Is Ashley Madison a Scam? 

If you’re thinking of using Ashley Madison, you need to know: Is Ashley Madison a scam? 

Below, we explain whether Ashley Madison is a scam and discuss some steps you can take to improve your safety when using this dating website. 

What Is Ashley Madison? 

Ashley Madison is a dating website for people looking for “discreet” relationships. 

According to its website, Ashley Madison was the first married dating website when it launched in 2001. 

Many Ashley Madison users are attached and looking for “online flirtation, for something existing, for someone with a mutual feeling.” 

Joining Ashley Madison is free, but users need to buy credits to access premium features, such as being able to connect with other users. 

If you’re curious about other dating websites, see our “Is Tinder a scam?” review. 

Is Ashley Madison a Scam?

No, Ashley Madison is not a scam. It’s a legitimate online dating site whose users are mostly individuals in relationships or married and looking to have an affair.

DatingAdvice.com rates Ashley Madison as 4.5 out of 5.0. 

According to DatingAdvice, some of the drawbacks of the platform are that male users have to upgrade to premium to get all the communication perks that female users get for free and that because users don’t use their real names, it’s possible to encounter scammers and catfishers. 

Ashley Madison gets mixed reviews from users:

• 2.2 out of 5.0 stars (from 19.1k reviews) on Google Play.
• 1.2 out of 5.0 stars (from 490 ratings) on Trustpilot.  
• 1.4 out of 5.0 stars (from 898 ratings) on Sitejabber.

Most complaints are from men who say the site is full of fake profiles and/or bots. Many men also say they’ve wasted their credits (men have to buy credits to talk to other users) and got nothing in return. 

On the other hand, women users report getting hundreds of messages on the platform, and only responding to a handful.

Security 

In 2015, a hacker group stole user data from Ashley Madison and threatened to release it unless the platform (and its sister site) ceased operating.

After Ashley Madison refused, the hacker group started releasing user data, impacting about 32 million users. The data released included names, addresses, and phone numbers, though it’s unclear how many users provided legitimate information. 

Since then, there have been reports of Ashley Madison users and their spouses being targeted with blackmail and extortion. 

At the time, it also came to light that Ashley Madison retained significant personal information of users who had paid for a “full delete” option for their accounts.

Investigations into the breach found that Ashley Madison’s security was not up to scratch (e.g., passwords were stored in plain text and the platform also failed to authenticate who was accessing its systems remotely). 

According to Mozilla Foundation *Privacy Not Included, Ashley Madison is probably safer today than it was in 2015 since the platform did take steps to improve its security in the meantime. For example, it now offers two-factor authentication and anonymous payment systems. 

However, Mozilla Foundation said that Ashley Madison still failed its Minimum Security Standards because it allowed them to create an account with a really weak password (“12345”). 

In its privacy policy, Ashley Madison says it protects your data “using security safeguards, including physical, organizational and technological measures.”

It does not specify what exactly these measures are. 

Privacy

Ashley Madison has some privacy features.

One privacy feature is the ability to hide your profile. If you hide your profile, it won’t be visible to other Ashley Madison users or show up in search results. 

The site also allows you to upload photos that are faceless and/or that disguise your face. 

Users can create Private Galleries. Photos here won’t be visible to anyone else but users with whom you’ve shared your Private Key. 

Ashley Madison explains the kind of data it collects, why, and with whom it shares it in its privacy policy. 

It collects the following information:

• Data you provide when creating your Ashley Madison profile, e.g., username, contact information, relationship status, demographic information, and billing information (if you make purchases through the platform).
• Data generated when you use the platform, including your messages.
• Data you choose to share with Ashley Madison, e.g., photos, personal characteristics like height and weight, ethnicity, personal description, language spoken, and smoking habits.
• Data collected automatically from your device, e.g., location.
• Data acquired from third parties. For example, from credit card companies, though Ashley Madison says it does not seek data about you from third parties. 

Ashley Madison notes that you’re not required to include identifying information in your profile. It warns:

“If you want to remain anonymous to the general public, please be careful about what you choose to share, especially if you upload photographs, and do not choose a username which could allow you to be identified easily.” 

Ashley Madison uses the personal information it collects about you to provide you its services, tailor the content it shows you, conduct surveys to improve its services, communicate with you, detect fraud, deliver targeted ads, manage your account, protect their own rights and the rights of other members, to comply with law, and similar. 

It also says it may collect and analyze aggregated or de-identified information to improve its services. 

Ashley Madison may share your data with trusted third parties (e.g., third party service providers), courts, regulators, and law enforcement. It may also share your information in the event of a business transaction. 

The platform notes that your personal information, such as your nickname and profile information, may be visible to other members who may receive notifications that promote your profile. 

It may store or process data in Canada, the EU, the U.S., or other countries and retain data for varying periods depending on legal, contractual, and operational needs (e.g., 12 months for inactive accounts).

The Mozilla Foundation gave Ashley Madison the label “*Privacy Not Included.” 

Among the concerns listed is that the platform can share your data with third parties for advertising purposes.

Ashley Madison also uses a machine learning algorithm to find out your preferences to show you similar users’ profiles (though you can change your preferences in your profile). 

The Common Sense Privacy Program, which evaluates internet services privacy policies, gives Ashley Madison a “Warning” rating. This means the platform “Does not meet our recommendations for privacy and security practices.”

Some of the issues the Common Sense Privacy Program flagged include:

• The platform shares data for third-party marketing. 
• It displays personalized ads.
• Third parties collect data for their own purposes.
• Data profiles are created and used for personalized advertising. 
• User’s information is used to track and target advertisements on other third-party websites or services.

On the plus side, the Privacy Program notes that Ashley Madison does not sell users’ data. 

So, Should You Use Ashley Madison?

Depends on how comfortable you are with the privacy risks involved. 

The platform experienced a serious data breach in 2015, and though it has improved its security measures since then, services like Ashley Madison always come with inherent risks. 

How to Use Ashley Madison Safely

• Use a pseudonym. Don’t use your real name or share any other personal information that could be traced back to you. 
• Create a new email address or use a masked email. That way, the Ashley Madison account you create can’t be linked to your primary email. 
• Use a burner phone number. This can help you keep your primary phone number private. 
• Turn off location tracking. You can do this through the location settings on your device. 
• Don’t upload any recognizable photos. Instead, use images that don’t identify you. 
• Leave optional fields blank. For example, ethnicity and body details. 
• Use anonymous payment services. For example, prepaid cards or privacy-enhancing services. 
• Be on the lookout for red flags. There are reports of fake profiles and/or bots on the platform. Never share sensitive information or send money. 
• Know that anything you share could be exposed. There’s no such thing as complete anonymity online. As demonstrated by the 2015 Ashley Madison breach, even if you delete your account, some of your data may still be stored.