As the excitement and bustle of the holiday season takes hold, merry-makers are under attack with Christmas party and gadget scams promoted through social media and spam, according to Bitdefender®, the award-winning provider of innovative antivirus solutions.
Bitdefender Labs discovered that the series of Christmas party scams lead to identity theft and lots of money losses. Offers for luxury watches are also tempting gift buyers before the holidays, while fake awards for gadgets such as MacBook Air, iPad and iPhone are claiming victims through fraudulent websites.
“Scammers take advantage of the holiday shopping frenzy and spread bogus offers through spam, social media and malicious web search results,” said Bitdefender Chief Security Strategist Catalin Cosoi. “When they receive e-mails with holiday offers for hotels, plane tickets or Christmas parties, users shouldn’t click any of the links or attachments. These “incredible” deals may hide malware, phishing attempts and signal spammers that the e-mail accounts are valid.”
Bitdefender Labs also spotted an increasing number of fraudulent websites such as fake hotels, fake banks and escrow companies. As an example, the Sheraton Skyline Hotel at Heathrow has been reproduced by fraudsters with a similar web page to lure London tourists before the holidays. Another fake hotel is looking for money mules through job scams. The hotel’s phone number is located in the US, while the address takes users to a park in Montreal, Canada.
As divorce lawyers have their busiest days of the year around Christmas, according to several studies, users are also scammed with fake law firm offers. This type of fraud is more targeted than phishing and money is made out of small, gradual attacks.
At the same time, charity scams are spreading through spam campaigns promoting the need to help the children of India. Recession scams also lure users with a tempting message: “If you’re short on cash this holiday, see how Holiday cash can help you make your Christmas Merry – Clicking the link takes users to a page blocked for malicious activity by the Google Safe Browsing diagnostic tool. Hosted on a server in Russia, the domain is listed among those used by attackers to harbor and distribute malware.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.
This article is based on the technical information provided courtesy of Alin Damian, Bitdefender Online Threats Researcher, and Ionut Raileanu, Bitdefender Spam Analyst.