Cyber security expert Graham Cluley recently highlighted a phishing campaign using a clicks-for-cash model and some Valentine’s Day bait.

merle-600 The phishing email, seen to the left, comes from someone who claims to be a Russian girl looking for love. As it turns out, you could be Tanya’s (or is it Merle’s?) “Mr. Dependable”! Hope you didn’t have plans for Valentine’s Day…

The email provides a link that, oddly, takes users to a Grand Theft Auto forum thread that then provides another link, this time to a Russian dating Web site. Looks like your would-be lover is just after your time and clicks in the search for some quick affiliate cash.

Well, it could be worse. Weddings are expensive, after all. But the point here is that the email link could just as easily have taken you to a malicious Web site and stolen much more than just a minute of your time. Mrs. (or Mr.!) Right may be out there somewhere, but chances are that your first contact won’t be through an unsolicited email. Remember one of the golden rules of online safety: if it looks to good to be true, it probably is.

Plenty of other phish indeed.