Security News

Spam campaign roundup: The Thanksgiving Day Edition (Nov 27, 2013)

By

It is that time of the year again where savvy shoppers are in search for the best deals this season. Black Friday is the day following the Thanksgiving Day in the United States and often regarded as the kickoff of the holiday shopping season that extends until Cyber Monday where consumers are expected to shop more online. But in recent years, this holiday shopping extravaganza has been stretched even longer, with retailers offering deep discounts on items weeks ahead of Black Friday. Unfortunately, cyber criminals are taking advantage of this longer shopping frenzy, sending unsolicited advertisements for products and services that often yield to fraud, phishing and even malware.

Over the past week, the Dell SonicWALL threats research team has been following a steady growth in Black Friday and Cyber Monday related spam emails as seen below:

As the Thanksgiving weekend approaches, we have been receiving an increasing amount of holiday related spam emails. These emails have a common theme of trying to lure consumers to click on the links and provide their personal information in exchange for access to special offers and deep discounts. The following are some of the most common email subjects:

  • SAVINGS ALERT: See the Hottest Black Friday Ads Now
  • Gift ahead of Black Friday for You
  • This could aid your Black Friday-shopping
  • Everything is 90% off now – Cyber Monday starts now
  • 40% off + Ship Free! Black Friday begins…

The links on the emails will take users to a spam site which is part of the same affiliate marketing scheme that we have seen in the past. Some of them claim to come from popular department stores promising gift cards or coupons, that when clicked would take you to a URL different from the real merchant’s website but has the merchant’s branding. They will try to convince users to sign up for different offers while these scammers earn commissions for each successful subscription.

The domain names used in the URLs embedded in the spam emails were just recently created suggesting that they were just created for use in this spam campaign. They were all registered using a domain privacy service to keep the domain name owner’s personal information from showing up on global Whois lookups.

We urge our users to always be vigilant and cautious with any unsolicited email and to avoid providing any personal information, particularly if you are not certain of the source.

Dell SonicWALL Gateway Antivirus monitors and provides constant protection against such malicious threats.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
Recommended Cyber Security Stories
Neutrino Exploit Kit drive by attack (Feb 7, 2014)
Microsoft Security Bulletin Coverage (Jun 12, 2012)
Cisco Prime DCNM Information Disclosure (Jan 3, 2014)
Cyber Security News & Trends – 08-30-19
PDF File is being used to spread AgentTesla
Android Security Bypass Vulnerability (Dec 6, 2013)
Cybersecurity News & Trends - 08-14-20
New Buzus Trojan (Mar 27 2009)