In 2021, users have been served more video on demand content than anyone could ever imagine, yet most of us have that one show where we eagerly anticipate new episodes. For many, it is the fifth season of Rick and Morty, a dark adult cartoon, which kicked off on 20 June 2021. And cybercriminals are not shy of taking advantage of fans’ eagerness to watch the show, with well-known (yet, somehow still effective) fraud schemes hitting the web.
To get a clearer picture of how cybercriminals try to monetise viewers’ interests, Kaspersky experts analysed malicious files disguised as Rick and Morty episodes in different languages, as well as sitcom-related phishing websites designed to steal users’ credentials.
Analysing files distributed from June 2020 to June 2021, the company’s experts have seen that fraudsters interested in Rick and Morty is consistent. Kaspersky researchers found about 350 files disguised as the popular show, which all distributed various types of malware – including exploits and sophisticated ransomware.
Kaspersky experts also found a number of phishing websites designed to steal viewers’ credentials. In the hope of watching new episodes of their favourite show, Rick and Morty fans were redirected to other resources to enter personal data. To make the page more believable, scammers showed the first few minutes of the show, after which, users were asked to register by entering personal data and bank card details. After some time, money was debited from the card, and as expected, the episode did not continue to play.
Kaspersky security expert Mikhail Sytnik says: “Cybercriminals are always looking for opportunities to benefit from users’ interest in sources of entertainment. For many years, we observed fraudsters creating fake pages offering to stream or download popular movies and shows – which are especially attractive when the piece of content has been long-awaited. When searching for a new episode of your favourite series it is important to remember the basic rules of digital hygiene. We advise users to check the authenticity of websites before entering personal data and use only official webpages to watch films, series’ and shows.”
To avoid falling victim to a scam, Kaspersky also advises users to:
- Pay attention to the extensions of files you are downloading. A video file will never have an .exe or .msi extension.
- Use a reliable security solution, such as Kaspersky Security Cloud that identifies malicious attachments and blocks phishing sites.
- Avoid links promising early viewings of content and check it with your entertainment provider if you have any doubt about the authenticity of content.