Spider-Man: No Way Home received such great enthusiasm, since the first trailer was released until the film started showing in theaters around the world. Unfortunately this is used by cyber criminals to launch actions using malware that can steal money.
Kaspersky researchers looked at the intensive activity of online fraudsters ahead of the film's premiere and found many examples of phishing websites set up to steal users' bank details.
To give phishing pages some appeal, the cybercriminals didn't use the official poster from the film, but rather fanart featuring all of the Spider-Man actors. With such posters, cybercriminals want to attract more fans' attention.
It doesn't stop there, the villain urges the victim to watch the latest Spider-Man movie. However, they are required to register and enter credit card information.
Because Spider-Man tickets were sold out in the first week of broadcast, many victims were tempted by the offer and immediately registered without the slightest suspicion.
After that, the money will be debited from the user's card and payment data is collected by the cybercriminals. And of course no pre-screening of the film is available.
Of course, the actions of cyber criminals are not limited to that. They also take advantage of people who like to download pirated movies online.
The pirated Spider-Man: No Way Home was used as a disguise for a malicious file that was hidden. In most of the cases analyzed, Kaspersky researchers found that downloaded files could install other unwanted programs.
In addition, there are also adware and even Trojan malicious programs that can allow cybercriminals to take actions that are not authorized by the user, such as collecting information, changing data or disrupting computer performance.
"Fans' expectations are very high today, even higher than any film. We encourage users to be aware of the pages they visit and not to download files from unverified sites," said Tatyana Shcherbakova, security expert at Kaspersky.
To avoid falling victim to scams and malicious programs, Kaspersky shares tips:
Avoid links that promise to premiere a movie or TV series. If you have any doubts about the authenticity of the content
Check the authenticity of the website before entering personal data and only use official and trusted web pages to watch or download movies.
Double-check the URL format and spelling of the company name
Pay attention to the file extension you download. Video files will never have an .exe or .msi extension
Use a reliable security solution, such as Kaspersky Security Cloud, which identifies malicious attachments and blocks phishing sites
