Contributor: Vivek Krishnamurthi
The holiday season starts in the United States on Thanksgiving on November 28 preceding Black Friday, which occurs on November 29. This also marks the beginning of the much awaited shopping season when people take to the streets to celebrate the shopping furor with their family and friends. The shopping buzz is fuelled by discount sales and promotional offers by online sites and retailer outlets.
With online commerce growing by the day, spammers may take advantage of the holiday season to target shoppers. The spammers usually send out fake promotional messages and bogus deals and lie in wait for any victims who are tricked by these scams. Symantec has been on the lookout for signs of such messages to warn the public on what to avoid this holiday season.
We found the most popular spamming techniques, which topped our chart early this holiday season
Products offered at discounts never seen before
Spammers try to catch attention by offering crazy discounts or just sending out news of a sale on the hottest brands. Victims are usually those who are ill-informed about the spammers’ tactics. Behind the catchy mail preview are links to fake websites that redirect users to Web pages that they never wanted to visit.
Figure 1. Product spam related to Black Friday
Figure 2. Spam announcing a discount sale related to Black Friday and Thanksgiving
Survey spam promising shopping vouchers
Survey spam is another trick that the spammers employ to target victims. Survey invites claim to offer quick money, usually in the form of vouchers or discount cards. The links in this spam may lead users to fake surveys, which makes users reveal private information as answers to cleverly disguised questions.
Figure 3. Fake Survey related to Thanksgiving and Black Friday
Replica spam for watches
If you can’t afford that new watch you’ve been dreaming of for all these years, here is the spam for you. Spammers claim to offer a perfect replica iof a watch which is available at a fraction of the price. These messages lead to fake sites that are ready to take users’ money in return for…. nothing.
Figure 4. Replica watch spam related to Black Friday
Header patterns observed by Symantec in Thanksgiving weekend spam
The headers displayed in the messages could include anything ranging from catchy keywords about the sale to something as simple as random names.
- From: “Thanksgiving Flowers” <Thanksgiving.Flowers@[REMOVED]>
- From: “Black Friday Digital Camera” <BlackFridayDigitalCamera@[REMOVED]>
- From: “Clearance | BestWay Time” <keepcommen.jc@[REMOVED]>
Subject lines are usually very cleverly crafted to draw attention to the mail.
- Subject: Find Black Friday Deals at [REMOVED]
- Subject: Ahead of Black-Friday: [REMOVED] rolls out deals November 11th
- Subject: iPad Air Black Friday prices posted (90 percent savings)
- Subject: Black Friday Starts Today with [REMOVED]!
- Subject: Make Thanksgiving extraordinary with fall flowers for $19.99!
- Subject: Wow! Thanksgiving bouquets, just $19.99.
- Subject: Look 23lbs thinner by thanksgiving
- Subject: Receive increased spending limits on your card this Thanksgiving
Symantec advises our readers to use caution when opening unsolicited mails. False promises, blinding displays and unbelievable discounts are all part of spammer’s game. Anything that sounds too good to be true should be treated with skepticism. We are closely monitoring all attacks to ensure that readers are kept up to date with information on the latest threats.
