With Valentine’s Day celebrated around the world, today is a day full of love and joy—especially for those in committed relationships. People around the globe are celebrating their relationships by sending flowers and chocolates, enjoying fancy dinners, and writing love notes in greeting cards. Unfortunately, not all relationships are legitimate, and not everyone sees today as a celebration of love.
In fact, the Agari Cyber Intelligence Division (ACID) has been tracking a Nigeria-based cybercriminal organization we’ve named Scarlet Widow since late 2017, and today we released a report their tactics, including how they target vulnerable populations via romance scams. To date, we have fully identified three Scarlet Widow actors who top the group’s hierarchy, all of whom currently reside in Nigeria. Through extensive research and analysis, we have been able to connect these primary actors to specific scams and personas.
Scarlet Widow creates these fake personas, including the very successful “Laura Cahill,” a supposed Texan model working in Paris, on large dating websites like March, eHarmony, and OKCupid. But what makes their model different than others is the fact that they also target more specialized relationship seekers on sites like Dating4Disabled.com, FarmersDatingSite.com, and DivorcedPeopleMeet.com. This is likely due to the fact that Scarlet Widow believes that these populations (individuals that are disabled, divorced, or live in rural areas) are more vulnerable, and thus easier to con out of money.
Once “Laura Cahill” or another one of their successful personas receives a response from someone, the scammer engages with the potential victim—talking about her faith in God and the importance of trust in a relationship.
Eventually, Scarlet Widow sends an email asking for money, in this case, so Laura can leave her modeling position in Paris and travel back to the United States to meet the victim. Unfortunately, once victims send the money, Laura’s plans (unsurprisingly) fall through and she continues to come up with excuses for why they can never meet, all the while continuing to ask for money. Our report dives deep into one case study of a man named “Robert Blackwell,” who was conned out of more than $50,000 before Scarlet Widow stopped responding to his emails.
As Scarlet Widow became more advanced in their tactics, they eventually switched from romance scams to business email compromise—a move that resulted in additional money at a fraction of the time invested in the con. Later this month, we will be releasing a second report on Scarlet Widow that explores the group’s transition to BEC scams and how they launder their illicit proceeds through online services.
Learn more about how romance scams work by downloading Scarlet Widow: Breaking Hearts for Profit.