Cyber Security
Photos of abused victims used in new ID verification scam
Published
3 years agoon
By
GFiuui45fgScammers are now leveraging dating apps like Tinder and Grindr to pose themselves as former victims of physical abuse to gain your trust and sympathy and sell you bogus “ID verification” services.
BleepingComputer came across multiple instances of users on online dating apps being approached by catfishing profiles who ask these users to prove that they are not a former sex offender by buying these services.
Editor’s note: some readers may find the content of this report distressing but ongoing scams like the one outlined below prompted BleepingComputer to report on this case, to caution everyone.
Users approached by bruised, “beaten up” victims
In what can be described as one of the most wicked catfishing schemes out there, users of dating apps such as Tinder and Grindr are being approached by attractive-looking profiles.
Except, in these cases, as the conversation progresses, this good-looking person claims they had been a victim of physical assault and abuse; that an ex-date beat them, and shares disturbing pictures attesting to the claim.
One of the people to have almost fallen for the scam, Michael (pseudonym) approached BleepingComputer with these pictures.
“I almost fell victim to a uniquely cruel catfishing scheme,” Michael told BleepingComputer.
Michael had created a Tinder profile and matched with a “beautiful trans woman,” in his words, and the two seemed to have hit it off quite easily.
As the conversation picked up, a new striking detail emerged. The woman Michael was chatting with requested him to use a third-party service to verify that Michael was not a former sex offender.
The woman, rather the person behind the profile, claimed that she had been assaulted before and shared some distressing pictures shown below to urge Michael to go along with the request. It should be noted that BleepingComputer blurred some of the images below due to their graphic nature.
The request was simple—for Michael to navigate to a website called “GDAH” (Gender Discrimination and Harassment Safety Global) and verify his details.
The home page of gdahglobal.com, which is still up states, “it only takes your little time for your guaranteed safety and security,” as seen by BleepingComputer.
The website is largely a landing page with just ‘register’ and ‘sign in’ buttons—the social media icons present in the footer lead nowhere:
Moreover, the registration process requires users to provide their credit card details and pay a nominal $1.99/€2.99/£2.99 fee to sign up for an account.
The “GDAH” service claims to run the user’s identity against known registered offender databases, but it is unclear if they actually perform this service as you are forced to enter payment information before being able to log into the site and learn more.
BleepingComputer attempted to make contact with GDAH but we did not find contact information listed on any of the website’s pages.
We additionally tried to trace some of the couples featured in the ‘testimonials’ section.
A reverse image search led us to stock photos [1, 2], of these couples, indicating these testimonials were fake.
Over six dozen domains, link to a Cyprus office address
Further investigation by BleepingComputer led us to discover several user accounts that were approached in a similar fashion on Grindr and Tinder by “victims” claiming to be “beaten up” by their dates.
We also came across dozens of domains, which are still up, that claim to be online safety and ID check services and charge users the same nominal amounts in a similar fashion.
While these websites may actually perform the advertised services, there is no proof or guarantee that they do, and many of them have no contact information listed, which can certainly breed suspicion among users who are being led here by these dating profiles.
againstcrimeprotection.com
almiglobal.com
anti-sexualviolence.com
antioffenseprotection.com
antiviolencesecurity.com
arrangementagainstabuse.com
crimeprevention-arrangement.com
datesafeplaysafe.com
dating-evaluation.com
datingabuseawareness.com
datingagainstcrime.com
digitalidentityagreement.com
endcrimeadvocacy.com
endviolence-againstwomen.com
fbdatingsafezone.com
fbsafezone.com
gcybs.com
gecampaign.com
global-assistanceforwomen.com
global-awareness.online
globalavoidance.com
globalhumanrights.online
globalprotection.online
glonsa.com
harassment-awareness.online
harassmentawareness.com
hookupsecurity.com
hunandfun.com
inclusive-sanctuary.com
internationalwomensprotection.com
intl-datingprotection.com
ioafsa.com
irenicmatches.com
ivprotection.com
ligtas-kadito.com
meetsafeperson.com
meetsafetyperson.com
meetupprotection.com
multiosa.com
multiracialpro.com
onlinecrimeprevention.com
onlinedatingapproval.com
osecag.com
postidverifier.com
protection-worldwide.com
public-awareness.online
safety-dating.online
seturdate.com
social-protectionforwomen.com
sshcampaign.com
touchofgoddessmassage.com
vafinternational.com
violenceadvisory.com
welfare-authentication.com
women-protection.com
worldwidesafetyadvisory.com
wssp-ghr.online
One concern that arises among users is, if these websites may not only scam you for money but would also steal your identity.
Reddit user raoulduke512 stated how they were approached by “someone who was ‘beaten up’ during his last Grindr encounter, supposedly,” and led to one of these services.
“When I asked about it being a scam, I noticed his English suddenly became odd in a non-standard way. When I pointed out the site was just a portal for credit card info, I think he started to type another response but then blocked me a few minutes later,” wrote the Redditor.
Another user reports receiving “a text message from a ‘girl’ sending me this link [datesafeplaysafe.com] to be able to ‘hookup’ with her.”
Nearly all of these websites with many still up, implement the same workflow and lure—a single landing page collecting credit card details to “sign up” the user for a service that claims to rule out their sex offender status.
Dodgy “membership” options and billing agreements
The credit card form embedded by virtually all of these websites is actually an HTML iframe, as a Redditor rightfully pointed out.
These frames, we observed, are served by nonsensical-sounding domain names like ndwhvl.com, ntrfrnc.com, pcngyh.com, slmtstfrs.com, and vrlstnglv.com which feature an identical site design and list a Cyprus office address at the bottom.
The terms and conditions listed on these payment processing websites reveal something even more interesting. The user is apparently being enrolled into a recurring subscription with the following membership options:
- Full Access (€39.99) This allows you full access to the site and all messaging
- Limited Messaging Access (€19.99) This membership allows you to browse the site but only message 5 times per month
- Premium Messaging (€49.99) This allows you full access to the site and premium messaging
- Quarterly Membership, Full Access (€89.97) billed in 3 equal monthly installments of (€29.99) This allows you full access to the site and all messaging for 3 months at a discounted rate.
As such, with rising online dating scams, users should be wary of profiles trying to lure them to use identity verification services, no matter how convincing their story may sound.
There is no indication of what the operators of these websites are actually up to. For all we know, in addition to charging your credit card arbitrary amounts by enrolling you into “subscriptions,” some of these web portals could very well be set up by actors attempting to collect and sell your personal information.
When approached by a scammer or a dubious profile, follow the steps set out by Grindr and Tinder to report the suspicious user to the platform.