Easter Sunday is one of the most important festivals in the Christian calendar and it is observed anywhere between March 22 and April 25 each year; this year it falls on March 31. Spam messages related to Easter have begun flowing into the Symantec Probe Network. As expected, most of the spam samples are encouraging users to take advantage of products offers, personalized letters, e-cards, as well as clearance sales of cars and replica watches. Clicking the URL will automatically redirect the user to a website containing some bogus offer.
Figure 1. Spam product offer related to Easter
Spammers are also exploiting the event by sending casino spam email using the name "Easter bonnet". The Easter bonnet represents the tail-end of a tradition of wearing new clothes at an Easter festival.
The following spam sample provides instructions for ways that users can acquire a "bonus".
- "Three different bonuses can produce some extra winnings."
- "Make your deposit and get free spins."
- "Free welcome package up to $500."
Figure 2. Casino spam targeting the Easter bonnet
In the next spam sample, users are encouraged to take advantage of the bogus offers for purchasing a product. By clicking the URL it directs the user to a fake pharmaceuticals website.
Figure 3. Spam website selling fake pharmaceutical products
Figure 4. Personalized letter targeting the Easter festival
Some of the headers observed for Easter related spam can easily be recognized:
- Subject: XXX, Get your Easter savings on all vehicles
- Subject: Shop Easter toys, baskets, plush and more
- Subject: HappyEasterInAdvance,
- Subject: Fun and Unique Easter Gifts
- Subject: Celebrate Easter with a Personalized Gift
- Subject: Easter eCard
- Subject: Easter flowers at exceptional savings - shop now
- Subject: Make the Easter bunny jealous! Easter flowers - from $19.99
- Subject: Challenge Ends Easter weekend
- Subject: Easter is hopping your way...and so are $19.99 bouquets!
- Subject: 25-free spins on xxx this-Easter
- Subject: Letter From Easter Bunny For Your Child
- From: "EasterBunny" <EasterBunny@[REMOVED]>
- From: Personalized Easter Gifts <xxx@[REMOVED]>
- From: "Easter Sale" <xxx.beaches@[REMOVED]>
- From: Easter Flowers <jewel@[REMOVED]>
- From: "Easter Bouquets" <noreply@[REMOVED]>
- From: "The Easter Bunny" <joint@[REMOVED]>
- From: "Easter Letters Online" <xxx@[REMOVED]>
- From: "Easter Clearance!" <xxx@[REMOVED]>
Symantec advises our readers to be cautious when handling unsolicited or unexpected emails. We at Symantec are monitoring spam attacks 24x7 to ensure that readers are kept up-to-date with information on the latest threats.
Wishing everyone a happy and safe Easter!