You Better Watch Out, You Better Not Click: Holiday Movie Threats
Christmas is the perfect time to watch new movies, or re-watch old favorites. Whether you’re snuggling next to the fireplace at home or rushing to nearest theater, there’s no better time to catch some good flicks than during the holidays. Thankfully, the year-end season always offers a chock full of movie options to keep us entertained. However, like film fanatics, the bad guys are also setting their sights on blockbusters to use them as bait to trick unknowing users. It’s no secret that cybercriminals use big news, hot topics, and even popular movies as social engineering lures to get users to click on malicious links from browser searches, ads, and even social media posts.
Before falling for such threats, we’ve made a list (and checked it twice) of some movies that are scheduled for release this holiday season. The movies listed below show that cybercriminals aren’t picky. Regardless of the genre or theme, as long as it's popular, the bad guys will use them to prey on people’s curiosity.
The Hobbit: Battle of the Five Armies
This popular series of sequels to the Lord of the Rings trilogy is raking in big followers and fans. Unfortunately, cybercriminals are looking to cash in on it too. According to our research, here’s what we found:
- Several links and posts shared on social media have been found that leads users to scam sites or download of potentially unwanted programs.
- There are also stand-alone sites that will lead to scam sites and downloading of potentially unwanted programs.
- We have seen other sites that lead to the download of malicious files, in the guise of video software.
Annie
Surely, the trailer for one of the most well-loved family classics did make an impression on movie goers. Likewise, the bad guys have already capitalized on this favored remake. Based on our findings, we found a URL claiming to have the movie available for download.
- Searching for the movie leads to a site that claims to have the leaked movie.
- When clicking the download link, it has several redirections that asks user to update a certain app like flash player or any kind of video player.
- The files are detected as adware.
Mr. Turner
This profoundly stirring movie has already caught the hearts of many curious audiences. Like the two movies mentioned above, cybercriminals are using this movie to lure people to malicious sites. In anticipation, we have found links where users can download the movie. Additionally, here’s more of what we’ve found:
- Torrent links with the movie's title have been found, but upon analysis, the links actually download adware.
- Some sites lead to survey scam sites.
While it could be tricky to spot a scam from a legitimate source, it always pays to be extra vigilant especially when it comes to visiting sites or clicking on links that could lead you to various online threats. Potentially unwanted programs refer to programs installed in computers and other devices that may pose high risks or untoward impact on user security and privacy. These programs could be anything from a social networking program that gets user location and personal details as part of its features, or a game that aggressively displays ads even outside the program itself.
Here are a few tips to help make your holiday movie marathon experience memorable and free of threats.
- Stream and subscribe to legitimate sites and avoid third-party or fake streaming sites.
- Be wary of sharing posts and clicking on links that could propagate scams. Remember, cybercriminals are also after the people on your network.
- Avoid downloading pirated movies as these can lead to scams or malware downloads.
- Think twice before downloading free movies. Users must take note that so-called copies made available online are often fakes or scams. Even worse, these could lead to malware in disguise.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Ransomhub
- Unleashing Chaos: Real World Threats Hidden in the DevOps Minefield
- From Vulnerable to Resilient: Cutting Ransomware Risk with Proactive Attack Surface Management
- AI Assistants in the Future: Security Concerns and Risk Management
- Silent Sabotage: Weaponizing AI Models in Exposed Containers