From the darkest corners of the Internet, Halloween offers are creeping out in the open to taunt users with jaw-dropping discounts, as reported by Bitdefender labs. Apart from unbelievable dumping prices on costumes, ink, replica watches and designer clothes, this year’s offer includes rogue AV and fake surveys.
Fig 1. Seasonal discounts to replica watches
Scammers use quite a few buzz word combinations to grab people’s attention and make sure their e-mails are open, their malicious attachments accessed and their fake surveys filled in. Spammers offer nothing but top-dollar deals:
Carters: Halloween, Michael Kors Glasses Frames, Glow-in-the-Dark Kids’ Slippers
Halloween is almost near
BOO! Halloween is creeping up-shop Rockabye, Merkury Innovations, Oh-So Spooky Collection and more
Unique Halloween Costumes Order Now and Receive by Halloween!
Just in time for Halloween!
Shop Sexy Halloween Costumes
Get ready for Halloween its coming soon
The Halloween Boo-tique is Now Open! Gifts from $14.99
The Ultimate Halloween Costume Store
Fig 2. Spam e-mails that promote dumping prices for Halloween costumes.
Apart from filling in forms with sensitive identification data to purchase products that might never reach their destination, Halloween-themed spam also delivers in attachment downloaders of fake antivirus solutions.
Fig 3. Seasonal spam e-mail delivering Trojans in attachment
Under subject taglines such as Biggest pumpkin lol, Best Halloween costume ever, Happy Halloween or What you think about my Halloween costume along with some hints of naked pictures, scammers push a downloader of fake anti-virus solution on people’s systems.
The archive in the attachment is a Trojan that downloads a rogue antivirus product that tries to convince people their system is infected with malware and that, to disinfect it, they need to buy a security solution (that will prove useless).
It is therefore crucial to hold to the golden rule of never opening an e-mail from an unidentified source. Keep the system and the antivirus up to date at all times and don’t give in to the too-good-to-be-true seasonal offers – because they probably are.
This article is based on the samples provided by the Bitdefender Anti-Spam Team and the technical details offered by Doina COSOVAN, Bitdefender Virus Analyst.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.