Users have been warned about Halloween-related spam as the annual horror fest approaches.
ESET has warned computer users to be wary of links in email and on social networking sites, even if they have been sent by 'friends'. In particular, director of technical education Randy Abrams said that he expects Twitter to be utilised heavily by criminals looking for an easy way to persuade users to install malware.
Abrams claimed that he would: "be shocked if Twitter is not used extensively to send links to malicious websites. The medium is perfect for this type of abuse and the extensive use of obfuscated URLS makes it so easy to hide the malicious links."
Abrams said: “Yeah, Halloween is around the corner and it is about time for the fake e-cards to make their rounds and the emails with links to 'videos' that are not really videos at all. This happens every year.
“If you receive an email purporting to be an e-card make sure it is addressed to you specifically. Make sure the email comes from someone you know. The next attack will be the fake video. This is the scariest, the grossest, the funniest, the freakiest… 'Hey check this out' and so on. In most cases these links will either tell you that you need a video codec or start a fake scan and tell you that your computer is infected, or both.”
Pointing to the theft and publication of web-based email passwords, Abrams believed that this year there is the chance that messages will be sent from familiar addresses, but said 'but they won't really be the ones who send it'.
“If you receive a link to an e-card, a video, a song, whatever, from someone you know via Hotmail, Gmail, Yahoo mail, any web mail, or from IM or social networking sites, talk to your friend before you click on the link. Make sure it really is the person you know who deliberately sent the link and not an impostor who hijacked their account,” said Abrams.
“Have a safe Halloween and don't take candy, e-cards, videos, or tweets from strangers.”