Alerts E-Threats

Tricks Dress up as Treats for Cyber-Halloween

From the darkest corners of the Internet, Halloween offers are creeping out in the open to taunt users with jaw-dropping discounts, as reported by Bitdefender labs. Apart from unbelievable dumping prices on costumes, ink, replica watches and designer clothes, this year’s offer includes rogue AV and fake surveys.

Fig 1. Seasonal discounts to replica watches

Scammers use quite a few buzz word combinations to grab people’s attention and make sure their e-mails are open, their malicious attachments accessed and their fake surveys filled in. Spammers offer nothing but top-dollar deals:

Carters: Halloween, Michael Kors Glasses Frames, Glow-in-the-Dark Kids’ Slippers

Halloween is almost near

BOO! Halloween is creeping up-shop Rockabye, Merkury Innovations, Oh-So Spooky Collection and more

Unique Halloween Costumes Order Now and Receive by Halloween!

Just in time for Halloween!

Shop Sexy Halloween Costumes

Get ready for Halloween its coming soon

The Halloween Boo-tique is Now Open! Gifts from $14.99

The Ultimate Halloween Costume Store

Fig 2. Spam e-mails that promote dumping prices for Halloween costumes.

Apart from filling in forms with sensitive identification data to purchase products that might never reach their destination, Halloween-themed spam also delivers in attachment downloaders of fake antivirus solutions.

Fig 3. Seasonal spam e-mail delivering Trojans in attachment

Under subject taglines such as Biggest pumpkin lol, Best Halloween costume ever, Happy Halloween or What you think about my Halloween costume along with some hints of naked pictures, scammers push a downloader of fake anti-virus solution on people’s systems.

The archive in the attachment is a Trojan that downloads a rogue antivirus product that tries to convince people their system is infected with malware and that, to disinfect it, they need to buy a security solution (that will prove useless).

It is therefore crucial to hold to the golden rule of never opening an e-mail from an unidentified source. Keep the system and the antivirus up to date at all times and don’t give in to the too-good-to-be-true seasonal offers – because they probably are.

This article is based on the samples provided by the Bitdefender Anti-Spam Team and the technical details offered by Doina COSOVAN, Bitdefender Virus Analyst.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

About the author


A blend of teacher and technical journalist with a pinch of e-threat analysis, Loredana Botezatu writes mostly about malware and spam. She believes that most errors happen between the keyboard and the chair. Loredana has been writing about the IT world and e-security for well over five years and has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.