Photo: t3.com
Like with every good movie, Star Wars has two sides to it - the Light and the Dark. Cybercriminals are most definitely from the Dark side, seeing how they often use popular movies to distribute malware.
Star Wars is, unfortunately, no exception. Even way ahead of the premiere, fraudulent websites and malicious files have been swarming all over the internet with their clickbaity lil teeth.
We all love free things, and free entertainment in the form of movies are a hot favourite. Be it streaming, torrents or other methods of digital distribution, we all know someone who does it (or do it ourselves). This makes us prone to cyberattacks, given how torrent-trackers and illegal streaming platforms can host malicious files disguised as movie recordings and files. Kaspersky took the chance to study how Star Wars is being abused by cybercriminals to deceive Warsies, as Star Wars fans are called (is that right?)
According to Kaspersky researchers, they found over 30 fraudulent websites and social media profiles disguised as official movie accounts that claim to distribute free copies of the latest film in the franchise. Unsuspecting users who sign up for the “necessary registration” unwittingly give up their credit card data to these malicious sites.
These domains with hostile intentions often copy the official title of the film, accompanied by thorough descriptions and supporting content, effectively fooling people into believing that the website official. Called black SEO, this practice makes it possible for cybercriminals to promote their malicious websites high up in search engine results, where it can easily gain more traction and unsuspecting clicks.
Social media accounts are also often created by fraudsters, where they share links to the content. Along with malicious files shared on torrents, more than (Obi) Wan got tricked!. As of yet, over 83 users have been affected by 65 malicious files made to look like copies of the upcoming movie.
Phishing isn’t just limited to movies, however. Episodes of popular TV shows are also often disguised as malicious programs. This year, Kaspersky found 285,103 attempts to infect 37,772 victims, which was a 10% increase from last year. Meanwhile, the total number of unique files used to target the users came up to 11,499 - a 30% drop from last year. According to the findings, people still fall prey to these malicious files in hopes of watching the beloved movies for free!
“It is typical for fraudsters and cybercriminals to try to capitalize on popular topics, and ‘Star Wars’ is a good example of such a theme this month. As attackers manage to push malicious websites and content up in the search results, fans need to remain cautious at all times. We advise users to not fall for such scams and instead enjoy the end of the saga on the big screen’ – said Tatiana Sidorina, security researcher at Kaspersky.
Kasperky suggested these steps to avoid falling victim to such scams:
-Pay attention to the official movie release dates in theaters, on streaming services, TV, DVD, or other sources. Don’t click on suspicious links, like those promising an early view of a new film. If your Sith sense tingles, you know something is up!
-Look at the downloaded file extension. It should have an .avi, .mkv or .mp4 extension among other video formats and definitely not .exe.
-Check the website’s authenticity. Make sure that they are legitimate and start with ‘https’ so you don’t get Finn-ished.
-Use a reliable security solution like Kaspersky Security Cloud for extra protection!
Stay safe and be patient for the actual movie, okay? Better Leia and safe than sooner and sorry!
By: Celestine Foo