Contributor: Azam Raza
Easter, like all other celebrations is meant to be a day of jubilation, which of course means gifts, shopping, and spreading cheer. However, cheer is not the only thing that is being spread this holiday. Spammers have also started spreading their handiwork. With just a few days left before Easter, the volume of spam is on the rise.
Each year Symantec observes certain categories of spam using Easter as a theme and this year is no different. Let’s take a look at some of the different types of spam Symantec sees year-over-year, as well as some samples from this year.
Replica goods spam
With gifts being at the core of many major celebrations, product spam (replica goods spam in particular) is the spam category Symantec observes the most. In this spam, items such as fake watches and jewelry are promoted using catchy subject lines and product images. Email header examples include:
From: "WorldOfWatches" <johnwatson@[REMOVED]>
Subject: Challenge Ends Easter weekend
From: "DailyPromos" <aacpu@[REMOVED]>
Subject: Our pick today is- easter14
Figure 1. Easter themed replica goods spam
Health spam
Pharmacy or medication spam is another spam category we see a lot of when we get close to any holiday season. These spam mails usually contain links to pharmacy sites which pretend to sell medication online without prescription. Season’s greetings are usually displayed as banners on these sites to add a festive touch.
Figure 2. Easter themed pharmacy spam
Weight loss spam is another subcategory of health spam which is seen in multiple languages. Weight loss medicines touted in these messages range from approved medication to stories about herbal extracts from exotic plants. Email header examples include:
From: "Mackenzie Burns" <monday@[REMOVED]>
Subject: Begin eating this fruit and lose the fat before Easter Sunday
Product spam
Major retailers and brands offer large discounts and sales during holiday celebrations and spammers take advantage of this. Spammers often craft their emails to make them appear to be from known retailers and brands but they usually include links leading to fake sites. Offers of gift coupons are also common. The products seen in this type of spam can range from kids toys to SUVs. Email header examples include:
Subject: Spring Sale Event on all Cars, Trucks, and SUVs!
From: Auto-Dealer-Online <williamw@[REMOVED]>
Figure 3. Product spam with Easter banner
Figure 4. Gift coupon spam seen this season
Personalized gifts
Personalized gifts are getting popular these days and spam promoting personalized messages on Easter eggs and Easter bunnies are proving popular among spammers. Most of these spam mails have links to fake sites and some of them even have links to inappropriate content. Email header examples include:
From: Easter Bouquets <rebekkahFAjhLg@[REMOVED]>
Subject: Make the Easter bunny jealous! Easter flowers
Figure 5. Spam offering personalized Easter bunny letters for children
Casino spam
Online casino and gambling spam show up in larger volumes during holiday periods. Casino spam entices victims with a signup bonus, reward points, and chances of winning a fortune. Email header examples include:
From: AU_AllSlots @ <AllSlots@[REMOVED]>
Subject: 25-free spins on Gold-Factory this-Easter
419 scam spam
Nigerian spam routinely makes the rounds during all holiday festivals with news of lucky draws and donations. Symantec has observed 419 spam pretending to be from orphanages and charity organizations asking for donations for the unfortunate. Unsolicited emails asking for personal information should always be treated with caution. Examples of email headers include:
From: suzanne122@[REMOVED]
Subject: HappyEasterInAdvance,
Something else which caught our attention this year is the volume of Easter spam in foreign languages. Easter themed attacks in foreign languages are usually about gifts and goodies, like the cupcake and gingerbread delivery spam shown here:
Portuguese
From: "Cupcake" <contato@[REMOVED]>
Subject: Páscoa |Subject: Easter
Russian
From: Пасхи <vamdetal@[REMOVED]> | From: pasha
Subject: Скоро Пасха | Subject: Almost Pasha
From: Пряники <sladkie.pashi@[REMOVED]> | From: Gingerbread
Subject: Кондитерская мастерская | Subject: Confectionery masterskaâ
Symantec wishes all our customers a very happy Easter, and we also advise you to be cautious of these spam campaigns. Always exercise caution when dealing with unsolicited or unexpected holiday themed emails. Do not click on links in emails that look suspicious. Remember to update your antispam signatures to safeguard your personal information and give you the peace of mind to celebrate the wonderful Easter celebrations.