Halloween-themed spam and phishing emails have surged over the past two months, with a significant increase beginning in October, according to researchers at Bitdefender.
“Bitdefender’s telemetry indicates a sharp rise in Halloween-themed spam throughout September and October,” the researchers write.
“However, Halloween-themed spam rose 18% percentage points between 1-16 October 2024, compared to the entire month of September. This spike mirrors the shopping frenzy and anticipation leading up to Halloween, with cybercriminals aiming to exploit consumers in search of deals, costumes, and party supplies.”
Around 40% of these spam emails are malicious, attempting to trick users into installing malware, handing over login credentials, or sending money for phony purchases.
“These messages often take the form of phishing emails, many disguised as giveaways and goodie baskets from well-known retailers,” the researchers write. “Once users engage with these emails, they’re often led to fraudulent websites that harvest personal information and money.
A couple of scam campaigns on this topic appeared as early as late August, possibly because fraudsters were trying to prey on conscientious shoppers who like to get their seasonal décor and Halloween gear in advance. These early iterations serve as a great depiction of a typical Halloween-themed scam website.
The pages are often filled with eerie-themed visuals and enticing promises of last-minute costume deals, decorations, and party supplies, preying on early planners who are eager to cross Halloween shopping off their lists.”
Bitdefender offers the following recommendations to help users avoid falling for these scams:
- “Double-check URLs: If an email promises a Halloween deal, hover over any links before clicking to ensure they direct you to a legitimate website
- Beware of unsolicited attachments: Halloween-themed e-cards may seem fun, but they can carry malware
- Look for red flags: Poor grammar, suspicious-looking domains, and urgent language are common in spam emails”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Bitdefender has the story.
How BreachSim works:
