Fraudsters are leveraging the latest Spider-Man movie to spread malicious files and phishing pages. The latest of the super hero franchise, No Way Home, came out earlier this week to much fanfare. Scammers are trying to take advantage of the excitement surrounding the new film, with intensified activity observed ahead of its premiere.
Researchers discovered numerous phishing websites pop up ahead of the premiere, purporting to show the movie online. These sites asked users to register and enter their credit card information to access the film, upon which money was debited and payment data stolen by the fraudsters. Unsurprisingly, the victims were unable to stream the feature.
In addition to tricking, criminals are trying to entice Spider-Man fans into downloading malicious files, believing they are downloading the movie. These include downloaders that can install other unwanted programs, adware and Trojans. The latter of these can allow the threat actors to perform actions that are not authorized by the user, such as gathering modifying data or disrupting the performance of computers.
Online streaming of movies and other entertainment has increased considerably since the start of the COVID-19 pandemic, and other big movie releases this year, like Black Widow and the James Bond film No Time to Die, have been similarly leveraged by cyber villains to launch scams and spread malicious files.