It’s that time of the year again! Halloween is just a few days away and cyber criminals are taking advantage by inserting their malware campaigns right into Halloween related search results.  Searching for Halloween costumes, parties, pumpkin carving patterns, and more can land you right in the middle of one of these malicious campaigns.

Here is an example of the malicious search results:

Halloween Blackhat SEO
Halloween Blackhat SEO - Malicious Search Results

Clicking on one of the search links leads us to a fake codec video player page, which prompts us to install a malicious “codec” if the video doesn’t play correctly.  Installing the software results in a trojan infection monetized via fake antivirus software.

Halloween Malware - Fake Video Player
Halloween Malware - Fake Video Player

I was interested in seeing what keywords were being actively targeted, so I analyzed the campaign a bit further…

Here are the top 5 most targeted phrases:

  1. Halloween costumes
  2. Halloween decorations
  3. Halloween ideas
  4. Adult Halloween costumes
  5. Free pumpkin pattern

Here is a tag cloud of the top 60 targeted keywords:

Halloween Blackhat SEO Tag Cloud
Halloween Blackhat SEO Tag Cloud

This campaign is one of many targeting the Halloween holiday.  In addition to this attack, we have also recently observed similar campaigns targeting the “Paranormal Activity 2” and “Friday the 13th” movies.

Tips to Stay Safe Online this Halloween

Basic knowledge, common sense, and an antivirus program will take you a long way in staying safe online this Halloween, but we have some extra tips to ensure a Halloween full of treats and no tricks:

  • Only open emails or social network messages received from trusted sources.
  • Type URLs directly into the browser – do not click any links included in email messages, social networks or messaging applications – even if they come from a reliable source.
  • Do not download or run files that come from unknown sources – especially executable files with Halloween-related names.
  • Check that each page you visit is secure – look for the security certificate, usually a small yellow padlock, next to the toolbar or in the bottom right corner of the screen.
  • Be wary of any unwanted downloads, even on legitimate sites.
  • Make online purchases from sites with a solid reputation and secure, encrypted transactions, and never on a public computer.
  • Install an effective security solution installed, like Panda Cloud Antivirus, and keep it updated to detect the latest security threats.