Spammers have been capitalising on the shift towards online Christmas shopping, warns according to Symantec’s November State of Spam report outlines that sales of ‘luxury goods’ and counterfeit brands continue to dominate spam emails as the holiday season approaches. The top ten subject lines between October and November 2009 were:
- Sales receipt from Amazon
- Sales Order from walmart.com
- Incredible sale for luxury goods
- Re: what she wants for Christmas
- Give her luxury this holiday season
- Bling yourself up this Christmas
- Get the perfect gift for Christmas
- Impress your friends this holiday season
- Xmas on-line cookies
- Time limited Christmas promotion
In addition, fake airline ticket spam has also taken off during the holiday season with the promise of cheap deals on airfare used to attract attention from unsuspecting internet users.
British shoppers are expected to spend upwards of £6.8bn online this Christmas, and spammers are desperate to get a slice of the cake. To do this they are crafting subject lines that people are more likely to click on. The top two subject lines indicate that spammers are tricking people into believing that they have a transaction email from two well-known retailers. Although we usually see these types of subject lines associated with phishing or fraud messages, this tactic was actually re-directing users to a bogus online pharmacy site.
Other key findings from the State of Spam report, include a 9 per cent reduction in spam originating from the EMEA since June 2009 (the region now accounts for 25 per cent of all spam).
So how do you best safeguard yourself against falling victim to seasonal spam and phishing attacks:
- Use directions provided by your mail administrators to report missed spam if you have an option to do so
- Delete all spam
- Avoid clicking on suspicious links in email or IM messages as these may connect you to spoofed websites
- Type web addresses directly into the browser rather than relying upon links within your messages
- Always be sure that your operating system is up-to-date with the latest updates, and employ a comprehensive security suite