14 DAY TRIAL // Security researchers report that a wave of Halloween-themed threats are out to get you. Beware of dodgy e-cards, screensaver downloads, poisoned search results, and spam, they warn.
In this day and age, it goes almost without saying that the Internet is a scary place on every holiday. But Halloween in particular is a special time for Internet users, if not for the unusual high number of threats floating around, at least for the irony - this holiday is all about scary stuff. And guess what, according to numerous security experts, you should be scared.
There are a few types of tricks that users should be particularly wary about. Free downloads of Halloween-themed applications or screensavers is one of them. If you really want to decorate your computer's desktop in the spirit of Halloween, every special download should be scanned with a reliable antivirus solution, as it could come packed with malware.
Sending e-cards is also popular during holidays, but spam analysts from Kaspersky advise extreme caution when choosing such a service. If the website asks you to install additional stuff, such as special browser toolbars, it is better to move away. Also, beware of unsolicited emails about gift cards or Halloween sale discounts, as they have a high chance of leading to or containing malware.
A special attack vector to watch for is the Halloween-related web search results, which many antivirus companies report as being poisoned. Cybercrooks use special techniques known as black hat search engine optimization, to push malicious websites on the front pages of search results for particular keywords.
"I noticed that the most commonly targeted keywords were classic costume favorites, such as the Cat woman costume, vampire costume, and various adult costumes. In addition to costumes, the BHSEO campaign also targets Halloween related food recipes, haunted house directions, Halloween parties, and the movie Halloween," notes Sean-Paul Correll, threat surveillance specialist at Panda Security.
David Harley, ESET's director of malware intelligence also adds Harvey Milk, Pumpkin Carving Stencils, candy, Pokemon, and McDonalds Monopoly online to the hijacked search strings. The list is probably a lot longer and most of the malicious links promoted in this way lead to scareware. This is a term referring to fake antivirus software, which scares users via fake security alerts into paying for unnecessary and useless licenses.