Apart from malware, offers to watch the online premiere of the Black Widow movie are being used to steal payment card data.
It’s a proven fact that cybercriminals leave no chance to exploit anything of public interest, and TV shows or movie premieres provide them the best opportunities among all.
After getting delayed for nearly a year due to the COVID-19 pandemic, Marvel’s Black Widow movie is finally released in movie theatres and online streaming platforms, which has got the attention of scammers and cybercrooks alike. They are looking to use this opportunity to the best of their abilities and using the movie’s digital premier to spread malware infections.
Kaspersky alerts of Black Widow movie-themed malware
The movie was released in the United Kingdom on July 9th while it is yet to be released in several other countries. However, researchers have identified malicious files under the guise of the new Black Widow movie that are already circulating across the web.
According to the company, several Black Widow-themed phishing sites are operating to steal user credentials. One of the sites analyzed by researchers promised the users an early preview of the movie and to do so they had to register to the website.
During the registration process, users were required to enter their banking card information to confirm their residence region. But, later, they noticed that money was debited from their card while they still didn’t get full access to the movie.
Spike in scams in the name of Black Widow movie
Kaspersky researchers claim that they have observed a spike in the attempts to infect users eagerly awaiting the launch of the new movie.
They discovered this incline in infection attempts initially after the film’s official announcement back in May 2020, around its original release date of November 2020, and the latest in May 2021.
As shown in the image above, since the movie’s release was further delayed to July 2021, cybercriminals are trying to make the most of the confusion surrounding the movie’s release and have launched infection attempts on 13% of streaming services and even launch the movie’s downloadable files.
“Right now, we have observed intensified scamming activities around Black Widow, the release of which, fans all over the world have been eagerly anticipating for a long time. In their excitement to watch the long-awaited movie, viewers have become inattentive to the sources they use, and this is exactly what fraudsters benefit from,” wrote Kaspersky security expert Anton V. Ivanov.
Protect yourself from the Black Widow movie scam?
Scammers aren’t just using phishing websites to trap unsuspecting users but also diverting executable files claiming them to be movie downloads. To stay protected, beware of files that have a .EXE or .MSI extension, because movie files generally have .MP4, .AVI, .MOV, .WMV, or .M4P extensions.
Moreover, pay close attention to the website’s address you have to visit to watch or download the movie. Check the address twice to rule out any foul play, as scammers often make slight changes to the domain or movie name. Lastly, install anti-malware solutions which offer phishing site detection feature.