Christophe Haubursin, an independent journalist, explored a strange phenomenon happening on Tinder. He noticed that there are profiles that highly resemble each other—all but in name and the last photo featured on the account. Haubursin’s findings are a reminder to be cautious on the app.
“Could this final photo be signaling something to other people on Tinder?” This is the question Haubursin pondered upon in his short video about Tinder. The profiles would look generic at first—usually featuring attractive men. Then, the last photo on the account would be a strange billboard edit with a mismatched face, an AI sketch of a different person, or a classic painting with a seemingly random face fused.
Could these be bots on Tinder?
These accounts on Tinder are a dime in a dozen. Initially, Hauburain theorized that the accounts were merely run by bots. With AI now able to chat lengthily with people to a degree. According to Ronald, an associate of Haubursin, the random last photo may just be a “failing” of AI.
The app would have the incentive to keep users spending on the app by giving them their “ideal” matches. AI, after all, is known for mirroring what users want. There are even Instagram accounts dedicated to AI influencers. But upon further inspection, Haubursin found out that the photos used in the profiles—save for the suspicious, last photo—are from real people.
Possible pipelines to scams
Haubursin interviewed people who’ve matched with these strange profiles. These accounts would sweet-talk their matches, then attempt to move the conversation to WhatsApp. They would also start talking about cryptocurrency. Haubursin said that once these profiles were asked about the odd photo, they would often act defensive—some would even block users.
Because of this, Haubursin concluded that the strange behavior of the profiles points to “telltale signs of a romance scam.” Otherwise known as “pig butchering,” this form of scam starts with the fraudster building a romantic or trusting relationship with the victim. Then, the fraudster would encourage their victim to deposit in a false cryptocurrency platform. Once victims attempt to withdraw their funds from the platform, the fraudster disappears, often leaving their victims with no recourse.
Another independent journalist, Andrew Fraser, went to one of these scam hubs in Sihanoukville, Cambodia. Fraser met with two people who managed to escape scam centers. One was kidnapped off the road, and the other was lured by a promise of a lucrative job offer from a neighboring country. Both were essentially victims of human trafficking and were forced to work at the scam center. Failure to comply often resulted in torture, and at worst, death.
How are scammers bypassing security measures?
The next question Haubursin explored is how are scammers able to bypass verification methods? What makes the Tinder profiles legitimate is the small, blue check icon right beside the name of the person. Even the supposed scam accounts had the blue camera icon.
The icon is from a face verification system. It was created by FaceTec, a facial recognition security company that also caters to the US Department of Homeland Security. Haubursin found that according to FaceTec, users can be granted a blue camera icon so long as a scanned face matches “a photo.” Therefore, it means just one photo—it doesn’t have to be all photos, giving leeway for scammers to still use the other photo slots to deceive.
Because of this, Haubursin decided to test his hypothesis on Tinder. He decided to create an account using photos of a random person. But for the last photo, he inserted an altered image of himself—just like in the suspicious accounts. In less than a day, Haubursin’s fake profile was approved.
He repeated the test and created multiple accounts through the same method, and all of the accounts bypassed Tinder’s verification system as well. Haubursin recreated the experiments on Hinge and Bumble, and the results were different. Hinge also often accepted the one, oddly edited photo for verification. But compared to Haubursin’s Tinder success, Hinge was more sensitive when scanning the one profile photo. Therefore, some attempts on Hinge failed.
But then, Haubursin tried Bumble, and only one scam photo passed its verification test. Moreover, Bumble’s protocols are stricter, as its system deletes other photos that don’t resemble the person from the verification process.
Tinder has to do better
Bypassing security measures should never be as easy as how Haubursin did it. For a company that requires liveness checks, it fails to give people the necessary protection against possible scams. As the world’s most popular dating account, Tinder simply can’t afford to be lax where its consumers’ safety and security are concerned.
But for now, Haubursin’s findings are a reminder that even in the search for genuine connection, it will always be best to reserve caution.
(featured image: cottonbro studio)
Have a tip we should know? [email protected]
