Kaspersky: "The Joker" topped the list of movies most used by digital criminals to distribute malware.
Popular movies are gaining the attention of digital criminals, and as the "Oscars" approach, their preoccupation skyrockets. To better understand how digital criminals try to exploit our interest in high-profile movies, Kaspersky's researchers looked at the extent to which such scams are taking place.
With more than 20 phishing sites and 925 malicious files crawled under the guise of this year's nominees, the findings show that those looking for a nice night in front of the screen watching a recent blockbuster should be on the lookout for such scams.
Kaspersky has found more than 20 phishing sites and Twitter accounts that offer users the opportunity to watch feature films for free. These sites collect user data and encourage them to perform a variety of tasks in order to gain access to the desired movie. These can range from researching and sharing personal information to installing adware or even providing credit card details. Needless to say, at the end of the process, the user does not get the content.
Candidacyfor Best Picture Oscar
Ford v Ferrari
Once upon a time in Hollywood
The Oscar nominations for Best Picture analyzed by its researchers Kaspersky
An example of a phishing site that collects credit card information
An example of a Twitter account promoting a phishing site
To further support the promotion of fraudulent websites, cybercriminals have also set up Twitter accounts, to which they distribute links to content. Combined with malicious files that spread through different channels, this brings them successful results.
Malicious files spread on the Internet as copies of candidate films also provide an indication of the interest levels of the candidates. Kaspersky's researchers compared malicious activity under the name of the proposed films in the first four weeks after the film's public premiere. As a result, "The Joker" topped the list of movies used - it was the most popular movie among cyber criminals with 304 malicious files named after the Gotham villain. "1917" was in second place with 215 malicious files, the Irishman on Tuesday with 179 files. The Korean movie "Parasite" had no malicious activity related to it.
The number of malicious files detected by Kaspersky products under the guise of candidate films
Kaspersky also looked at whether there was a significant increase in malicious files shortly after the film's public release. This showed that most of the malicious files appeared in the third or fourth week after the film's release in cinemas, although some were distributed even before the premiere.
The number of malicious files detected by Kaspersky products
Kaspersky experts also analyzed whether the availability of a movie on a streaming platform affects the likelihood that users will search for its illegal copy on the Internet, comparing malicious activity after the initial release in limited theaters and actual release on Netflix.
In the case of "Marriage History", no malicious programs were detected before and after the initial release of the film in cinemas. However, cybercriminals began using the film's title after it was released on Netflix, reflecting the interest in the film. In the case of the long-awaited "Irishman", although fewer users found a copy of the film on the Internet, they were more determined to do so - the number of scans after the film's initial limited release in the cinema was released on Netflix.
"Cybercriminals are not bound by the exact dates of movie premieres, as they do not actually distribute any content other than malicious data. However, as they take advantage of trends, they depend on user demand and actual file availability. "To avoid falling victim to criminals, you only use legitimate platforms and subscriptions to ensure you can enjoy a nice night in front of the TV without worrying about any threats," said Anton Ivanov, a malicious software analyst at Kaspersky.
To avoid falling prey to malicious programs that pretend to be popular movies or TV shows, Kaspersky recommends that you follow these steps:
- Pay attention to official movie release dates in cinemas, streaming services, TV, DVDs or other sources.
- Do not click on suspicious links, such as those that promise to show a new movie before it is officially released.
- Check the extension of the downloaded file. Even if you are going to "download" a video file from a trusted source, the file should have a .avi, .mkv or .mp4 extension among other video formats, certainly not .exe.
- Check the authenticity of the site. Do not visit sites that allow you to watch a movie until you are sure that they are legal and that they start with "https".
- Verify that the site is authentic by double-checking the format of the URL or the spelling of the company name, reading reviews about it, and checking the domain registration data before you start downloading.
- Use a reliable security solution