"I don’t think there’s such a thing as love, you know, romantic love. It’s something we tell ourselves, maybe to feel better,” a teary-eyed Kritika says with a smile. She has just logged out of her third online appointment with a therapist who is helping her deal with a “romance scam”.
It started in November. Kritika, who doesn’t want to share her full name, was not looking for love. Past relationships had left her bitter. She enjoyed the single life, busy with house parties and piles of work as an architect at a Delhi firm. But friends insisted she try a popular dating app. “You are 37. We are in the middle of a pandemic. You have needs. Make a BF!” they joked. By the end of the month, she was on three apps, swiping left more than right.
On a chilly Tuesday night, after closing the office laptop, she began checking one of her profiles. Five minutes of mindless scrolling later, she saw something “worse than the worst nightmare”. A profile with her name, photo, and a bio that went: Available to meet anywhere, anytime. She remembers it like it was yesterday. The account had only one post, a photograph of a scantily-clad woman, face blurred, captioned “Wanna b frnds?”, with Kritika’s cellphone number. She froze.
It was 1.03am. Who could she call for help? Who was behind it? The potential The One with kind eyes with whom she had shared her mobile number too soon? The 20-something wannabe singer who described himself as “mature for his age” and was connected with her on other social media platforms? Then her WhatsApp started buzzing. Over 100 nudes within minutes—all from unknown numbers. She called a close friend in Mumbai, reported the profile to the dating app platform, and deleted all dating apps from her phone. By morning, the messages had stopped. A week later, she reached out to a therapist.
“I haven’t been able to sleep well since that night,” says Kritika, who did not tell her parents about the incident. Nor did she go to the police. “The nightmares don’t stop. Maybe I am overreacting; it was just one night but I can’t stop thinking about it. What if somebody is watching me? How could I be so careless about my privacy? How could I trust strangers so easily?”
The pandemic has exacerbated our sense of isolation and loneliness, prompting more people to try out dating apps. Many are looking for that special someone to share their life with, others are looking for casual hook-ups. For some, it’s like a shopping app, liking and rejecting. For others, it’s just a way to pass time till “real life happens”. Small wonder then that the dating apps we spoke with for this story reported a spike in user count over the last two years.
The desire for companionship and connection, however, has made people fall for a most 21st century crime: the online romance scam. It’s a classic trick from the thief’s handbook: Seduce someone with words honey-glazed enough to make them do irrational things. This can encompass a wide range of crimes, from fake profiles to identity theft and online impersonation. In recent years, users around the world have lost billions to romance scammers—some do it for the money, while others feed off the thrill in committing a cybercrime. Some have even ended up paying in cryptocurrency. Others have suffered emotionally.
Deepak Raj Rao, assistant professor of computer forensics at the LNJN National Institute of Criminology and Forensic Science in Delhi, has a theory about how online criminals pick a target. “They look mostly for those above 35, the ones who are in their second innings, the divorced, widowed, the ones who are more actively hoping to find someone and therefore, more likely to overlook the red flags. The other common thread is that they quickly move the conversation from a dating app to WhatsApp or regular texts.”
For the past two years, Rao, who has been studying the phenomenon for a decade, has been actively “looking for a partner” on dating apps in an attempt to study how romance scams unfold and why scamsters behave the way they do. “There has been a 60% rise in scams since 2020,” he says. “The pandemic has made people more desperate for love, and definitely more gullible. Even the best AI (Artificial Intelligence) or ML (Machine Learning) tool can’t keep you safe then.” But the apps, he adds, need to do much more “simply because today’s criminals can access all kinds of information to crack a code”. Not all profiles on dating apps are even verified.
The rise in scams
Today India is the world’s largest revenue market for dating apps after the US, with a tag of $323 million (around Rs2,400 crore now) in 2020, according to market and consumer data company Statista. According to a new report by the US Federal Trade Commission (FTC), romance scams hit record highs in 2021, with people sending $547 million to such scammers. The numbers have been growing. In the last five years, a staggering $1.3 billion is reported to have been lost to romance scams. It found that the largest reported losses to romance scams in 2021 were paid in cryptocurrency: $139 million.
Four months ago, global cybersecurity company Sophos released research on an international cryptocurrency trading scam, code-named CryptoRom, that targeted iPhone users worldwide through popular dating apps.
There’s no India-specific data. One reason is that many are either too ashamed to confess to having fallen for such a scam, or just don’t care enough to go through the process of reporting to the dating platform and cyber cell helpline.
In August last year, cybersecurity company Kaspersky found that 34% of Indians had never used dating apps because they were afraid of scammers—a legit concern considering cybercrime shot up 500% during the pandemic. The findings were part of a global survey of 18,000 people. Around 27% of the Indian respondents said they had already been targeted by cybercriminals. Catfishing, malicious links and attachments, and identity theft were the top crimes.
Nevertheless, says Bumble’s India communications director, Samarpita Samaddar: “Since the onset of the pandemic, there has been a surge in virtual dating. Our recent study shows 39% of single Indians surveyed have tried a video date as their first date in 2021. In fact, the most popular reason why single Indians surveyed enjoy virtual dating is because it feels safer than meeting up with someone in person for the first time (48%).”
The increasing comfort with the virtual world is both heartening and unsettling. What is needed to ensure security? Are dating platforms not doing enough to ensure user privacy, are people more vulnerable, or has the scamster become smarter?
It’s a little bit of all three, believes Rao, who has been noticing the patterns and has himself been a target of money-related scams twice. Once, he says, a woman asked him to send nude photos “for a romantic virtual meeting”. Clearly, the aim was blackmail because he was blocked after he refused. In another instance, a soft-spoken single mother asked him for Rs80,000 three months after bonding with him by providing intimate details of her painful divorce, the difficulties in raising children alone, etc. “Even her LinkedIn profile was solid. It had all the information she mentioned—her education, the company she worked at, the photos,” says Rao. “It was all a scam. They are such good actors,” laughs Rao. He was blocked after he refused to pay.
Researchers at US-based cybersecurity firm NortonLifeLock discovered similar patterns while studying how cybercriminals work on dating apps. Ritesh Chopra, the director of sales and field marketing for India and SAARC countries, explains the formula: “After establishing a target, they engage heavily. They adapt their story to draw empathy and quickly attempt to isolate the target from family and friends with the goal of accessing their assets.” It’s important to be careful with the information you share on your dating profile, he warns, adding that “scams using online dating apps have become a growing concern”.
Unicorns are mythical
R. from Chennai ticked all these boxes as a potential target: 45. Divorced. Keen to marry. And he chose to ignore red flags from the beginning. There were many: The “unicorn” (good-looking, well-educated, accomplished—essentially someone perfect enough to find a partner easily) gave him her number in the first message on a matrimonial site. The unicorn’s English in her WhatsApp texts was terrible for a US-educated marine engineer. She kept refusing video calls because she said she was on a cargo ship to Australia. “I could sense something fishy from the beginning since girls don’t share numbers so easily. But I don’t know what happened to me. I had this weird hope that she could be The One,” he says. How could he not be empathetic when she talked about her parents dying young and about her grandmother raising her single-handedly in the US?
After a month of knowing each other’s waking hours, dinner timings and daydreaming about travelling together, the “unicorn with a slender frame, big eyes and long hair” made the key move. “I am stuck at customs in Australia. Can you send me $20,000?” R. blocked her. “I generally don’t trust people so easily in real life but here I slipped. Very strange, no?”
It isn’t. The desire to find that special someone with whom you want to share everything at the end of the day can be strong enough to ensure you lower your guard.
Like Kritika, many who have been scammed end up blaming themselves for trusting too easily. Looking for love can be a fraught, anxiety-ridden endeavour, though the pain of past relationships ensures your defences are up most of the time. Yet, romance scamsters are skilled in piercing any armour with the right play of words and gestures, even painting themselves as vulnerable. There’s enough research to show that romantic feelings make a person feel euphoric, on a high, leading them to make decisions they otherwise wouldn’t.
In the altered reality of the online world, however, the risks can be global and the damage, deeper.
The thrill of the chase
Money is not the only driver for a cybercriminal. Some even do it for a kick, points out Rao. “It becomes a fun game for them.”
Manoj Sharma, coordinator, at the Bengaluru-based National Institute of Mental Health and Neurosciences’ SHUT (Service for Healthy Use of Technology) Clinic, explains the science: “It’s the issue of the learning phenomena. Through fake profiles, people’s habits get reinforced, by getting into a relationship. Since there is successive reinforcement for their behaviour, they get into a habitual pattern of making fake profiles.”
Echoing Rao’s thoughts, Sharma adds: “There are people who look for novelty or thrill in making a fake profile and using it for any purpose. That need for thrill or novelty takes away the feeling of risk that they are committing a cybercrime.”
Ravi Mittal has come across many such risk takers while building QuackQuack, one of India’s first home-grown dating apps that has a user base of over 13 million. One of his friends, twice divorced, decided to call a number on a girl’s dating profile the moment he saw it. The result: His inbox was bombarded with texts from escort services. “Any match-making business can only run successfully if they offer the user a sense of security,” Mittal says. “Technology can only help to an extent in gauging who’s genuine and who’s a fraud. Honey traps are definitely difficult to detect. Users have to be more aware of how they operate on these platforms.”
On QuackQuack, which added five million users last year, at least 500 profiles are suspended daily on the basis of AI and ML. “Often there are numbers in the profile pictures, no names, email IDs don’t seem quite right—AI and ML help us find these,” says Mittal, explaining their security strategy. He has a team of six that monitors new profiles and checks and instantly bans profiles that users report. “There’s also a section within the app that educates users on things they need to be careful about—like not revealing too much information early in a conversation, and being wary of those who share numbers easily.”
Most apps offer similar resources. In 2021, Tinder, described as India’s most popular dating app, launched its in-app Safety Center, which provides Indians tips on dating safely, educational resources, as well as a list of local NGOs and hotlines offering support in case they need it. There’s a harm reduction tool within the app, Does This Bother You?, which provides instant technical support to members when harmful language is detected in a message they have received—you can report the user for inappropriate behaviour.The platform has also committed to making ID verification available for users around the world, a feature first rolled out in Japan in 2019.
2021 was the busiest year in the decade-old app’s history. There were 19% more messages, 32% longer conversations, 11% more swipes and 42% more matches per Tinder member. It was “an interesting year” for the platform and users, for whom “the need to connect became more urgent”, says Papri Dev, senior director, APAC communications lead at Tinder Inc. “Artificial Intelligence and tech will play a big role going forward as dating apps innovate further from a safety point of view,” Dev says, explaining how the platform has made its reporting process more “empathetic”.
“We worked with RAINN (the Rape, Abuse & Incest National Network, an American anti-sexual assault organisation) to ensure that a person was being walked through the process, and that they have the ability to go back and forth (in the reporting process) and say that this particular part of the message really made me uncomfortable. It is really important to ensure that reporting (another user or an incident) can happen right there and then.”
Bumble, considered more women-focused, too added another safety shield last year. In March, it launched a safety guide that equips women to understand and recognise common types of online harassment and suggests how to combat cyber stalking, online impersonation and flaming (trolling or using abusive language).
Like others, Bumble also leverages AI to alert users that they have been sent an unsolicited nude image. It’s then the user’s choice to delete, view or report the image.
In the middle of last year, when cybercrimes were on the rise across the world, Kaspersky released a report that looked at the security features of nine global dating apps, including Tinder, Bumble and OkCupid. It concluded that while these apps had improved from a security standpoint, they still posed a “significant risk” of exposing too much personal information about users. It left them vulnerable to threats like cyberstalking and doxing (revealing personal information without consent, including their full name, home or office address, phone number).
Criminals are so tech-savvy that you don’t even have to be on a dating app to get trapped. Take the example of Priya Sharma, a 25-year-old Delhi resident, who learnt from a friend that her Instagram photographs were being used for a Tinder profile. Sharma wasn’t even on the dating app. Someone had assumed her identity on the platform, a classic case of online impersonation. “This profile had pictures from my private Instagram account, was using a fake name and said I was studying at a private university,” says Sharma, who works in the publishing industry. “I immediately put up a story on my Instagram account so that everyone else could report the profile. I also reported this to Tinder but before anything could happen, the profile vanished.” Sharma could never find out who the perpetrator was.
For those from the LGBTQ+ community, romance scams pose an even bigger challenge. P., a 31-year-old from Mumbai who was born a man but identifies as a woman, was looking for a casual romance when she met S., supposedly a doctor, in January 2021. A familiar pattern followed: They met on a leading dating app, spent a week getting to know each other on texts and then moved to phone calls, often lasting over an hour every day. “It became seductive,” says the Mumbai resident. S. then asked P. to share some nude pictures. P did. An hour later, P. got a call from S.: “Give me Rs10,000, else I will tell everyone your true identity.” P. did. She never told anyone about the incident, and swore off dating apps.
Such threats are more common for people in the queer community, says Sunali Aggarwal, who started As You Are, a matchmaking app for the LGBTQ+ community, at the start of the pandemic to address such concerns. At present, it has over 2,500 users across India. The platform rejects 80-100 profiles daily on the basis of misinformation and their apprehension that these might belong to cybercriminals. “Being queer is still a taboo here. A lot of people are not out, especially because of professional reasons, which makes them more vulnerable,” says the Chandigarh-based entrepreneur.
“A dating platform is like an e-commerce place, you need to see the photo before buying. Pictures are certainly important but they can also be misused, so it’s important for users to be more careful. We can check the factual stuff but we can’t be responsible for the emotional connection you establish with someone,” says Aggarwal.
The issue of trust
It’s hard to imagine that in a busy world where we have become more cynical and selective of whom we spent our waking and sleeping time with, people like Delhi’s Krithika, Chennai’s R. and Mumbai’s P.—all successful professionals with a support system—have fallen prey to the tricks of cybercriminals. “It’s the pandemic,” says Sharma of Nimhans. “The chaos of the virus has led to an increase in the need for companionship. Apps have definitely helped some overcome social isolation. But there’s always a downside to technology.”
Rao insists that people need to speak up when they have had bad experiences. “Ideally, it should be reported to the police. Users have to be really smart while navigating these apps. And it pushes the dating platforms to do better. You can’t just give verification ticks to profiles and assume they are safe. Some apps expect you to click selfies and they authorise you on the basis of it. I can click anyone’s photo and put it. No one will know I am a criminal,” he says. “Some framework has to be introduced and followed to make things better.”
Not sharing the bad experiences can also take a toll on mental health. “They either don’t share or disclose it very late and carry a lot of distress and psychological burden because the cognitive process remains. They wonder why they made a mistake, and all this eventually starts affecting their daily life,” Sharma explains.
Kritika is still struggling to come to terms with what happened in November. She has managed to finish only one work assignment since; she used to do two in a month. She shut down her social media accounts and doesn’t feel comfortable stepping out alone at night. Her interactions with friends have come down, her self-confidence has taken a hit. “You know, I was not looking for love then, but then I found someone whom I thought could be The One. And then that whole thing happened. It’s okay if I don’t find love ever again, but trust… I don’t think I can trust anyone again.”