misogynist online community members share their conquests for communal validation and coordinate abusive activity in advance, even sharing the collateral they will deploy.

Those seeking to perpetrate fraud and other inauthentic malicious activities against users similarly gather in forums and chatrooms to discuss the latest tactics, techniques, and procedures (TTPs) to bypass platform security and target users.

In both instances, access to an advanced proactive intelligence-led solution will allow Trust & Safety teams to understand how and where the next threat will come. With the foreknowledge, teams can take action to block files before they are shared, accounts before they are engaged, and harmful terminology in real time. As fraudulent harms develop, they can patch code to prevent APK Mods from successfully bypassing security and strengthen existing mechanisms.

ActiveFence and the Online Dating Association are pleased to partner and work together to develop best practices and share industry knowledge to promote online safety for all users of dating platforms online.