Security news19 October 2007
Halloween spam tries to spirit away personal information The spam that goes bump in the night
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have intercepted an attempt by spammers to hijack Halloween festivities to grab personal information from innocent internet users.
Sophos has identitied a spam email campaign that tries to lure recipients into handing over a wide range of personal information with the promise of a $250 gift card. The email uses a variety of painful puns associated with the spooky celebrations on 31 October.
The Halloween email tells recipients they will receive a gift card.
Clicking on links contained in the email takes computer users to a website containing Halloween imagery. The website asks for a large amount of personal information including email addresses, postal addresses, phone numbers and date of birth, before presenting a stream of questionnaires on subjects as diverse as student loans, gender and cigarette smoking.
Clicking on links in the email takes users to a website. The gift card pictured on the website has the name 'Count Dracula'.
"It's not immediately obvious whether this spam is being sent to commit identity theft or whether it's market research gone mad. If you visit the site and give it your personal information the chances are that you will be bombarded with unwanted junk email until hell freezes over," said Graham Cluley, senior technology consultant for Sophos. "There's no evidence to reassure people that they will really receive a gift card - and as the people behind this website have already proven themselves prepared to send unsolicited spam, this is probably more of a trick than a treat."
Sophos notes that this is not the first time that spammers have used festivities or public holidays to promote their goods. Every year, for instance, spammers leap upon the opportunity of St Valentine's Day, to sell lingerie, chocolate, jewelry and even viagra.
In July 2007, Sophos published its Security Threat Report, examining the latest trends in spam, malware and hacking. The report described how spammers were using a variety of techniques to promote products and steal information from innocent internet users.
- Read more about this spam campaign on the SophosLabs blog
- Download "Sophos Security Threat Report July 2007"
- Download a podcast on the Sophos Security Threat Report now
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
