CYBERSECURITY | Beware of doxing on dating websites

Doxing is the act of sharing or revealing private information (mostly about a person) to the general public, with the intention of bringing harm or shame to the person.

Dating websites have become indispensable tools for social and romantic interactions. Although users of these site should be wary of one thing: “doxing”

According to cybersecurity firm Kaspersky, almost all dating websites are safe, but there are a few basic rules that users should follow so they won’t fall victim to doxing.

“Doxing is the act of sharing or revealing private information (mostly about a person) to the general public, with the intention of bringing harm or shame to the person,” said Tatyana Shishkova, security expert at Kaspersky. “Dating websites often allow persons to reveal private information such as names, the companies or places they work for, the school they go to, etc. Information may come from the users, the user’s “friends” or from the dating website itself.”

These sets of information, once released in public, now pose danger to users.
Shishkova doxing could do harm, as the information could be used for such harmful practices including cyberbullying, online stalking and stealing of account credentials.

The security expert said dating websites have grown so huge that Tinder — perhaps the most popular of all dating websites — recorded an eye-popping 3 billion swipes in a single day in March of last year. OkCupid, another popular dating website, reported a huge 700-percent increase in “dates” in the period of March to May, also of 2020.
Interestingly, Kaspersky has conducted an in-depth study of popular dating websites to gauge how safe these websites are. This current study is actually a continuation of a similar study conducted in 2017.

Kasperksy said when compared to their previous research in 2017, current dating apps and websites have become safer.

This is based on a technical standpoint, particularly when it comes to the transfer of data, Kaspersky said.

For their research, Kaspersky analyzed nine popular and highly rated dating apps with global user bases: Tinder, Bumble, OkCupid, Mamba, Pure, Feeld, Her, Happn and Badoo.
What they found was that, when compared to 2017, while dating apps have become safer from a technical standpoint, major privacy risks remain.

In 2017, four of the apps studied made it possible to intercept data sent from the app, and many used the unencrypted HTTP protocol. However, in 2021, the situation has significantly improved. None of the apps studied use HTTP, and no data is sent if the protocol is not secure.

That said, significant privacy concerns remain with dating apps. Most dating apps allow users to register their account with one of their social networking sites (Instagram, Facebook, Spotify, etc.). If the user chooses to do this, then their profile is automatically populated with information from that social networking site, such as photos and profile information. Users are also invited to share information such as their place of work or university. All of the aforementioned data makes it easy to find dating app users’ social media accounts, and depending on their privacy settings on those accounts, a host of other personal information.

In addition, apps like Happn, Her, Bumble, and Tinder make it obligatory for users to share their location. Some apps, like Mamba, share the distance of users to the nearest meter. Happn has an additional functionality that lets users see how many times and in what locations their matches have crossed paths with them.

Access to data such as users’ location, place of work, name, contact information, etc., leaves them vulnerable to cyberstalking or even physical stalking, as well as doxing (whereby previously private information is made public in order to shame or harm the victim).

What’s more, Mamba is the only application that lets users blur their photos for free, and Pure is the only one that prohibits users from taking screenshots of chats. This makes it possible for users to have their chats and photos shared without their permission, potentially for blackmail purposes or doxing.

However, many apps have been adding paid versions, and these include additional choices — often choices that could enhance users’ security. For example, in the paid versions of Tinder and Bumble, you could manually choose your location to a specific region. Since only a region is available rather than a specific distance, it’s much harder to determine a user’s exact location. And some paid versions of apps, like Happn, offer users an “incognito mode,” whereby users could hide their profile from those they haven’t swiped right on and strangers.

“It’s always challenging to find a balance between building a digital presence and maintaining your privacy online, and the shift to online dating creates yet another area where users have to determine the best way for them to forge connections while protecting their security,” Shishkova said. “Thankfully, what we’ve seen over the past few years is that dating apps are moving in the right direction, letting users connect more safely. They’re working to keep the data secure, and, in the paid versions of many of the apps, users could do things like manually specify their location or blur their photos. Hopefully, in the future, these options would be available in all apps for free. The best thing users could do to stay safe is to be careful about the data they’re sharing about themselves, both on their dating profiles and in conversations.”

So how do you stay safe? Shishkova recommended a few tips including limiting or not sharing too much information (name, employer, political views, etc.); not linking or tying up other social media accounts to your profile; and a two-factor authentication.

Leave a Reply

Your email address will not be published. Required fields are marked *