Halloween terror tricks: pranks & poisonous treats

halloween.jpg

Trick or treat? Around Halloween there are people who get their kicks by their tricks. It's no different online. Instead of tossing toilet paper in trees in your yard, throwing eggs, or soaping windows, the virtual world is full of terror tricks (pranks) and tainted treats (poisonous links).

Instead of handing out candy, cybercriminals are passing out malware-laden treats. PandaLabs reports on all kinds of Halloween goodies making the rounds, such as rogueware, scareware, or fake antivirus. Here is an image of free printable Halloween party invitations which actually links to a fake codec video player page. When the video won't play correctly, the user is prompted to install an updated (malicious) "codec" which then infects the PC with a virus. Want more Halloween trojan treats? Blackhat SEOs have hidden their poisonous candy in the form of malicious search campaigns. Be ever so careful if you search for any kind of Halloween costumes, decorations, ideas, pumpkin patterns or pictures. Here is a Halloween blackhat SEO tag cloud for more targeted search terms.

Do you have a hot date around Halloween, hoping a horror flick might have you clinging to each other? Or do you simply want to look up information on a scary movie? “Paranormal Activity 2” and Halloween classics like “Friday the 13th” are being used in blackhat SEO attacks so users will download malware. Hollywood movies are frequently exploited trending topics. A virus was probably not the scare you were hoping for before your search.

Want more online fun? Although computer pranks are nothing new, they are "massively distributed in the days leading up to Halloween in order to terrorize users." Some people think these are ever so funny, as in mean funny. Pranks usually come to the victim from a frenemy -- someone that is a "friend" who wants to frighten the snot out of you like an enemy might. It could seem to be a Halloween online greeting card, a video, or a link via social media. Don't download! Once it is installed on the target computer, there are a series of warning screens and messages letting you know that you are infected with a trojan or currently having your computer reformatted. Computer virus hoaxes do not actually infect a PC with malware, but it might scare a person so badly they cry, thinking they might have lost their precious data.

prank.jpg

 This is the "Virus of Doom:"

This prank is to make the poor user believe their computer is haunted.

Guess what? Once Halloween is over, you have to watch out for spammers who are setting up to beat the holiday rush. Despite the recent crackdown on botnets, new botnets are popping up to take their place. 

Virus levels jumped up 111% between August 2009 and August 2010, with a new record of 188 million viruses being blocked in a single day, according to the Official Google Enterprise Blog. "August saw a massive 241% increase in virus volume over July, representing the greatest recorded surge in viral activity since 2008. This recent increase in viral activity could indicate a 'gearing up' as spammers attempt to construct botnets in time for the holiday season and increased consumer spending."

Halloween or not, beware or get an infected scare. Postini, that processes more than 3 billion email messages per day for Gmail, warns to tread carefully when opening any shortened URL. Spammers also like to spoof major brands or send emails that look like a financial transaction message. Even those Non-Delivery Report/Receipt (NDR), when an email bounces and could not be delivered, can hide JavaScript attacks. Celebrity gossip that comes in email is often false and tempts the user to open the attachment. Spammers keep using fake celebrity gossip email and phishing scams that involve a "friend needing help" because users open them. Even the spammers and scammers are into "repurposing" and have been "recycling previously sent emails taken from the hard drives of infected computers." 

Be careful out there. Watch out for muhahaha maliciousness and happy Halloween! 

FREE Computerworld Insider Guide: Five IT certifications that won’t break you
Join the discussion
Be the first to comment on this article. Our Commenting Policies