After several delays and changes, the long awaited Black Widow movie is scheduled to premier this month in movie theatres and on Disney Plus simultaneously, due to restrictions driven by COVID-19.
And with the premiere being shown online, this has fueled interest not only for movie fans, but for cyber criminals and scammers too.
Kaspersky experts have been analysing malicious files disguised as the new Black Widow movie, as well as movie-related phishing Web sites designed to steal users’ credentials, in an attempt to get a clearer picture of how crooks try to monetise viewers’ interests.
According to the company, there has been a spike in infection attempts amid the announced release dates, namely its original release date of 1 May last year, and its rescheduled release date of 7 to 9 July 2021.
Ahead of the premiere, the company’s experts saw the largest numbers of attempts to infect users: 12% before the initial release date in 2020, 13% in April 2021, and 9% in June 2021.
Kaspersky also found a number of phishing Web sites designed to steal viewers’ credentials. In the hope of watching the long-awaited movie, users visited a site showing the first few minutes of the film before being asked to register to continue watching.
During the registration, to confirm their region of residence, viewers were asked to enter their bank card details. After some time, money was debited from their card, and as expected, the film did not continue to play.
“This type of phishing is widespread and considered to be one of the most popular among scammers,” the company says.
Anton Ivanov, a security expert at Kaspersky, says major film releases remain an attractive lure for attackers wantig to spread threats, phishing pages, and spam. Currently, Kaspersky has observed intensified scamming activities around Black Widow, he adds.
“In their excitement to watch the long-awaited movie, viewers have become inattentive to the sources they use, and this is exactly what fraudsters benefit from. These attacks are preventable, and users should be alert to the sites they visit,” he says.
To avoid falling victim to these scame Kaspersky recommends checking the authenticity of Web sites before entering personal data and only using official, trusted Web pages to watch or download movies. Also, to double-check URL formats and company name spellings, and pay careful attention to the extensions of files being downloaded, avoiding files with .exe or .msi extensions.
Share