Yuletide spam and shopping scams breaking records

by John Callon Email SecuritySecurity Research & AnalysisSpam

Fake Michael Kors shopping site ranks as the highest volume non-malware attack of 2016

Fake Michael Kors site

Global business email traffic passing through Cyren’s cloud security operations is unfortunately reinforcing Scrooge’s initial take on Christmas, as analysis done this week shows that Christmas-themed email is almost entirely commercial or criminal.

Instead of bringing good tidings, it turns out that a whopping 78% of emails this past week with the word “Christmas” in the subject line are spam. Considering that Cyren inspects billions of emails every day, that’s a lot of lumps of coal in inboxes.

And it should surprise no one that emails containing links to fake shopping sites are also clogging your inbox this time of year, with the “fashion spam” category leading the way, trying to induce well-meaning gift givers to visit fake web sites like sneakernnz.com (fake Nike), bootskest.com (fake UGG), and baggoingdae.com (fake Michael Kors).

A spam attack this week for the fake Michael Kors shopping site ranks as the highest volume non-malware attack seen by Cyren’s security cloud this year, that is to say, #1 for attacks not involving malicious email attachments (it’s hard to compete with nearly 40 billion Locky ransomware-infected email attachments distributed in a single day). These sites won’t infect your computer, they’ll just steal your money….

“Traditional” ransomware distribution volumes, by the way, are not up at all – which is actually not good news, since they continue at their normal, torrid pace. It only shows that the criminal gangs behind them don’t take a holiday during the holidays.


Want to learn more about cloud-delivered web security? Contact us here!

Go back