Halloween-Themed Spam and Scams Flood Inboxes Worldwide, Bitdefender Antispam Lab Warns

Halloween-Themed Spam and Scams Flood Inboxes Worldwide, Bitdefender Antispam Lab Warns

All Hallows’ Eve is almost here, and cybercriminals have ramped up their bombardment of inboxes with Halloween-themed spam. This month, Bitdefender Antispam Labs researchers have seen an increase in unwanted emails, particularly those dressed up in seasonal costumes and malicious trick-or-treating.

The United States Still The Epicenter of Halloween Spam

Unsurprisingly, the US is the top source of Halloween-themed spam, accounting for a staggering 83% of all unsolicited emails. China and Germany follow far behind, contributing 6% and 4%, respectively. The United Kingdom, France, and Turkey each make up 1% of the total Halloween-themed global spam volume.

Halloween-Themed Spam Rates Spike as October Draws Near

Bitdefender’s telemetry indicates a sharp rise in Halloween-themed spam throughout September and October. However, Halloween-themed spam rose 18% percentage points between 1-16 October 2024, compared to the entire month of September. This spike mirrors the shopping frenzy and anticipation leading up to Halloween, with cybercriminals aiming to exploit consumers in search of deals, costumes, and party supplies.

Spam Destinations: Who’s Getting Hit the Hardest?

Not only is the US a major source of spam, but it’s also the top target. Bitdefender Antispam telemetry reveals that 71% of Halloween-themed spam hits US inboxes. Germany, the United Kingdom, and Ireland follow as the next most affected regions, with 8%, 5%, and 4%, respectively. Other nations like Japan, France, and Australia see only a small percentage, but this global reach shows that Halloween-themed scams are far from a local issue, and fraudsters may still have time to bait recipients with last-minute offers and scams.

Marketing Spam or Halloween Scams?

Bitdefender’s advanced antispam filtering systems flagged about 50% of Halloween-themed spam as traditional marketing lures. These emails typically focus on enticing recipients with holiday deals, costume promotions, or special Halloween-themed discounts. While many of these may seem legitimate, a significant portion are designed to drive traffic to potentially unsafe or suspicious sites.

On the darker side, around 40% of Halloween-themed spam was identified as misleading or outright scams. These messages often take the form of phishing emails, many disguised as giveaways and goodie baskets from well-known retailers. Once users engage with these emails, they’re often led to fraudulent websites that harvest personal information and money.

A couple of scam campaigns on this topic appeared as early as late August, possibly because fraudsters were trying to prey on conscientious shoppers who like to get their seasonal décor and Halloween gear in advance. These early iterations serve as a great depiction of a typical Halloween-themed scam website. The pages are often filled with eerie-themed visuals and enticing promises of last-minute costume deals, decorations, and party supplies, preying on early planners who are eager to cross Halloween shopping off their lists.

Some of the most popular subject lines used in these phishing campaigns include:

  • You have won a Home Depot Halloween essential pack
  • You have won the October 2024 mystery box giveaway
  • You won a Costco Halloween mystery box
  • Halloween sale
  • October fall décor and goodie packs

These subject lines aim to lure victims with promises of exclusive giveaways or irresistible holiday sales, drawing unwary users onto fake links designed to steal personal information and money.

The Halloween scams are diverse, with scam campaigns ranging from phony giveaways and mystery boxes to offers for too-good-to-be-true costume deals and even crypto airdrops.

Here are some of the latest Halloween scam samples observed by Bitdefender researcher Viorel Zavoiu:

Scammers impersonate ADAC and bait users in Germany with free car emergency kit for Halloween.

A festive Halloween promotion from Truspad? Think again. Scammers impersonate the decentralized multi-chain fundraising platform and claim to airdrop 1 million Brett Tokens.

$500 gift card from Aldi’s this Halloween is just ruse to steal internet users’ personal and financial information

German users are tempted with an iPhone 16 Pro if they only submit some personal information and pay for shipping

Halloween Mystery Box from Costco? Nope, it’s just another festive scam

Walmart doesn’t want your opinion in exchange for $100 dollars this Halloween

Home Depot Halloween Essential Pack Scam Survey

How To Stay Safe

To avoid being spooked by these scams, remember the following tips:

  • Double-check URLs: If an email promises a Halloween deal, hover over any links before clicking to ensure they direct you to a legitimate website.
  • Beware of unsolicited attachments: Halloween-themed e-cards may seem fun, but they can carry malware.
  • Look for red flags: Poor grammar, suspicious-looking domains, and urgent language are common in spam emails.

Leverage Bitdefender Security Tools and Solutions for Maximum Protection

This Halloween season, protect yourself with comprehensive security tools designed to identify and block online threats and scams:

Bitdefender Scamio is a must-have during any festive season when shopping scams and other internet swindles run rampant. Scamio is our FREE on-demand scam detector you can use to check for any scammy link or proposal you see online.

Scamio can analyze any texts, messages, links, QR codes, or images and give you a verdict on whether they are they are part of a scam. Scamio is available on Facebook Messenger, WhatsApp, your web browser and Discord. You can also help others stay safe by sharing Scamio with them in France, Germany, Spain, Italy, Romania, Australia, and the UK.

Additionally, with the launch of our new Scam Copilot, you can get comprehensive scam protection across all of your devices with access to your personal scam adviser chatbot, scam wave alerts in your area, real-time detection of scams in your browsing activities and remote access scam protection among others. The Scam Copilot features paired with our award-winning anti-malware protection can be found in our all-one-security solutions.

Originally Appeared Here