Ghostly Greetings: Halloween Spam for Eager Trick or Treaters

Cybersecurity Awareness Month always ends on a spooky note. All Hallows’ Eve comes Oct 31, and, while the global community is busy carving Jack-o-Lanterns, stocking up on candy and planning Halloween costume parties, cybercriminals are listening in, eager to add their malicious twist to the festival of frights.

Researchers at Bitdefender Antispam Lab have been keeping an eye on Halloween-themed spam correspondence deployed by tricksters worldwide.

So far, our analysis has revealed that spammers stick to their old parlor tricks (mostly) when pumping out unsolicited and scam emails this pumpkin spice season.

The US remains a priority for the ‘scary stuff’

Americans were the largest target group to receive unsolicited Halloween-themed spam this year. According to Bitdefender spam telemetry, users in the US received 60% of all global Halloween-themed spam volume between 3-23 October (see Figure 1).

The US is followed by Ireland (11%), France (8%), Germany (6%), the UK, Denmark and Sweden (2% each), followed by Australia, Canada, Italy and Poland (1% each).

The origin of unsolicited Halloween spam emails, for the most part, remains consistent with the largest number of potential victims, with 45% of the analyzed Halloween spam correspondence appearing to originate from IP addresses in the US (see Figure 2).

Additional origins of the spam emails were traced to IP addresses in Russia (16%), Antarctica (10%), France (9%), the UK (5%) and Moldova and Germany (2% each).

Preparing the perfect witches’ brew takes time

Although Halloween-themed spam emails started hitting inboxes in early October, spammers only deployed small batches of unsolicited emails daily between Oct. 3-10, when Halloween spam hits rose to 7% (see Figure 3). While Halloween spam hits have seen severe fluctuations the past three weeks, the seasonal correspondence peaked on Oct. 22, when 17% of all global Halloween-themed received spam was sent.

A taste of Halloween spam

The Halloween season is a busy time for consumers who want to participate in traditional activities such as handing out candy to trick-or-treaters, decorating their home or yard and throwing a costume party. This means big money for retailers and plenty of opportunities to click-bait people who are in a rush to finish preparations.

A quick breakdown of Halloween spam shows that 21% of the entire Halloween-themed received spam by volume sent between 3-23 October was flagged as a scam. Additionally,56% of the spam volume was flagged as e-commerce spam and 15% as online dating spam. Bitdefender Antispam researchers expect Halloween spam volumes to increase in the week preceding All Hollows’ Eve.

Note: Even though newsletters and e-commerce correspondence can be legitimate, there are many fake online shops that entice users with big discounts for seasonal goods.

Spam topics range from your go-to seasonal subjects such as shopping for decorations, costumes, candy and supplies to your run-of-the-mill giveaways and more peculiar subjects such as finding love on Halloween.

Here’s a taste of this year’s Halloween spam email subject lines:

• find love this halloween with christian matches
• fun halloween candy treat bags kids t -shirts party decorations and more
• time is running out all halloween is 50 off
• get 60 off all halloween baking decorating supplies in our mega monster sale starting now
• boo-ya here’s 50 off halloween decor essentials
• free shipping halloween sale
• grab your spooky halloween freebie

While most spam emails are in English, Bitdefender telemetry also picked up localized correspondence for Germany, Italy and France:

• halloween special mitmachen und 124 coca cola dosengewinnen
• halloween days profitez des offres du 21 au 31 octobre
• votredeguisement pour Halloween
• ihre coca cola halloweenprodukte
• einmilkahalloweensie
• festa de halloween

The most common theme this year is, of course, the familiar ‘Halloween Sale’ pitch, with emails advertising thousands of Halloween-themed offers for decorations, costumes, gifts and candy.

Many of these emails seek to exploit the unwary by baiting users with access to special deals and bargains on obscure websites that give no guarantees they’ll actually receive what they pay for. Many scams circulating online advertise one-time-only deals to lure unsuspecting customers into purchasing bogus products that don’t exist.

Recipients should always use caution when interacting with spam emails, even if they don’t look malicious at first. Nothing is truly free, and falling for a too-good-too-be-true deal can have serious consequences for your privacy, data and money.

The same goes for that unrequested giveaway or lotto you haven’t signed up for. An analyzed sample of the Halloween-Special deal received by users in Germany attempted to trick recipients into believing they are the lucky finalists in a Coca-Cola draw organized by the lottery department in Berlin where they could win 124 cans of Coca-Cola.

“Congratulations on being selected as one of the finalists for the Coca-Cola Halloween Special”, the phony email reads. “You are one of the October 2022 finalists for the Coca-Cola Halloween edition sweepstakes where you can win 124 cans of Coca-Cola. The drawing was carried out in Berlin by the lottery department.”

A separate campaign entices recipients with a free Milka Halloween chocolate package worth 100 Euros.

The email reads:

“The spooky season has begun! Celebrate temptations in Milka's Halloween design with the delicate alpine milk.Take the exclusive chance of a Milka Halloween product package now!”

Many online giveaways and freebies you receive via unsolicited emails are a ruse to steal your financial information – by making you pay shipping fees for a product you’ll never receive.

Stay away from these offers!

Getting naughty on Halloween

On top of your shopping deals, freebies and ‘free spins’ to win prizes or credits for online gambling, this year brings a surprise in terms of the Halloween-themed spam emails – dating and ads for phony male enhancement websites.

One dating spam campaign is directed at Christian singles who want to find their match on Halloween, while another recycles a previous ruse spotted by Bitdefender Antispam Lab in June – a chance to meet and date beautiful Ukrainian women.

Daring’ male recipients were also invited to become sugar daddies this Halloween. In the blatant spam email below, users are urged to access suspicious links that will lead them to a special community where they can meet young women.

Double, double, toil, and ward off cyber spooks

With Halloween spending estimated to hit over $10.5 billion this year, according to the US National Retail Federation, it’s easy to see why online scammers continue to take advantage of seasonal events to steal money and data.

To avoid falling victim to cybercrooks out trick or treating for your ‘candy,’ use your wits to steer clear of scams and phishing attempts that can put a stop to your holiday. Beware of any flash sales that rush you into quick decisions, be wary of unusual payment methods, and do your homework if you plan to shop on unfamiliar websites or stick to what you know so you won’t regret it later.

Fending off internet monsters and other creepy crawlies is easy with Bitdefender security solutions. Bitdefender all-in-one packages combine the best of both worlds: advanced malware detection technologies, privacy and identity theft protection features to give you peace of mind no matter what you do online.

Check out our plans and special offers here.

Note: This article is based on technical information courtesy of Bitdefender Labs