Reader Advisory

Some articles posted in The SlickMaster's Files may contain themes, languages, and content which may neither appropriate nor appealing to certain readers. READER DISCRETION is advised.

09 May 2019

Avengers fans, beware: Phishing scammers on the loose following Endgame


05/09/2019 02:20:25 PM



In a span of two weeks, Marvel's latest film Avengers: Endgame has already broken a lot of box records. The finale of this epic-two part movie has attracted a lot of attention, making it as one of the hit names in pop culture phenomenon so far this year.


With the internet world buzzing about The Avengers, so are the crooks and the security brands, as Kaspersky Lab’s content filtering experts have found that cybercriminals could not resist the urge to use the movie for fraud and money theft. One example of this is the creation of no less than a dozen website that offers to fans the opportunity to watch the new Avengers blockbuster free online in advance of national premieres.

It can be done by once a user agrees and clicks on the online-player icon displaying a short scene from the movie's official trailer is shown. After a few seconds, the video stops and the victim is redirected to registration and check out page that contains fields for bank card details including the CVV2 code. The site reassures the user that this is only for validation purposes, to prove that a user is a real person.. However, once the user has filled in the form with their payment details, the criminals can use them for stealing the user’s funds.

“Social engineering methods are aimed at exploiting people’s emotions. An influential and much-loved franchise with an enormous global fan base seems like the perfect target. The temptation to take a few security shortcuts in order to be able to watch a long-awaited movie and not have to worry about spoilers or sold-out tickets can prove irresistible to loyal fans; that is what the attackers prey on,” said Tatyana Sidorina, a security researcher at Kaspersky Lab.

That said, here are Kaspersky's advice for staying safe.
  • Do not click on links in emails, texts, instant messaging or social media posts if they come from people or organizations you don’t know. Always check for suspicious or unusual addresses when any personal or financial information is asked for. The legitimate ones should start with ‘https’
  • Take note that phishers often exploit emotions and the signs that they could be working you include messages that are unduly threatening (warning of a potential fine or other penalties, for example), demand immediate action, ask for vast amounts of very personal and seemingly irrelevant information, or simply sound too good to be true.
  • Have a separate bank card and  an account with a limited amount of money specifically for online entertainment. This will help to avoid serious financial losses if your bank details are stolen.
  • Use a reliable security solution for comprehensive protection from a wide range of threats, such as Kaspersky Security Cloud
To learn more about the Avengers’ related scam, visit Kaspersky Daily.

Author: slickmaster | © 2019 The SlickMaster's Files
Filed by at
Labels: , , , , , , , ,

No comments:

Post a Comment

Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!

Subscribe to: Post Comments (Atom)