Check Point Research reported a sharp early‑February surge in Valentine’s‑themed malicious domains, fake e‑commerce shops, and phishing pages, citing hundreds of new potentially malicious Valentine domains and an increase in gift‑card, fake‑package, and digital‑card lures. The advisory warns these campaigns harvest credentials and payment data at scale.

On Feb 11, Check Point Research published findings showing a pronounced seasonal spike in Valentine’s‑Day themed cybercrime activity. Researchers detected hundreds of newly registered domains and storefronts purporting to sell gifts, digital cards, or package tracking services that in reality host phishing pages and credential‑harvesting forms. The analysis breaks down common lures—discounted gift cards, fake logistics notices claiming undelivered packages, and counterfeit digital greeting cards with embedded links—and maps how campaign operators use social media, influencer comments, and targeted ads to drive victims to malicious domains. Check Point noted that automated registration services and inexpensive hosting make it cheap to rotate domains and stand up transient fake stores, enabling high‑volume credential and payment data collection. The advisory recommends consumer and enterprise defenses: link‑checking, domain reputation filtering, multi‑factor authentication, and heightened scrutiny of unsolicited Valentine‑themed offers. The report also highlights the interplay between seasonal consumer demand and opportunistic cybercriminal workflows that scale rapidly during holiday windows.