Spam campaign roundup: The Thanksgiving Day Edition

November 27, 2013

It is that time of the year again where savvy shoppers are in search for the best deals this season. Black Friday is the day following the Thanksgiving Day in the United States and often regarded as the kickoff of the holiday shopping season that extends until Cyber Monday where consumers are expected to shop more online. But in recent years, this holiday shopping extravaganza has been stretched even longer, with retailers offering deep discounts on items weeks ahead of Black Friday. Unfortunately, cyber criminals are taking advantage of this longer shopping frenzy, sending unsolicited advertisements for products and services that often yield to fraud, phishing and even malware.

Over the past week, the Dell SonicWALL threats research team has been following a steady growth in Black Friday and Cyber Monday related spam emails as seen below:

As the Thanksgiving weekend approaches, we have been receiving an increasing amount of holiday related spam emails. These emails have a common theme of trying to lure consumers to click on the links and provide their personal information in exchange for access to special offers and deep discounts. The following are some of the most common email subjects:

  • SAVINGS ALERT: See the Hottest Black Friday Ads Now
  • Gift ahead of Black Friday for You
  • This could aid your Black Friday-shopping
  • Everything is 90% off now - Cyber Monday starts now
  • 40% off + Ship Free! Black Friday begins...

The links on the emails will take users to a spam site which is part of the same affiliate marketing scheme that we have seen in the past. Some of them claim to come from popular department stores promising gift cards or coupons, that when clicked would take you to a URL different from the real merchant's website but has the merchant's branding. They will try to convince users to sign up for different offers while these scammers earn commissions for each successful subscription.

The domain names used in the URLs embedded in the spam emails were just recently created suggesting that they were just created for use in this spam campaign. They were all registered using a domain privacy service to keep the domain name owner's personal information from showing up on global Whois lookups.

We urge our users to always be vigilant and cautious with any unsolicited email and to avoid providing any personal information, particularly if you are not certain of the source.

Dell SonicWALL Gateway Antivirus monitors and provides constant protection against such malicious threats.