Cybercriminals have been using the release of Star Wars: The Rise of Skywalker as an opportunity to gain credit card details while also duping unsuspecting streamers into downloading malware. The use of popular TV shows and movies as bait is not a new thing, although thanks to the popularity of the latest installment of the Star Wars franchise, it is proving to be a big draw for criminals as well as movies fans.
Star Wars: The Rise of Skywalker was official released in theaters on December 20. This is Episode 9 of the sequel trilogy and not only completes the current trilogy, but it is also seen as a wrapping up of the Skywalker saga in general. With so much invested in this episode’s storyline, the latest installment is already pulling in viewers at the box office. While those figures are not quite to the level of The Force Awakens or The Last Jedi, The Rise of Skywalker has already passed the $500 million mark in worldwide ticket sales. As part of that haul, The Rise of Skywalker is now the second-highest grossing Christmas Day movie of all time in the U.S., with $32 million taken on the festive day.
A day ahead of the release of the latest Star Wars movie, Kaspersky issued a press release confirming the latest scam attempt. In total, security researchers found more than “30 fraudulent websites and social media profiles” waiting to attack unsuspecting users. The scheme involves advertising the option to watch the latest Star Wars movie online for free. However, to be able to access the stream, users are required to hand over credit card details as part of the registration process. Adding to the attack, users are then provided with a download link. However, the link downloads malware instead of the movie. According to Kaspersky, 83 users had been affected by 65 malicious files by the time it had announced the scam.
How To Avoid The Jedi Malware Trick
While this particular instance focuses on The Rise of Skywalker, it is not an isolated incident. In fact, this is not even the only Star Wars-related incident with Kaspersky noting the saga remains a popular option for cybercriminals. So far in 2019, more than 285,000 Star Wars attacks were identified. This represented an increase of roughly 10 percent compared to the 257,000 attacks noted in 2018. For those looking to protect themselves from a scam like this, the easiest way is to avoid handing over credit card details to sites they are not familiar with, or that are not reputable. For reference, ranking high in a Google Search is not the way to judge a website's reputation.
The researchers explain that part of this scam involves creating websites that utilize “Black SEO” practices to rank high in Google Search for specific terms like “The Rise of Skywalker watch free.” This, along with the creation of social media profiles that also point to the same websites not only help websites to rank higher in Google, but also to add further legitimacy to the sites. In other words, these sites are designed to rank higher and therefore users should avoid assuming the websites Google naturally points to are trustworthy just because Google is highlighting them. Another key protection measure explained by the researchers is to be clearly aware of the type of download file a site is offering. For example, if it is a video download then it should come with a video-related extension and not one like .exe. This is an executable file that launches a software program. Its use should be a clear giveaway that the download is more than just a movie.
Of course, the main way consumers can protect themselves is to be aware of actual release dates. That’s not only the date when a movie hits theaters, but also when it is set to become available to stream online. Using sites claiming to offer a movie for free before those dates, including Star Wars: The Rise of Skywalker, is unlikely to be worth the risk.
Source: Kaspersky