Cybercriminals go for the 'awards' during the recent Golden Globes with malicious files and phishing emails

03/08/2021 01:37:13 PM 

The percentage of users targeted by malware associated with nominated films in January

As we used to say here in the past, cyberattackers lure in the most popular times to and they will join the hype in taking advantage of it.

Why's that so, because TV shows and films are not only sources of entertainment but also an attractive lure for cybercriminals to spread threats, phishing pages, and spam letters. Proving this is the eve of the recently-concluded  78th annual Golden Globes – known as the first international big TV event of the 2021 awards season – as the industry event became a source of interest for cinephiles, film buffs, scammers, and fraudsters alike.

Kaspersky, in an attempt to provide a clearer picture of how cybercriminals try to monetize viewers’ interests, presented the analyzed malicious files behind nominated films as well as movie-related phishing websites designed to steal users’ credentials.

During the first three weeks of January, researchers of this global cybersecurity company observed that 275 users were subjected to infection attempts using files with various threats disguised as best picture nominees. The most popular among these was “The Mandalorian,” accounting for 68% of the infections. Meanwhile, Netflix’s hit series “The Queen’s Gambit” was second bait by the cybercriminals in this rating with 11% of infected users and “Ozark” completed the top three with 6% of users.

The percentage of users targeted by malware associated with nominated films in February 

Almost four weeks later (or 21 February 2021, to be exact), Kaspersky researchers had discovered that the number of users targeted with malware associated with nominated films and series had decreased by almost three times compared to the previous month. In the same time frame, “The Mandalorian'' remained the most targeted feature, while “The Queen’s Gambit” remained in second place. However, there were changes in the percentages of targeted users – 33% and 18% respectively. This also means that the number of infections disguised as “The Mandalorian'' decreased by six times while, while “Ozark'' viewers were safer, cybercriminals’ interest in “Palm Springs” increased and the number of infections increased by three.

Underneath these schemes, Kaspersky experts found a number of phishing websites designed to steal viewers’ credentials, with some even offering to enter bank card details to confirm that the user is located in the exact region where the web resource is licensed to distribute content. Others just redirect to third-party resources. In either scenario, the user is deceived with their data leaked and credentials stolen.

“Films and TV series’ have always been popular baits to spread threats and perform phishing campaigns. However, today we see that cybercriminals have shifted their attention from the film industry. Instead, we discover some interest from threat actors around the most popular shows at that moment, like The Mandalorian. It appears that this great show attracts not only viewers around the world but also cybercriminal interest,” commented Kaspersky security expert Anton V. Ivanov.

An example of a phishing website related to nominees 

To avoid falling victim to a scam, Kaspersky advises users to:

• Check the authenticity of websites before entering personal data and use only official web pages to watch films, series, and shows. Double-check URL formats and company name spellings.
• Pay attention to the extensions of the files that you are downloading. A video file will never have a .exe or .msi extension.
• Use a reliable security solution Kaspersky Security Cloud that identifies malicious attachments and blocks phishing sites.
• Avoid links promising early viewings of content, and if you have any doubt about the authenticity of content check it with your entertainment provider.

Author: slickmaster | © 2021 The SlickMaster's Files