Scammer's latest tactic to distribute malware and steal credit card information centers on the latest Star Wars movie. According to Kaspersky, bad actors are using so-called ‘black SEO' to lure unsuspected users.
A search for the film returns results for several suspicious sites, claiming to offer the film for free or at a discounted sites. They tie in descriptions, galleries, and fake social media accounts to trick users and search engines they provide content of value.
Needless to say, you aren't going to get your hands on The Rise of Skywalker for some time, even through unscrupulous means. It only just launched in cinemas, so your best bet for Star Wars right now is Disney+'s The Mandalorian.
Despite this, Kaspersky says 83 of its users have been caught by 65 suspicious files disguised as the film. Some of them will have clicked links from social media accounts that link to over 30 fraudulent websites discovered by Kaspersky. Others are from torrents.
Other Star Wars movies appear to be a target, too. Kaspersky says general Star Wars-themed malware attacks have risen by 10% this year, from 257,580 to 285,103. Interestingly, the number of unique files used in those attacks has fallen by 30%, and the number of users targetted by 25%.
Needless to say, you should not enter your credit card details or download a movie from a site you don't already know and trust. Even then, you should check the address bar to make sure it's not a phishing attempt. Basic security principles also apply, such as checking the filetype, having a strong anti-virus solution, and avoiding suspicious links.