Beware the Emails of Halloween

That Goes for Thanksgiving, Christmas, and Valentine's Day Too

Get the WebProNews Newsletter:

[ Business]

Symantec’s MessageLabs released its Intelligence Report for the month of October, and it reveals the that the spammers behind the biggest botnets – Cutwail, Rustock and Donbot – are using the upcoming major holidays and world events as the themes for their the latest spam runs. This is not particularly surprising news, but it is news that people should be aware of nevertheless.

According to MessageLabs, only 0.5% of spam right now is tied to Halloween, but about 500 million Halloween-themed spam emails are expected to be in circulation worldwide each day as the holiday approaches this week. The majority of Halloween spam links to pharmaceutical spam sites and comes from the Rustock and Donbot botnets, the firm says.

Halloween Spam
"Happy Halloween J from Devil" – pharmaceutical spam

Meanwhile, spam from the Cutwail botnet uses both Thanksgiving and Christmas as a theme to sell replica watches. MessageLabs says that to date, holiday spam accounts for approximately 2% of all spam, with over 2 billion Thanksgiving or Christmas-themed spam emails expected to be in circulation globally each day.

Thanksgiving Spam
Christmas subject/Thanksgiving body – replica watches spam

"As is typical with spammers this time of year, we are seeing them try to capitalize on the holiday season," says MessageLabs Intelligence Senior Analyst, Paul Wood. "Although they may be a bit overzealous, spamming is a numbers game and the spammers have certainly succeeded with volume thus far. Perhaps their early-bird approach is an attempt to compete with the other botnets and get in early to maximize their chances of success."

The early-bird approach Wood speaks of relates directly to the fact that spammers are already gearing up for next year’s holidays and events. The firm is already encountering first runs of Valentine’s Day spam as early as four months before it arrives. They are even seeing spam related to next summer’s World Cup event.

In case you’re wondering how successful these spam campaigns can be, MessageLabs says consumers fall victim to messages like these all the time, fueling an underground economy worth an estimated $105 billion in profit from fraudulent activities. 

Related Articles: 

> Stealth Phishing Attack Looks Like Internal Email

> Symantec Urges Windows Users to Patch Systems

> Phishing Down, But Probably Only Temporarily

> Top 10 Most Spammed States in the US

Beware the Emails of Halloween
Top Rated White Papers and Resources
  • Stacie

    This may sound dense but I have a question. Could you explain to me how it’s possible for Symantec and other security folks to know so much about these botnets, yet no one can shut them down; contact the ISPs and have the accounts for those machines suspended; anything at all? That just always makes me think about that when I read an article like this. If you could give me a little insight, this low level tech would appreciate it :)

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom