After a few release date changes due to the pandemic, the world is about to see the long-awaited Black Widow movie. With all the restrictions driven by the Covid-19 pandemic, the organisers decided that the premiere will take place simultaneously in movie theaters and on streaming services. But the premiere moving online has fueled interest not only for cinephiles and superhero fans, but also among scammers and fraudsters.
To get a clearer picture of how cybercriminals try to monetise viewers’ interests, Kaspersky experts have analysed malicious files disguised as the new Black Widow movie, as well as movie-related phishing websites designed to steal users’ credentials.
As a result, Kaspersky experts highlighted spikes of infection attempts amid the announced release dates, namely, 1 May 2020, and 7 May and 9 July 2021. Ahead of the premiere of the super-spy film, the company’s experts saw the largest numbers of attempts to infect users: 12% before the initial release date in 2020, 13% in April 2021, and 9% in June 2021.
Kaspersky experts also found a number of phishing websites designed to steal viewers’ credentials. In the hope of watching the Black Widow movie, users visited a website showing the first few minutes of the film before being asked to register to continue watching. During the registration, to confirm their region of residence, victims were asked to enter their bank card details. After some time, money was debited from their card, and as expected, the film did not continue to play. This type of phishing is widespread and considered to be one of the most popular among scammers.
“Big movie releases have always been a source of entertainment but they are also an attractive lure for cybercriminals to spread threats, phishing pages, and spam letters,” says Kaspersky security expert Anton V. Ivanov. “Right now, we have observed intensified scamming activities around Black Widow, the release of which, fans all over the world have been eagerly anticipating for a long time. In their excitement to watch the long-awaited movie, viewers have become inattentive to the sources they use, and this is exactly what fraudsters benefit from. These attacks are preventable, and users should be alert to the sites they visit.”
To avoid falling victim to malicious programs and scams, Kaspersky advises users:
- Check the authenticity of websites before entering personal data and only use official, trusted webpages to watch or download movies. Double-check URL formats and company name spellings.
- Pay attention to the extensions of files you are downloading. A video file will never have an .exe or .msi extension.
- Use a reliable security solution, such as Kaspersky Security Cloud, that identifies malicious attachments and blocks phishing sites
- Avoid links promising early viewings of content. If you have any doubts about the authenticity of content, check with your entertainment provider.