SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Jack o lantern cyber danger halloween suspicious emails social media laptop
#
Malware
#
Phishing
#
Email Security

Halloween scams spike as 63% of festive spam found malicious

Wed, 29th Oct 2025
Author image
By Melania Watson, Interview Editor

Bitdefender Labs has reported a significant surge in Halloween-themed scams, with 63% of such spam activity found to be malicious and aimed at stealing credentials or installing malware.

The research, which analysed email and advertising campaigns between September 15 and October 15, identified a major increase in phishing and scam operations targeting users globally. These efforts by cybercriminals are primarily disguised as festive giveaways, retail offers, or cryptocurrency rewards tied to the Halloween period.

Rising threat levels

According to Bitdefender, the spike in Halloween-themed scams represents the unofficial start of the holiday scam season. Researchers observed that this period often serves as a precursor for increased scam activity running through to the end of the calendar year.

Bitdefender's telemetry showed that the majority of these Halloween-related spam incidents-63%-constituted phishing or scam attempts, with benign marketing emails forming a much smaller proportion. This trend demonstrates a coordinated approach by cybercriminals to exploit the heightened marketing around holidays to obscure their malicious activity.

Multiple attack vectors

Scams during this period spanned across various channels. Emails impersonating well-known brands, including Walmart, Amazon, and Home Depot, promised fake candy boxes, trending skeleton decorations, or costume giveaways. Such messages enticed recipients to phishing sites designed to harvest login credentials or to prompt deceptive payments.

Common subject lines employed in these campaigns included promises such as "Claim Your Free Walmart Halloween Candy Pack" and "Today Only: Free Giant Skelly". Bitdefender noted that some scammers included out-of-context text such as references to photosynthesis within the emails, a technique employed to bypass common spam filters. This approach is rarely seen outside more sophisticated phishing operations.

Geographically, the United States was the primary focus, absorbing 73% of detected Halloween-themed spam, followed at a considerable distance by Germany at 13% and Ireland at 6%. In terms of origin, 67% of this scam content came from servers located in the US, with Germany and Singapore accounting for 5% and 4% respectively.

Malware and social media manipulation

Beyond email, Bitdefender found that sponsored advertisements across Meta platforms, such as Facebook and Instagram, were distributing malware via fake cryptocurrency giveaways. For example, fraudulent promotions for services like TradingView and cryptocurrency-specific bonuses were used to lure users. On clicking the links, targets were redirected to webpages hosting malware concealed as trading tools.

This malware, first tracked by Bitdefender in April 2025, features a modular infection chain that allows it to steal browser cookies, authentication tokens, and details of cryptocurrency wallets. The software also employs evasion techniques to avoid detection by sandbox systems and has a mechanism allowing it to receive updates from a command-and-control server, maintaining its effectiveness over time. European users in countries such as Bulgaria, Croatia, Romania, and Slovenia were particularly affected by this campaign.

Parallel to the crypto scams, Bitdefender observed fraudulent retail ads impersonating brands such as Deichmann and Steve Madden. These ads led shoppers to counterfeit storefronts whose primary objective was to collect payment information fraudulently.

Regional variations

Outside western markets, specific regional scams also emerged. In Japan, Bitdefender identified a "Halloween Jumbo Lottery" phishing campaign, which promised recipients 22 free lottery tickets purportedly worth 6,600 yen. The phishing messages imitated official communications, increasing their perceived legitimacy.

Holiday-driven risk

Halloween scams succeed because they leverage urgency, reward, and emotional appeal. With inboxes and ad networks saturated by legitimate seasonal campaigns, threat actors blend in, creating dangerous opportunities for data theft and malware infections.

Bitdefender has urged consumers to exercise caution during this period, advising users not to click on unverified giveaway links and to verify any promotions independently before taking action. The company points to the utility of its free tool, Bitdefender Scamio, which helps assess potentially suspicious links, emails, and screenshots.

This analysis from Bitdefender Labs indicates that the persistence and adaptability of online criminals remains a challenge for consumers during the holiday period, with lures evolving to match seasonal expectations and marketing trends.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Exclusive: Google on AI-powered attacks & cyber threats in Australia
Hexaware boosts cybersecurity with strategic CyberSolve acquisition
Avanade unveils suite of Microsoft-powered tools for midmarket firms
Ping Identity launches platform to secure & manage AI agents
Gigamon unveils quantum-safe cryptography in GigaVUE update

Top stories

Fortinet unveils Secure AI Data Centre to protect large models
Bitdefender unveils Security Data Lake to cut alert overload
Harnessing the power of ICT to propel your enterprise forward: Five key trends you need to be across in 2026
The cybersecurity imperative for smart factories
Fortinet unveils Secure AI Data Centre with 69% power saving