Yesterday, I came across an interesting scam on a dating/contact site. I received a message from someone that contained this text
Hi! I find your photo on this site: http://tinyurl.com/m9e3xrt
This is your site ? You looking for new people… 🙂
Generally, in my experience, when people on sites like this (it’s GayRomeo in this case) send a message with a link, they are almost always a faker. They’re trying to persuade you to chat with them elsewhere, either to grab customers for another site, or to scam you; anyone who’s spent much time on sites such as these will be familiar with the huge number of messages from people in Ghana, for example, who seem ever so keen to find love in the UK. (Interestingly, a friend who organises academic conferences tells me they get lots of applications from Ghana for those too, so it’s not just dating sites. Nor, of course, is it just Ghana, or people pretending to be from there; other countries host scammers too, and the sender of this message claimed to be in Massachusetts).
So, of course, you want to know what happens when you click the link. Well, when the message was sent to me, it redirected to what appeared to be lfm.freehpsite.com, and it was indeed a photo of me, with a message above saying that I was looking for fun, and a link underneath to ‘View my private photo and video profile.’
Needless to say, I have neither, certainly not on such a shoddy looking page. So, what happens when you click the link? You get directed to a site called GayPartners.com, which I have never heard of before. It appears to be owned by a corporation based in the British Virgin Islands, operated by a subsidiary in Cyprus.
A closer look at the URL suggests that it’s an affiliate link:
And a quick search for details of the scheme suggests that the site may actually pay $4, presumably per sign-up, via an affiliate network called CPATrend.
So, I decided to look a little more closely. In fact, the address that the short link redirected to wasn’t just the freehpsite.com URL, unadorned as it looked in the screen grab. Typing the first part into my browser’s address bar revealed the full link I’d been sent to was
So, clearly the first parameter (p) is substituted in the page to give the URL of the image to display; I’m not sure what the second one does, as I couldn’t see anything else in the code that it seemed obviously related to. You can get the URL of one of someone’s images on GayRomeo (and many other sites) simply by right clicking. It’s a moment’s work to take that and create the fake short URL, which will make it look to many people as if their photo is being used by someone else, and they’ll naturally click the link.
Whether just doing that is sufficient to generate an affiliate fee from GayPartners, I don’t know; the victim may have to sign up, which I didn’t try doing, and though there certainly are paid subscription options mentioned in the terms and conditions, I don’t know if you can sign up without giving any payment details.
I must stress that I have no information to suggest that GayPartners themselves are in any way involved in what looks like a systematic attempt to lure users of GayRomeo to sign in to another site. I write this post purely to let people know how it’s done.
If you get sent a short link by anyone on a dating site, my advice is not to click it. And my advice to sites like GayRomeo is to tweak your servers so that members’ images can’t be included in other sites. That’s not foolproof, but it would mean that instead of a simple script, the scammers behind this would have to download each image first, and then host it elsewhere.
Published by Nigel
Freelance journalist since 1995, before that editor of Computer Buyer. I've written for many titles, including Personal Computer World, Computer Active, and Register Hardware. I also run the successful Toppy.org.uk site for users of Topfield PVRs.
View all posts by Nigel
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.