Many people are waiting eagerly for Halloween, a holiday filled with mystery, magic and fantasy, where bonfires were lit and costumes were worn to ward off roaming ghosts. As expected, Halloween Day spam messages have started flowing through Symantec’s Probe Network. In this spam, users are asked to complete a fake survey, and then to click a URL containing the spam message, which redirects them to a website with a bogus Halloween Day offer.
Top word combinations used in spam messages include:
- Halloween – Costumes
- Halloween – treat
- Halloween – Special
- Halloween – Survey
Figure 1. The spam asks users to complete a fake survey for an offer
After a user completes the survey, a page is displayed, asking the user to enter their personal information to receive the bogus offer.
Figure 2. A fake survey which users must complete in order to claim a gift card
After users entering the details for claiming the gift card, they are taken to a Web page to enter their personal details.
Figure 3. A fake offer on Halloween costumes presented to users.
Figure 4: A fake pharmaceutical products promotion webpage
The above is an example of a webpage which encourages users to take advantage of bogus offers on pharmaceutical products. The domains which hosted these webpages have been found to be registered in Europe.
The following are some email subject lines used by these spam attacks:
- Subject: Shop for Halloween Costumes Today
- Subject: Complete the Halloween Survey and Claim Your xxx Gift Card
- Subject: Halloween treat for your body
- Subject: Shop Sexy Halloween Costumes Free Shipping On Orders Over $50
- Subject: Halloween Special–Up to 85% off Printer Ink and Toner
- Subject: Shop The Halloween xxx Savings. Complete The Survey Today.
- Subject: Personalize a Gift for Halloween – Treat Bags, Home Decorations, and More
- Subject: Shop for new Halloween costumes at a low prices, today
Symantec advise users to exercise caution when receiving unsolicited or unexpected emails. We are closely monitoring Halloween Day spam attacks to ensure users are kept up-to-date with information on the latest threats.