The Web is dark, and full of phishers

Read time 2min 10sec
Scammers cash in on Game of Thrones return.
Scammers cash in on Game of Thrones return.

The long wait is finally over. After nearly two years, Game of Thrones (GOT) is back on the air for its final season, and cyber criminals are conducting multiple phishing scams to cash in.

ITWeb Security Summit 2019

Eight international keynote speakers are heading to SA to join the local experts and share insights with SA's cyber security community. We have Graham Cluley, independent computer security expert and public speaker; Ofir Hason, CEO and co-founder of CyberGym; and Pete Herzog, MD of the Institute for Security and Open Methodologies. To find out more and to register, click here.

Although there have been many similar tricks, from malware via pirate torrent sites to phishing scams, Check Point researchers recently uncovered the latest in this line of malicious activities bent on taking advantage of unsuspecting fans.

Sites are using the official branding of the show to pose as a legitimate competition for fans to win a gift pack of GOT merchandise. Of course, there is no prize and instead, the site collects as many e-mail and mobile phone details as possible that could be used in future spamming campaigns.

Other sites attempt to dishonestly collect credit card details of users by posing as an official GOT merchandise store.

"While many may claim to be able to tell the difference between a real site and a fake site, the use of well recognised and trusted brands, like Game of Thrones, is the preferred method for encouraging the user that the impersonated e-mail or Web site is trustworthy," Check Point warns.

The fraudulent sites are exploiting the popularity of the brand to display ads, get their hands on personal information, or convince the user to install an unwanted program.

There are also fake streaming sites, asking the user to download a browser add-on and provide personal information, while no streaming content is displayed at the end of the process.

According to Check Point, there are ways to prevent being the next victim of a phishing attack. These include having a good security solution installed and thinking before clicking.

The company suggests hovering over links that might be suspicious before clicking on them to reveal if they really lead to the expected site.

"Make sure a site's URL begins with 'https' and there is a closed lock icon near the address bar, and check the site's domain name is the site you are expecting to visit and trust. If it is not, then you could be about to become the next victim of a phishing scam."

Login with