It’s that time of the year again! Halloween is just a few days away and cyber criminals are taking advantage by inserting their malware campaigns right into Halloween related search results. Searching for Halloween costumes, parties, pumpkin carving patterns, and more can land you right in the middle of one of these malicious campaigns.
Here is an example of the malicious search results:
Clicking on one of the search links leads us to a fake codec video player page, which prompts us to install a malicious “codec” if the video doesn’t play correctly. Installing the software results in a trojan infection monetized via fake antivirus software.
I was interested in seeing what keywords were being actively targeted, so I analyzed the campaign a bit further…
Here are the top 5 most targeted phrases:
- Halloween costumes
- Halloween decorations
- Halloween ideas
- Adult Halloween costumes
- Free pumpkin pattern
Here is a tag cloud of the top 60 targeted keywords:
This campaign is one of many targeting the Halloween holiday. In addition to this attack, we have also recently observed similar campaigns targeting the “Paranormal Activity 2” and “Friday the 13th” movies.
Tips to Stay Safe Online this Halloween
Basic knowledge, common sense, and an antivirus program will take you a long way in staying safe online this Halloween, but we have some extra tips to ensure a Halloween full of treats and no tricks:
- Only open emails or social network messages received from trusted sources.
- Type URLs directly into the browser – do not click any links included in email messages, social networks or messaging applications – even if they come from a reliable source.
- Do not download or run files that come from unknown sources – especially executable files with Halloween-related names.
- Check that each page you visit is secure – look for the security certificate, usually a small yellow padlock, next to the toolbar or in the bottom right corner of the screen.
- Be wary of any unwanted downloads, even on legitimate sites.
- Make online purchases from sites with a solid reputation and secure, encrypted transactions, and never on a public computer.
- Install an effective security solution installed, like Panda Cloud Antivirus, and keep it updated to detect the latest security threats.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
3 comments
I couldn’t believe there were malware spreading via halloween related words but the 2 entities are kind of related. malware brings terror on halloween. Does it make sense?
Assistência técnica de Electrolux Elevado do Tietê.