Dating spam sedating racoons
In Happn for Android there is an additional search option: among the data about the users being viewed that the server sends to the application, there is the parameter fb_id – a specially generated identification number for the Facebook account.
The app uses it to find out how many friends the user has in common on Facebook.
We studied the following online dating applications: By de-anonymization we mean the user’s real name being established from a social media network profile where use of an alias is meaningless.
First of all, we checked how easy it was to track users with the data available in the app.
We’re talking here about intercepting and stealing personal information and the de-anonymization of a dating service that could cause victims no end of troubles – from messages being sent out in their names to blackmail.
We took the most popular apps and analyzed what sort of user data they were capable of handing over to criminals and under what conditions.
The attack is based on a function that displays the distance to other users, usually to those whose profile is currently being viewed.
Even if the Wi-Fi traffic is encrypted, it can still be intercepted on an access point if it’s controlled by a cybercriminal.
The Paktor app allows you to find out email addresses, and not just of those users that are viewed.
All you need to do is intercept the traffic, which is easy enough to do on your own device.
Some apps only allow users with premium (paid) accounts to send messages, while others prevent men from starting a conversation.
These restrictions don’t usually apply on social media, and anyone can write to whomever they like.
The information extracted from it also helped us establish real names: many people on Instagram use their real name, while others include it in the account name.