All Hallows’ Eve is almost here, and cybercriminals have ramped up their bombardment of inboxes with Halloween-themed spam. This month, Bitdefender Antispam Labs researchers have seen an increase in unwanted emails, particularly those dressed up in seasonal costumes and malicious trick-or-treating.
Unsurprisingly, the US is the top source of Halloween-themed spam, accounting for a staggering 83% of all unsolicited emails. China and Germany follow far behind, contributing 6% and 4%, respectively. The United Kingdom, France, and Turkey each make up 1% of the total Halloween-themed global spam volume.
Bitdefender’s telemetry indicates a sharp rise in Halloween-themed spam throughout September and October. However, Halloween-themed spam rose 18% percentage points between 1-16 October 2024, compared to the entire month of September. This spike mirrors the shopping frenzy and anticipation leading up to Halloween, with cybercriminals aiming to exploit consumers in search of deals, costumes, and party supplies.
Not only is the US a major source of spam, but it’s also the top target. Bitdefender Antispam telemetry reveals that 71% of Halloween-themed spam hits US inboxes. Germany, the United Kingdom, and Ireland follow as the next most affected regions, with 8%, 5%, and 4%, respectively. Other nations like Japan, France, and Australia see only a small percentage, but this global reach shows that Halloween-themed scams are far from a local issue, and fraudsters may still have time to bait recipients with last-minute offers and scams.
Bitdefender’s advanced antispam filtering systems flagged about 50% of Halloween-themed spam as traditional marketing lures. These emails typically focus on enticing recipients with holiday deals, costume promotions, or special Halloween-themed discounts. While many of these may seem legitimate, a significant portion are designed to drive traffic to potentially unsafe or suspicious sites.
On the darker side, around 40% of Halloween-themed spam was identified as misleading or outright scams. These messages often take the form of phishing emails, many disguised as giveaways and goodie baskets from well-known retailers. Once users engage with these emails, they’re often led to fraudulent websites that harvest personal information and money.
A couple of scam campaigns on this topic appeared as early as late August, possibly because fraudsters were trying to prey on conscientious shoppers who like to get their seasonal décor and Halloween gear in advance. These early iterations serve as a great depiction of a typical Halloween-themed scam website. The pages are often filled with eerie-themed visuals and enticing promises of last-minute costume deals, decorations, and party supplies, preying on early planners who are eager to cross Halloween shopping off their lists.
Some of the most popular subject lines used in these phishing campaigns include:
These subject lines aim to lure victims with promises of exclusive giveaways or irresistible holiday sales, drawing unwary users onto fake links designed to steal personal information and money.
The Halloween scams are diverse, with scam campaigns ranging from phony giveaways and mystery boxes to offers for too-good-to-be-true costume deals and even crypto airdrops.
Here are some of the latest Halloween scam samples observed by Bitdefender researcher Viorel Zavoiu:
Scammers impersonate ADAC and bait users in Germany with free car emergency kit for Halloween.
A festive Halloween promotion from Truspad? Think again. Scammers impersonate the decentralized multi-chain fundraising platform and claim to airdrop 1 million Brett Tokens.
$500 gift card from Aldi’s this Halloween is just ruse to steal internet users’ personal and financial information
German users are tempted with an iPhone 16 Pro if they only submit some personal information and pay for shipping
Halloween Mystery Box from Costco? Nope, it’s just another festive scam
Walmart doesn’t want your opinion in exchange for $100 dollars this Halloween
Home Depot Halloween Essential Pack Scam Survey
To avoid being spooked by these scams, remember the following tips:
Leverage Bitdefender Security Tools and Solutions for Maximum Protection
This Halloween season, protect yourself with comprehensive security tools designed to identify and block online threats and scams:
Bitdefender Scamio is a must-have during any festive season when shopping scams and other internet swindles run rampant. Scamio is our FREE on-demand scam detector you can use to check for any scammy link or proposal you see online.
Scamio can analyze any texts, messages, links, QR codes, or images and give you a verdict on whether they are they are part of a scam. Scamio is available on Facebook Messenger, WhatsApp, your web browser and Discord. You can also help others stay safe by sharing Scamio with them in France, Germany, Spain, Italy, Romania, Australia, and the UK.
Additionally, with the launch of our new Scam Copilot, you can get comprehensive scam protection across all of your devices with access to your personal scam adviser chatbot, scam wave alerts in your area, real-time detection of scams in your browsing activities and remote access scam protection among others. The Scam Copilot features paired with our award-winning anti-malware protection can be found in our all-one-security solutions.
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsDecember 19, 2024
November 14, 2024