Security companies warn that affiliate marketing spammers have already began exploiting Halloween to trick people with fake prizes, contests and offers.
It's a known fact that cybercriminal activity always intensifies around holidays, when people are more vulnerable and have more money to spend.
"Halloween is drawing near, so the spammers are busy laying out bait in the form of Halloween jackpots, sweepstakes, gift cards, e-cards, personalized gifts, online contests, and even print products and costumes
," Samir Patil, a security researcher at Symantec, warns
Some people like to decorate their computer's desktop with screensavers or wallpapers in the spirit of the holidays.
However, searching for one on the Internet during this period has a great chance of leading to malware. It's always good to scan such files on VirusTotal before opening them.
E-cards are also popular during holidays and some spam emails advertising e-card services have already been spotted.
Researchers advise users to walk away from any that want to install additional programs on their computers or ask them for personal information.
Here are some examples of Halloween spam email subjects seen by Symantec so far: "Halloween Series Campaign Vol1", "Halloween Treat Bags, Home Decorations, and More", "Open this! $1 Million Prize", "Halloween Special! Up to 85% off ink and toner", "Halloween E-card - no cost."
Meanwhile, cloud-security provider Zscaler, warns that spammers compromised legit websites, including some that belong to educational institutions, and used them in black hat SEO campaigns to drive traffic to the website of a Halloween costumes retailer.
"The URL to buycostumes.com contains an affiliate ID which allows the spammer to get a commission (10% to 30% of the total purchase) from the store should a redirected user ultimately make a purchase
Julien Sobrier, senior security researcher at Zscaler.
No doubt, as the holiday approaches, attacks will diversify and will increase in number. Google speculated that a surge of infected emails in August and September had the purpose of planting the seeds for spam botnets that will be used heavily during the holidays.