PartnerLeak scam site promises victims full access to “cheating” partner’s stolen data
2024-9-12 22:54:49 Author: www.malwarebytes.com(查看原文) 阅读量:3 收藏

Earlier this week, we reported on a new type of scam that tells you your partner is cheating on you. However, we hit a dead end because we were unable to get hold of an original copy of the email.

That was until the scammers were “kind enough” to send one to one of our co-workers.

your partner is cheating on you and we have proof
your partner is cheating on you and we have proof

“Hi (target’s name],

[Partner’s name] is cheating on you. Here is proof.

As a company engaged in cyber security we’ve found information related to [partner’s name] that might interest you.

We made a full backup of [his/her] disk. (We have all [his/her] address book, social media, history of viewing sites, dating apps, all files, phone numbers, and addresses of all [his/her] contacts) and are willing to give you a full access to this data. For more details visit our website.”

With this, we were able to investigate the scammers’ intentions.

All three of the links in the email (Here, website, and Check now) point to the same website. Through a landing page located at click[.]cardfoolops[.]com visitors are redirected to partnerleak[.]com.

The partnerleak[.]com domain was registered on August 1, 2024, with NameCheap anonymously. Anonymous registration doesn’t automatically mean the person registering is up to no good, but it did block us from researching this avenue any further.

The registration date, however, matches with the first complaints we started seeing about these emails.

Malwarebytes blocks partnerleak[.]com
Malwarebytes blocks partnerleak[.]com

During the redirection process, your email address is passed on, which means when you register at the site your email address is already filled out.

Email address is transmitted and pre-filled
Email address is transmitted and pre-filled

The PartnerLeak site itself says it offers anonymity, as well as “crucial insights” into the behaviour of the one you love.

“completely anonymous service leverages artificial intelligence and the vulnerabilities of popular smartphones to provide crucial insights into your partner’s behavior.”

website partnerleak part 1
partnerleak website part 2

Are You Concerned About Your Partner’s Honesty?

If you’ve decided to take a leap into a relationship but find yourself questioning your partner’s honesty, or if you’ve been together for a while and something feels off, we have a solution for you.

Our Service

Our completely anonymous service leverages artificial intelligence and the vulnerabilities of popular smartphones to provide crucial insights into your partner’s behavior. Here’s how it works:

Data Backup Access: You can download a backup from iCloud or Google, which includes:

  • Device location tracking
  • Movement history with timestamps
  • Correspondence from popular messaging apps like Telegram, WhatsApp, and iMessage
  • Photo and video materials stored on the smartphone

Social Media Analysis: Utilizing AI and extensive data, our service can:

  • Check user registration and analyze behavior on platforms like Facebook and Twitter
  • Investigate activity on popular dating apps such as Tinder, AdultFriendFinder, Hinge, and OkCupid

This comprehensive analysis helps you verify the reliability of your potential partner based on criteria that matter most to you.

Commitment to Anonymity and Privacy

  • Anonymous Transactions: We prioritize your anonymity by processing payments through cryptocurrencies, ensuring that your partner will remain unaware of your inquiries.
  • Data Privacy: Your privacy is of utmost importance. We offer the option to permanently delete any data related to you from our system.

Take control of your relationship concerns today with our discreet and effective service!”

Nowhere on the site does it specify how much such an investigation would cost, but after registration you can start a search at which point it will tell you to top up your balance.

You don’t have free search. Please top up balance or try use different email.
You don’t have free search. Please top up balance or try use different email.

To top up your balance there are three payment options:

  • Credit card
  • Bitcoin
  • Ethereum

We checked the balances on the cryptocurrency accounts they provided and we are happy to report that those are both dead in the water. We can only hope that the PartnerLeak revenue from credit cards looks the same, although that is probably wishful thinking on our part.

An empty and inactive Bitcoin wallet
An empty and inactive Bitcoin wallet
An empty Ethereum account
An equally empty Ethereum account

Our investigation into where the scammers were getting the necessary information always pointed in the same direction: The Knot, a wedding services company.

However, we couldn’t find any breaches of its site or any tangible evidence that it was anything more than just a source of information. Like many other similar sites, it is easy to find a partner name on the site if you already have the name and email of the other partner.

But since many victims, including our co-worker, used The Knot’s services, we contacted them and received this statement from a spokesperson:

“We were notified of user concerns, and after investigation by our cybersecurity team, determined there is no evidence of unauthorized access to our systems.”

Regardless of where the scammers are getting their data, let’s keep their balance at zero and spread the word.

How to react to your partner “is cheating on you” emails

First and foremost, never reply to emails of this kind. That tells the sender that someone is reading the emails sent to that address, and will lead to them trying other ways to defraud you.

  • If the email includes a password, make sure you are not using it any more on any account. If you are, change it as soon as possible.
  • If you are having trouble remembering all your passwords, have a look at a password manager.
  • Don’t let yourself get rushed into doing something. Scammers rely on time pressure that leads to people making quick decisions.
  • Do not open unsolicited attachments. Especially when the sender address is suspicious, or even appears to be your own.

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.


We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.


文章来源: https://www.malwarebytes.com/blog/news/2024/09/partnerleak-scam-site-promises-victims-full-access-to-cheating-partners-stolen-data
如有侵权请联系:admin#unsafe.sh