Experts at SophosLabs™,
Sophos's global network of virus, spyware and spam analysis
centers, have intercepted an attempt by spammers to hijack
Halloween festivities to grab personal information from innocent
Sophos has identitied a spam email campaign that tries to lure
recipients into handing over a wide range of personal information
with the promise of a $250 gift card. The email uses a variety of
painful puns associated with the spooky celebrations on 31
The Halloween email tells recipients they will
receive a gift card.
Clicking on links contained in the email takes computer users to
a website containing Halloween imagery. The website asks for a
large amount of personal information including email addresses,
postal addresses, phone numbers and date of birth, before
presenting a stream of questionnaires on subjects as diverse as
student loans, gender and cigarette smoking.
Clicking on links in the email takes users to a
website. The gift card pictured on the website has the name 'Count
"It's not immediately obvious whether this spam is being sent to
commit identity theft or whether it's market research gone mad. If
you visit the site and give it your personal information the
chances are that you will be bombarded with unwanted junk email
until hell freezes over," said Graham Cluley, senior
technology consultant for Sophos. "There's no evidence to reassure
people that they will really receive a gift card - and as the
people behind this website have already proven themselves prepared
to send unsolicited spam, this is probably more of a trick than a
Sophos notes that this is not the first time that spammers have
used festivities or public holidays to promote their goods. Every
year, for instance, spammers leap upon the opportunity of St
Valentine's Day, to sell lingerie,
chocolate, jewelry and even viagra.
In July 2007, Sophos published
its Security Threat Report, examining the latest trends in spam,
malware and hacking. The report described how spammers were using a
variety of techniques to promote products and steal information
from innocent internet users.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend
against the threats of spam, hackers, spyware and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.